Penetration Testing mailing list archives
Re: [PEN-TEST] Penetration Testing and Van Eck Scanning
From: David Taylor <taylord () INFOSECURE COM AU>
Date: Thu, 9 Nov 2000 14:53:20 +0800
Hi all, This is something that I have looked into in a little detail (from a theoretical perspective of course). First thing is a note on anti-TEMPEST fonts. These are created by running a low pass frequency filter over the bitmap of each letter in the horizontal direction. TEMPEST/V-E devices pick up high frequency EM (like sharp edges, or square waves) much more easily. If you soften the hard edges on a text character, the EM signature is greatly reduced and can't be seen properly in TEMPEST/V-E. Have a close look at PGP's secure fonts - it is sometime possible to see the softening effect. Second thing is a note on range. This mostly comes down to antenna design and the quality/resolution of the V-E gear. Newer monitors run at a higher refresh rate and higher pixel resolution. These would require an antenna designed for correspondingly higher frequencies. These higher frequencies degrade more quickly over distance, so the range is reduced somewhat, but since the early 80's the quality of signal filters and low-noise amplifiers has increased also, helping the V-E user. Final note is one on application. As somebody mentioned, this technology is not just appropriate to monitor emanations. It is equally possible to intercept RS232 serial signals or pretty much any other digital signal. Monitors are a good choice though, as they run on very high voltage and tend to leak lots of EM. I have heard stories of people using TEMPEST to listen to RS232 from keypads and card readers in ATM machines. With regard to Johann's initial email - it would be theoretically possible to set this up as part of a P-test (discounting the legality issues) but it would be a very expensive and time consuming exercise. Regards, Dave Taylor
Current thread:
- [PEN-TEST] Penetration Testing and Van Eck Scanning Johann van Duyn (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Rob Shein (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Greg (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning David Taylor (Nov 10)
- <Possible follow-ups>
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning David Alexander (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Paweł Krawczyk (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Johann van Duyn (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Deus, Attonbitus (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Cornali, Remo (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Cornali, Remo (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning batz (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Bys, Cory (Nov 09)
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning ISSO (Nov 09)
- Message not available
- Re: [PEN-TEST] Penetration Testing and Van Eck Scanning Alex Butcher (Nov 11)
- Message not available