intel kernel rootkit

https://intel-communities.jive-mobile.com/#jive-document?content=%2Fapi%2Fcore%2Fv2%2Fposts%2F13122
Back

Log InLog in to comment.Using Intel vPro Technology to access a remote NTFS partitioncreated byTerryCutleron Feb 16, 2010 in Intel vPro Expert Center BlogHave you ever walked into a tool room and thought to yourself - "I could make some really cool stuff with these tools".  If that's the case - let me offer some ideas how Intel vPro Technology combined with the Remote Drive Share use-case reference might expand your reach. As you may already know - Intel vPro technology provides out-of-band management such as reliable remote power control, boot redirection, and so forth.   It's a tool, which when combined with some creativity and applied to a situation becomes a powerful solution.   An additional tool is the Remote Drive Share use case reference design available at http://communities.intel.com/docs/DOC-4785.   This is a small Linux-based bootable ISO image to be used with the boot redirection functionality of Intel vPro technology.   The Remote Drive Share example provides a sample ISO image, source to modify\create your own image, and some brief instructions. Okay - let's look at some potential scenarios where this might be helpful:Remote client will not complete boot process - and you need to grab important files off the harddrive before reimagingRemote client has been infected by a rootkit virus... or you need to run a full virus scan\clean outside of the local host operating systemAn errorneous registry setting on the remote client needs to be fixed Are you seeing a trend in the scenarios above?  They all reference a "remote client".   There are tools and processes to address each of those situations - IF you are present at the local PC. Take a look at the following video to see how such scenarios could be addressed remotely using Intel vPro Technology with the Remote Drive Share bootable ISO.  One small clarification to be aware of - the posted Remote Drive Share ISO does not include NTFS-3G or similar components for NTFS partition read\write access.   However, instructions are provided on how the ISO image can be modified to support.   The video is an example of the capability, and more examples on how remote drive share can be utilized (such as obtaining dump files) will be provided soon.Like (0) Send Log in to commentTerryCutleron Feb 18, 2010Another example how remote drive share can be used was recently posted.   Using remote drive share to access a Windows Dump file.... check out http://communities.intel.com/docs/DOC-4826Like (0) Gueston May 17, 2011I tried this on a new DQ67EP Board but the tool stated "An appropriate Intel network adapter was not found on this system. RDS requires this adapter and will now halt." Looks like the kernel has to be updated to support the latest Boards.Like (0) TerryCutleron Aug 16, 2011The updated version of the tool\download supports the latest available network interfaces.Like (0) Tonion Aug 17, 2011Can you provide a download link for the updated version of remote drive share? The above link (doc2875) still points to the old version 2.0 (1040v20.zip). thanksLike (0) TerryCutleron Aug 17, 2011Checking on that.   Noticed that other ISO images available via http://communities.intel.com/docs/DOC-4080 have been updated to support latest generation platforms.    Appears this one was missed in the update.    Inquiries sent to developersLike (0) TerryCutleron Aug 30, 2011It appears the updated version of remote drive share with support for latest generation platforms has been delayed due to internal process.   No ETA at this time.   However, a related tool has been released.   Take a look at Remote Drive Mount - http://communities.intel.com/docs/DOC-18923Like (0) 

https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=17882&ProdId=2101&lang=eng&OSVersion=Windows%207%20(64-bit)*&DownloadType=Software%20Archives


https://downloadcenter.intel.com/SearchResult.aspx?lang=eng&ProductFamily=Software+Products&ProductLine=Chipset+Software&ProductProduct=Intel%c2%ae+Rapid+Storage+Technology+(Intel%c2%ae+RST)


http://www.intel.com/support/chipsets/imsm/sb/CS-029980.htm


http://www.intel.com/support/utilitytools.htm


Intel® Rapid Storage Technology (Intel® RST)


