who cares? a processor has no storage capabilities so none of this data can be tracked if you're using a live boot OS. Turn on wireshark and look for packets leaving to intel, you wont find any.
This is ring-1 we're talking about. Nothing will be shown on Wireshark because those packets never reached the host OS. It's a self-contained system. If you're gonna take a look at the packets you need to do it at the router level.
Sure, a test setup would be run linux on a separate machine setup as your default gateway and then send all your traffic from the suspect computer to the linux machine and have the linux machine inspect the traffic before routing it out to the internet. This would allow you to see all the data leaving that PC.
view the rest of the comments →
carlip ago
who cares? a processor has no storage capabilities so none of this data can be tracked if you're using a live boot OS. Turn on wireshark and look for packets leaving to intel, you wont find any.
NarrativeControl ago
This is ring-1 we're talking about. Nothing will be shown on Wireshark because those packets never reached the host OS. It's a self-contained system. If you're gonna take a look at the packets you need to do it at the router level.
carlip ago
Sure, a test setup would be run linux on a separate machine setup as your default gateway and then send all your traffic from the suspect computer to the linux machine and have the linux machine inspect the traffic before routing it out to the internet. This would allow you to see all the data leaving that PC.
albatrosv15 ago
Ettercap.
Cincosiber ago
And this can intercept the raw packets without them reaching ME first for cleansing?
albatrosv15 ago
Nope.