Full Disclosure mailing list archives
Re: Viral infection via Serial Cable
From: James Tucker <jftucker () gmail com>
Date: Mon, 30 Aug 2004 22:24:51 +0100
I might also suggest that it is likely (although not guaranteed, maybe ask the manufacturer) that the application will put a full lock on the RS232 comms, and as such, a virus could only transfer data to the OS / program if the lock was removed (program was closed). As for viral infections via this route in more general terms, anyone ever tried hacking a serial port thats not running an app on the other end? Good luck hacking the black hole of a dead end. Of course it would be quite amusing now if a virus was written to break in there, a DoS caused by a CAD/CAM laser burn down of the building :S If the software can run over the network, and that is why you are considering using the NIC then you might consider using the IPSec settings to close all ports except the one used by the cutting application. I would not recommend installing updates or software, as it is likely that the machine is built for stability, changes may alter that stability too (as is typical with such software in my experience). On Mon, 30 Aug 2004 14:54:14 -0400, Über GuidoZ <uberguidoz () gmail com> wrote:
Very interesting situation. To be honest I've never tried to experiment with such a setting in a virus lab, however I do know that viruses can travel via any electronic means of communication. Back before RJ-45 jacks were used much, NICs had serial or BNC plugs instead. Viruses traversed through them just like they do today. It completely depends on the communication setup I suppose. Granted, I doubt your everyday worm would be able to make the jump via specialized instructions to the serial outlet, however if something was programed to do such a thing, I'm sure it's possible. If it's just connected to the LAN as a PC, then you have a lot more to worry about obviously. (Depending on the network protocol, there may be little limitations at all.) Are you able to update this Windows 2000 install? Is it extremely customized for this laser, or does the laser software just work on Windows? ~G On Mon, 30 Aug 2004 19:35:25 +0200, Jean Gruneberg <gruneberg () absamail co za> wrote:Hi all OK - here is a basic question - sorry if this is totally clueless. I have a client who runs a heavy engineering shop. To date all his computerised punches and bend breaks etc. have been driven via a windows CAD workstation talking to them on a serial cable - basically a data dump to the machine which runs a modified dos based OS. So he buys a new sheet metal laser cutter and they bring the system online whilst I'm busy throwing shielded cabling for serial comms to the new machine - lo and behold the system boots to windows 2000 (the concept of a high powered laser metal cutting device driven by windows is another conversation entirely...) So I have a closer look at the beast and it is basically a pc built into a very large machine - has all the usual LAN / USB etc. The system even comes pre-installed with Norton AV. We (read me) make a management decision not to park said machine on the LAN (concept of disgruntled employee and said laser) also the data suite that talks to the laser is now windows based and not an old dos prompt data suite to the older machines. So the question is, is a pc / machine connected to another pc via serial cable only using specialised windows software to move data to the machine at all vulnerable to viruses? Can they transmit themselves across a serial cable? Jean --- Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.744 / Virus Database: 496 - Release Date: 2004/08/24 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html-- Peace. ~G _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: write events log to CD?, (continued)
- Re: write events log to CD? VeNoMouS (Aug 29)
- Re: write events log to CD? Ali Campbell (Aug 29)
- Re: write events log to CD? Barrie Dempster (Aug 30)
- Re: write events log to CD? Harlan Carvey (Aug 30)
- Viral infection via Serial Cable Jean Gruneberg (Aug 30)
- Re: Viral infection via Serial Cable Über GuidoZ (Aug 30)
- RE: Viral infection via Serial Cable Jean Gruneberg (Aug 30)
- Re: Viral infection via Serial Cable Über GuidoZ (Aug 30)
- Re: Viral infection via Serial Cable Christian (Aug 30)
- Re: Viral infection via Serial Cable Christian (Aug 30)
- Re: write events log to CD? Ali Campbell (Aug 29)
- Re: Viral infection via Serial Cable James Tucker (Aug 30)
- Re: write events log to CD? VeNoMouS (Aug 29)
- Re: Viral infection via Serial Cable J.A. Terranson (Aug 30)
- Re: Viral infection via Serial Cable James Tucker (Aug 31)
- Re: Viral infection via Serial Cable Barry Fitzgerald (Aug 31)
- RE: Viral infection via Serial Cable Aditya (Aug 30)
- Re: write events log to CD? Marcel Krause (Aug 30)
- Re: write events log to CD? Oliver J. Morais (Aug 30)
- Re: write events log to CD? Ali Campbell (Aug 30)
- Re: write events log to CD? James Tucker (Aug 30)
- Re: write events log to CD? Alan J. Wylie (Aug 30)