http://www.intel.com/support/chipsets/imsm/sb/CS-012305.htm



Advanced Host Controller Interface (AHCI) is an interface specification that allows the storage driver to enable advanced Serial ATA (SATA) features like Native Command Queuing and hot swap.AHCI is built into chipsets with the following controller hubs:Intel® PCHM RAID/AHCI controller hubIntel® PCH RAID/AHCI controller hubIntel® ICH10R/DO SATA RAID/AHCI controller hubIntel® ICH10D SATA AHCI controller hubIntel® ICH9M-E SATA RAID/AHCI controller hubIntel® ICH9M AHCI controller hubIntel® 82801IR/IO Controller Hub (ICH9R/DO) - RAID and AHCIIntel® 82801HEM I/O Controller Hub (ICH8M-E) - RAID and AHCIIntel® 82801HBM I/O Controller Hub (ICH8M) - AHCI onlyIntel® 82801HR/HH/HO I/O Controller Hub (ICH8R/DH/DO) - RAID and AHCIIntel® 631xESB/632xESB I/O Controller Hub - RAID and AHCIIntel® 82801GHM I/O Controller Hub (ICH7MDH) - RAID onlyIntel® 82801GBM I/O Controller Hub (ICH7M) - AHCI onlyIntel® 82801GR/GH I/O Controller Hub (ICH7R/DH) - RAID and AHCIIntel® 82801FR I/O Controller Hub (ICH6R) - RAID and AHCIIntel® 82801FBM I/O Controller Hub (ICH6M) - AHCI onlyThis applies to:Intel® Rapid Storage Technology (Intel® RST) 


http://www.intel.com/support/chipsets/imsm/sb/CS-015988.htm





Advanced Host Controller Interface

This page has some issuesThe Advanced Host Controller Interface (AHCI) is a technical standard defined by Intel that specifies the operation of Serial ATA (SATA) host bus adapters in a non-implementation-specific manner.The specification describes a system memory structure for computer hardware vendors to exchange data between host system memory and attached storage devices. AHCI gives software developers and hardware designers a standard method for detecting, configuring, and programming SATA/AHCI adapters. AHCI is separate from the SATA 3 Gbit/s standard, although it exposes SATA's advanced capabilities (such as hot swapping andnative command queuing) such that host systems can utilize them.As of October 2010, the current version of the specification is v. 1.3.

Operating modes

Many SATA controllers offer selectable modes of operation: legacy Parallel ATA emulation, standard AHCI mode, or vendor-specific RAID (which generally enables AHCI in order to take advantage of its capabilities). Intel recommends choosing RAID mode on their motherboards (which also enables AHCI) rather than AHCI/SATA mode for maximum flexibility.[1] Legacy mode is a software backward-compatibility mechanism intended to allow the SATA controller to run in legacy operating systems which are not SATA-aware or where a driver does not exist to make the operating system SATA-aware.

Operating system support

AHCI is supported out of the box on Windows Vistaand newer versions of Windows, Linux-based operating systems (from kernel 2.6.19 onwards),OpenBSD (version 4.1 onwards), NetBSD, FreeBSD,OS X, eComStation (version 2.1 onwards), andSolaris 10 (8/07 and onwards).[2] DragonFlyBSDbased its AHCI implementation on OpenBSD's and added extended features such as port multiplier support. Older versions of operating systems require hardware-specific drivers in order to support AHCI. Windows XP does not provide support out of the box.

Boot issues

Some operating systems, notably Windows Vista and Windows 7, do not configure themselves to load the AHCI driver upon boot if the SATA-drive controller was not in AHCI mode at the time of installation. This can cause failure to boot, with an error message, if the SATA controller is later switched to AHCI mode. For this reason, Intel recommends changing the drive controller to AHCI or RAID before installing an operating system.[1] (It may also be necessary to load chipset-specific AHCI or RAID drivers — from a USB flash drive, for example — at installation time.)On Windows Vista and Windows 7, this can be fixed configuring the msahci device driver to start at boot time (rather than on-demand). Setting non-AHCI mode in the BIOS will allow the user to boot Windows, where the required registry change can be performed. The BIOS can then be changed to AHCI.[3]On Windows 8 and Windows Server 2012, the name of the controller has changed from msahci tostorahci,[4] and the procedure to upgrade to the new controller to it is similar to that of Windows 7.[5]On Windows 8 and Windows Server 2012, changing the SATA mode to AHCI without updating the registry will make the boot drive inaccessible.A similar problem can occur on Linux systems if the AHCI driver is built as a module, rather than included in the kernel, as it may not be loaded into the initrd (initial RAM disk) created when in legacy mode; the solution is to build a new initrd containing the AHCI module.[6][7]

Power management

Power management is handled by the Aggressive Link Power Management (ALPM) protocol.

