Security Basics mailing list archives
Re: FAX a virus
From: anonymous () email com
Date: 1 Mar 2007 19:31:08 -0000
Perhaps something along these lines: Dependant on resolving the phone number to an IP address of course, but once that information is found either through social engineering or voip probes you could use nmap to find which port is working as the fax reciever then attempt to determine the type of fax machine and from there if you knew assembly could *possibly (if the fax machine allowed remote firmware upgrades) rewrite the firmware of the machine itself but a more practical method would be to temporarily store information in the buffer of the fax machine (this would cause garbage to be printed for one thing which would be a big annoyance). And from what you have described from your setup the software itself may be vulnerable to memory bounds checks etc. You would want to research the software using lists such as this if you are truely afraid of vulnerabilities in your fax application. Again this is more theoretical then practical but you get the idea. --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- FAX a virus Alcides (Mar 01)
- RE: FAX a virus Scott Ramsdell (Mar 02)
- Re: FAX a virus Robert Wesley McGrew (Mar 02)
- RE: FAX a virus Craig Wright (Mar 06)
- Re: FAX a virus Shreyas Zare (Mar 07)
- Message not available
- FAX a virus - Rhetorical and logical Fallacies Craig Wright (Mar 07)
- RE: FAX a virus - Rhetorical and logical Fallacies Steven Hess (Mar 07)
- Re: FAX a virus Robert Wesley McGrew (Mar 02)
- RE: FAX a virus Scott Ramsdell (Mar 02)
- <Possible follow-ups>
- Re: FAX a virus anonymous (Mar 02)
- RE: FAX a virus Craig Wright (Mar 06)
- RE: FAX a virus Nick Duda (Mar 06)
- RE: FAX a virus- a PS Craig Wright (Mar 06)
- RE: FAX a virus Craig Wright (Mar 06)
- RE: FAX a virus Craig Wright (Mar 02)
- RE: FAX a virus Craig Wright (Mar 06)
- FUD, risk and videotape... Craig Wright (Mar 06)
- Re: FAX a virus wesley (Mar 06)
- RE: FAX a virus Craig Wright (Mar 06)
- RE: FAX a virus Craig Wright (Mar 07)
- Message not available
- RE: FAX a virus Craig Wright (Mar 07)
- Message not available