OnDoc
| sign
in
up
~
pub
|
pdf
txt
html
toc
url
|
<<
>>
1
2
3
4
5
6
7
8
~
92
Table of Contents
Contents
List of Figures
List of Tables
List of Listings
List of Abbreviations
Introduction
Remote management
Problem to be addressed by this thesis project
Importance of this thesis
Corporations adopted Intel AMT
Related work
Thesis structure
Intel AMT architecture
Platform architecture
System power states
Interface types
Remote access interfaces
Local access interface
Architecture features
Discovering IT assets
Remote repair of systems
Viruses and rootkit protection
Infrastructure
IDE-R and Serial over LAN features
Intel AMT Releases
ME firmware upgrade
AMT assigned network ports
Configuration methods
Zero touch configuration model
Setup and configuration models
SMB provision model
Connecting to an Intel AMT device
Security analysis of Intel AMT
Chapter overview
Lab environment
Bypassing Intel AMT's local access restrictions
SMB setup mode vulnerability
SMB countermeasures
IDE-R and Serial over LAN vulnerability
HTTP digest authentication scheme
Introduction
How digest access authentication works
How Intel AMT handles HTTP digest access authentication
Intel AMT password policy
Exhaustive password policy
International keyboards on AMT MEBx
Keyboard mapping implementation fault
Password-based authentication to Intel AMT: attack scenario
Cracking process
John the ripper patch
Patch for AMT
Creating the password string
Results
GPU cracking scenario
Remote provisioning
Introduction
Remote provision certificate fingerprints
Certificate fingerprint
Intel AMT remote provision configuration
Intel AMT remote provisioning: attack scenario
Vulnerability: ZTC implemented when AMT is disabled
Mobile version of AMT
How mobile AMT works
Activating AMT mobile version
Implementation fault
Wireless attacks on AMT
Attack types
Confidentiality attacks
Integrity attacks
Availability attacks
Intel AMT Privacy threat
Privacy protection mechanisms in AMT
End user notification
Privacy concerns from publishers and end-users
Conclusions and Future Work
Conclusions
HTTP digest access authentication issues
Mobile version issues
Gratis hardware rootkit
Recommendations
Future work
Appendices
Vendor e-mail communication
Bibliography