See also

Open Host Controller Interface (OHCI)Universal Host Controller Interface (UHCI)Enhanced Host Controller Interface (EHCI)Extensible Host Controller Interface (XHCI)Wireless Host Controller Interface (WHCI)Host controller interface (USB, Firewire)

References

"Intel Matrix Storage Technology - Changing and/or choosing Serial ATA Modes". Intel. Retrieved 2007-09-30."What's New in the Solaris 10 8/07 Release - Driver Enhancements". Oracle. Retrieved 2010-10-20."Error Message when you start a Windows 7 or Windows Vista-based computer after you change the SATA mode of the boot drive: "STOP 0x0000007B INACCESSABLE_BOOT_DEVICE"". Microsoft. Archived from the original on 24 May 2011. Retrieved 2011-04-20."StorAHCI replaces MSAHCI (Windows)". Microsoft."Improving performance of SATA drives on Windows 2012"."How to ADD one module to initrd using mkinitrd". ServerFault. Retrieved 2011-04-20.[unreliable source?]"SATA disks as AHCI". FedoraForum. Retrieved 2011-04-20.[unreliable source?]

External links

"">Home Articles Topics Networking

LAN WAN PAN MAN: Learn the Differences Between These Network Types

By David Delony, November 18, 2013Takeaway: LAN, WAN, PAN, MAN - All of these networks may sound confusing, but you'll find the concepts self-explanatory once you understand the meaning behind each acronym.Source: Flickr/pascal.charestIf you're new to networking technology, you may feel like you're dipping your spoon into a bowl of alphabet soup. LAN, WAN, PAN, MAN - What do they all mean? This article will help you sort out all of these terms.Fortunately, once you learn what the terms mean, it's easy to comprehend how they work. The key difference is the geographical areas they serve.

Local Area Network (LAN)

LAN stands for local area network. It covers, as the name suggests, a local area. This usually includes a local office and they're also pretty common in homes now, thanks to the spread of Wi-Fi.Whether wired or wireless, nearly all modern LANs are based on Ethernet. That wasn't the case in the 80s and 90s, where a number of standards, including NetBEUI, IPX and token ring andAppleTalk. Thanks in large part to its open technology, Ethernet rules supreme. It's been around since the early 70s and isn't going away anytime soon.There are two ways to implement Ethernet: twisted-pair cables or wireless. Twisted pair cables plug into switches using RJ-45 connectors, similar to phone jacks. (Remember those?). Cables plug into switches, which can be connected to other networks. A connection to another network is a gateway that goes to another LAN or the Internet.The other popular Ethernet access method is over Wi-Fi under the IEEE 802.11 standard. Almost all new routers can use the b/g/n standards. IEEE 802.11b and g operate in the 2.4 Ghz spectrum, while n operates in 2.4 and 5 Ghz, allowing for less interference and, thus, better performance. The downsides to wireless are the potential for interference and potential eavesdropping.

Wide Area Network (WAN)

WAN, in contrast to a LAN, refers to a wide area network. The name is exactly what it sounds like: a network that covers an area wider than a LAN. Beyond that, the definition is less clear. Distances can range from a network connecting multiple buildings on a corporate or college campus to satellite links connecting offices in different countries. The most popular WAN is the one you're using to read this article: the Internet. It's actually a collection of other networks, including other LANs and WANs - hence, the name.WANs can be wired, using fiber-optic cable, for example, or wireless. A wireless WAN might use microwave or infrared (IR) transmission technology, or even satellite. Laying fiber may make sense when connecting a campus but becomes more expensive when connecting greater distances. To save money, an organization may opt for wireless technology or lease lines from a third party.

