Contents

Background 3

Construction 4

Model 1 - Contacts 4

Theory 4

Construction 4

Model 2 - Pressure Switch 6

Theory 6

Construction 6

Model 3 - PLA and VHDL 7

Theory 7

Conclusion 7

References 8

PGP Key 8

Background

When I bought my ASUS P3C-E motherboard, I was so excited about its chassis intrusion detection capability. But then, I learned you needed special hardware. Damn! Well, a few months and college classes later, I got the crazy idea to build that hardware system. So, I brought out and dusted off my old manual for the board (thank god for being a pack rat, eh?), and flipped to page 40. An excerpt: “[The Chassis Intrusion lead] is for a chassis designed for chassis intrusion detection. After-market toggle switches may also be installed to the chassis panel or on any removable components. Two wires should be available from the chassis to connect to this lead. When any chassis component is removed, the circuit should open and the motherboard will record a chassis intrusion event. ... If the chassis intrusion lead is not used, a jumper cap must be placed over the pins to close the circuit.”

Upon up close investigation, this is what that lead, with jumper, looks like (fig 1). Notice the jumper is over the chassis signal lead and the ground lead.

This means the chassis signal is an active low input. So, in other words, when the chassis signal is grounded, the CIDS in the motherboard registers the chassis as secure. Unless you are powering chips (74 series NAND gates and Inverters can be used to watch multiple panels and/or components, or you can program a PLA with VHDL and use it).

Construction

Model 1 - Contacts

Theory

Since the chassis signal is active low, all we have to do is act like a switch on the ground and chassis circuit. So, you can ignore the +5V lead and use a two pin connector (like for a reset switch). When any chassis component in the loop is removed, the circuit is opened, and the signal is no longer grounded, registering an intrusion in the motherboard.

Construction

Find a few old connectors from the panel on your chassis to the motherboard. A four pin connector would be ideal, but make sure it has four wires to go with it, or you can't use it. I didn't have one, so i constructed one from two - two wire connectors (all you have to do is glue them together). Make sure it looks something like figure 2.

Notice only three of the four wires will be used, make sure the arrangement matches the lead digram above (figure 1). If you glue it, don't use too much glue, as it may get in the way of the contacts inside the connect, or jam it up. To make sure you, or no one else, hooks the system up backwards later, fill the unused hole with super glue.

While you are waiting for this to finish (if you are), start constructing contacts for the system. You will need a soldering iron, copper/gold/aluminum foil, solder, and 22 awg solid wire, and flux, or else soldering will be very hard. I used copper foil for my prototype. Get the stuff used for stained glass, as it has adhesive on the back which is just what we need. Before you set this up and get frustrated if it doesn't work, test the strip with a multimeter to see if it conducts electricity enough.

A good way to solder, is to get a variable control, and set the iron up so that it cuts through the solder like a hot knife through butter. Bend the end of the wires perpendicular, or in a loop, so the flux will bead up right where we want it. See figure 3.

Solder the wire to the far end of your foil strip so you have plenty of room for contact. A good length for the foil is about two inches long, so you can bend it around corners and such. Now, connect one contact wire to the Ground from figure 2 and the other to the chassis signal from figure 2. Make sure the chassis contact stays protected from the outside, or else someone could ground it (or your case) and your system would be defeated.

I connected my ground to the outside panel, and the chassis signal to where it comes into contact with the main box. That seemed to work. When someone opens the case, the circuit should be broken, and the motherboard will log an intrusion. All the intrusion logs are available via a DMI application like Intel's LANDesk Client Manager (LDCM) software. If you know of any others (esp. for linux) email me.

Model 2 - Pressure Switch

Theory

This uses a pressure switch type system to make sure all the panels are still attached to the actual box. For this system, get as many old reset switches from old computers or Radio Shack as you have panels. I have 4 (front, left, right, and top), but I only installed one switch, on the main panel. The simplest way to connect more than one switch, is to connect them in series.

Construction

This one is easy. Just connect the switch to the chassis signal and ground leads from figure 1. In other words, replace the jumper that is installed with the switch. The hard part is this: glue or conenct the switch to the box permanently, in such a way that it will be pressed (or closed) as long as the panel is on, and will stop being pressed (or open) when the panel comes off. To do this, I super glued it to the drive bay (there was just enough spacing for the switch to work). Make sure you try it before you glue, or you may have a permanent fixture in your box that you wont be proud of. This is the system I am currently using.

Model 3 - PLA and VHDL

Theory

Write some VHDL code that will take a series of active low imputs and output a logic 0 if all is well and a logic 1 if the case is open. This is simple in concept, but may be hard in practice, especially to make is scalable. But given time, any electrical engineer with a chip programmer should be able to do this.

Conclusion

Building this system has been a fun and exciting experience. I could not find any DMI applications for linux, so I have no way of testing it to see if it worked, so if you build this, be sure to email me and let me know if it worked. The concept is simple and it is logical that any major corporation concerned with security should have stuff like this. If anyone is so interested, I would be willing to program VHDL for the model 3 chip and license it out to anyone for a small price. My public key is attached with this document, if its not there, get a fresh copy from genbukan.no-ip.com or www.darkie.net.

References

PGP Key

An detached signature file is called cids.sxw.sig or cids.html.sig depending on what version you are reading.