Cisco creates an open source tool to protect the boot sector from attacks

Hardware security padlocked circuit

Cisco has created a protection system against attacks directed towards the master boot record open source. This tool can block ransomware and other malicious programs that want to infect said MBR sector. Although it is a tool intended for Microsoft Windows operating systems and this is a Linux blog, but we usually give news about free and open source software in general.

The tool in question it's called MBRFilter and it works by signing the disk system and putting the sector in read-only mode so that it can only be read and prevents third parties with malicious intent from writing code to it for other dubious purposes. The good news is that Cisco has created it under the open-source philosophy and in versions for both 32 and 64-bit. You can explore the code by accessing the project page on Github. 

Although we now live in the UEFI era, for those who still do not know what MBR is or has been (in systems with BIOS), say that it is a necessary sector of the hard disk and that it contains an executable code stored in the first hard drive sector to be able to launch or boot the boot loadero boot loader of the operating system (in this case Windows). Information about the disk, partitions and the file system with which it has been formatted resides there.

Well, it is this privileged sector where many thugs have been set to carry out their attacks and make the malware reside in that area, causing problems on infected computers that did not have an easy solution. In some cases it was necessary to format the computer or in the best cases make use of certain tools to get rid of these annoyances that remained hidden for many antivirus (see bootkit or boot-level rootkits). Now Cisco wants to avoid this with its tool and provide a little more security ...

 


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.