>> what is the types of processes to protect from RAM pilfering? I have to
>> admit I never thought this one.
>>
>> http://www.theregister.co.uk/2009/12/09/ram_scraper_credit_card_theft/
> Considering "...The RAM scraper dumped the contents of the server’s
> live memory into a file named dumper.dll in the Windows system
> subdirectories..." it (the scraper) must have had at least local admin
> access, if not system access, in order to write a file there (unless
> security was thoroughly hosed on the system in the first place).
>
> Wouldn't simply zeroing out the buffer that held the data mitigate
> something like this? Is that too easy? I know security-savvy
> programmers are rare but it seems like an easy win.
The solutions are already there.
Hmm... if it is a POS terminal, why wouldn't it:
1) be locked down to only allow running of the POS application, and
2) have "file-integrity monitoring software to alert personnel to
unauthorized modification of critical system files, configuration files, or
content files;" [11.5]
--Keith
Keith Young, Security Official
Department of Technology Services
Montgomery County, Maryland
phone - (240) 777-2955
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