Virtual Private Network (VPN)

Another method that has become popular in recent years is the use of a virtual private network, or VPN. It uses the Internet to allow people to log into a network remotely and access its resources, but encrypts the connection to thwart eavesdroppers. If your company sets you up with a VPN, you can access your corporate intranet, file servers or email from home or a coffee shop - just as if you were using it in your office. This makes VPN a popular way to support remote workers, especially in fields where privacy is paramount, such as healthcare. Windows,Mac OS X and many Linux distributions can act as VPN clients right out of the box.Remote desktop virtualization takes this process even further. The entire desktop and applications run on a remote server, and are accessed from a client, which can run on a conventional laptop or even on mobile devices such as tablets or smartphones. This makes virtual desktops great for supporting BYOD (bring your own device) schemes. If a device is lost or stolen, the data is safe because it lives on a central server. Citrix and VMware are the biggest known vendors of virtual desktops.

Personal Area Network (PAN)

PAN stands for personal area network, and again, it's exactly what it sounds like: a network covering a very small area, usually a small room. The best known wireless PAN network technology is Bluetooth, and the most popular wired PAN is USB. You might not think of your wireless headset, your printer or your smartphones as components in a network, but they are definitely talking with each other. Many peripheral devices are actually computers in their own right. Wi-Fi also serves as a PAN technology, since Wi-Fi is also used over a small area.

Metropolitan Area Network (MAN)

A metropolitan area network (MAN) (not to be confused with "manpages" in the Unix and Linux world) connects nodes located in the same metro area. For example, a company located in the San Francisco Bay Area might have its buildings in San Francisco, Oakland and San Jose linked together via a network.One of the most common ways for organizations to build this kind of network is to use microwave transmission technology. You might have seen a microwave antenna on a TV news van, extended high in the air, beaming video and sound back to the main TV studio. It's also possible to wire buildings together using fiber-optic cable, but as with WANs, most organizations that use wires will lease them from another carrier. Laying cable themselves is quite expensive.In the past, organizations that had a MAN used asynchronous transfer mode (ATM), FDDI orSMDS networks.As you can see, although these types of networks may sound confusing, once you learn the meaning behind the acronyms, you'll find that the concepts are really self-explanatory.inShare4Print PrintTags: Networking Networking Hardware Related Terms: LAN MAN PAN VLAN WAN

About David Delony

David Delony is a Bay Area expatriate living in Ashland, Oregon, where he combines his love of words and technology in his career as a freelance writer. He's covered everything from TV commercials to video games. David holds a B.A. in communication from California Sate University, East Bay. Full BioFacebookLinkedInGoogle+Contact

Never Miss an Article!

Subscribe to our free newsletter now - The Best of Techopedia. 

Connect with us

    

Email Newsletter

Join over 135,000 IT pros on our weekly newsletter.

Newest Articles

Don't Mess This Up: How to Implement Cloud Computing

4 Technology Lessons Learned Fighting a Health Crisis in Africa

Why the First Rollout of HealthCare.gov Crashed, an Architectural Assessment

5 Things You Need to Know About HTML5

I Hear Dead People? Natural Language Tech Makes Past and Present Voices Come Alive

Mobile Device Management vs. Mobile Application Management: The Big Fight Continues

6 Cool Ways Companies Are Using Google Enterprise

Why Do We Need User Acceptance Testing (UAT)?

Social Chatter: Should Your Company Be Listening?

Mobile OS Wars: Samsung Introduces Tizen

Quotes

E-mail is not a threat. (Postal mail) is universal. The Internet is not.

- USPS spokesperson Susan Brennan, in a 2001 Wired article.WHITE PAPERSHow WAN Optimization Can Drive Top-Line Revenue: A convergence of potentially conflicting trends is creating a perfect storm for IT professionals ...9 Guidelines on How to Choose the Proper Business Ethernet Service: Learn how to select the most optimal business Ethernet service in this 9 step guide that will sho...Learn the Best Practices for Virtualization to Get the Most Out of Your Budget: Learn why certain current practices for data protection are costing your organization money and l...View More researchTechnology Terms: #   A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z  Home | Advertising Info | Write for Us | About | Contact UsCopyright © 2010 - 2013 Janalta Interactive Inc. - Terms of Use - Privacy PolicyJanalta Interactive Sites: ForexDictionary.com | Testopedia.com | Divestopedia.com | Zideate.comsign-injoin techopediahomedictionaryarticlestutorialsnewslettersfree resourcesTermsArticles Menu




Kernel: It provides basic level control over all of the computer hardware devices. Main roles include reading data from memory and writing data to memory, processing execution orders, determi