1

Following from: here,

Let's say you have a server at a data centre, but a hacker manages to find a way in and has access to your server. What are the attack possibilities regarding Direct Memory Attacks (DMA) attacks?

Are there any known attack and defence mechanisms to a system once physical access has been gained?

My server is running Ubuntu 16.04, and I like to perform some attacks myself for educational purposes.

The question is a bit broad, however, I am hoping for practical answers, such as:

"You can look at PCIleech: https://github.com/ufrisk/pcileech"
Kevin C
  • 151
  • 6
  • 1
    *"Are there any known attack and defence mechanisms to a system once physical access has been gained?"* As the adage goes, once the attacker has unrestricted physical access to your computer, it's not your computer anymore. – user May 17 '18 at 08:52
  • ... This is not the question – Kevin C May 17 '18 at 08:57
  • *"This is not the question"* So what *is* the question? – user May 17 '18 at 09:10
  • Ultimately, the attacker could just pour water on the server and take it offline, unless you do not care about availability. – jrtapsell May 17 '18 at 09:13
  • Similar post: https://security.stackexchange.com/questions/185966/possible-physical-interface-attacks-of-bmcs-on-a-server – jrtapsell May 17 '18 at 09:24
  • That is for BMCs, not DMA – Kevin C May 17 '18 at 09:36
  • I know that you really want to break down this problem, but you are asking how to secure a door from fire damage when the house is on fire. It doesn't really matter if the door survives when the walls are piles of ash. Also, the link you provided includes mitigations. Can you explain why those details are not sufficient for your needs? – schroeder May 17 '18 at 16:18
  • I know, and that is exactly my goal. I am doing a survey of physical attacks on a server. So my interest is the attackers point of view. I hope for answers which are pointers towards practical attacks on a server, as many as possible, not just a single one. – Kevin C May 17 '18 at 16:41

0 Answers0