Full Disclosure mailing list archives
RE: Viral infection via Serial Cable
From: <Glenn_Everhart () bankone com>
Date: Tue, 31 Aug 2004 09:37:51 -0400
A serial connection using protocols like xmodem, ymodem, kermit, or the like might well avoid exposing a machine to malware. A malware program must be able to use some facilities offered by a network typically if it is to propagate on a network. Serial connections running occasional file transfer protocols don't offer services that most malware would know how to use. This does not mean there are no services; just that a malware author is unlikely to notice a serial line and test, say, for a kermit or uucp server at the other end. (If those allow access only to a single directory containing nothing interesting, too, that isn't going to allow much exposed function for attacks.) Obviously if the serial line carries IP somehow, it might be used without the malware even noticing anything difficult. An intermediate ground like using some not currently fashionable serial network (e.g., run DECnet over the line) would probably avoid being exploited too, but someone who knew what was going on could attack it or use it to spread malware. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Jean Gruneberg Sent: Monday, August 30, 2004 3:21 PM To: 'Full Disclosure' Subject: RE: [Full-disclosure] Viral infection via Serial Cable Hi all Thanks for the info. I presumed there wasn't anything running around that normally would 'see' a serial connection and keeping the machine off an ordinary network system will protect it machine... Need to look at the pc more to see if and what patches / sp etc have been applied as well, if it is a vanilla system etc Pity the machine runs 18 hours a day and they don't like taking it offline for the IT guy to have a look see ;-) Jean --- Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.744 / Virus Database: 496 - Release Date: 2004/08/24 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you ********************************************************************** _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Viral infection via Serial Cable Stuart Fox (DSL AK) (Aug 30)
- <Possible follow-ups>
- Re: Viral infection via Serial Cable Troy (Aug 31)
- RE: Viral infection via Serial Cable Glenn_Everhart (Aug 31)