|
|
|
|
|
|
by sweis
5071 days ago
|
|
|
There is the ability to protect memory from malicious devices with IOMMU, but it is often disabled by default. My experience with DMA attacks via Firewire or Thunderbolt is that they work out of the box. Inception is a nice tool to play with if you want to try out DMA attacks:
http://www.breaknenter.org/projects/inception/ You may also want to check out the Volatility forensics framework:
http://code.google.com/p/volatility/ |
|
|