Full Disclosure mailing list archives
Re: Viral infection via Serial Cable
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Tue, 31 Aug 2004 10:01:11 -0400
James Tucker wrote:
I think that we're missing something here. The workstation sends commands to the laser via the serial connection (assumed RS232 for this example and not TCP/IP based) so presumably, the win2k workstation can send whatever commands it wants to the laser via the serial cable within the bounds of its programming. Therefore, you don't need to send a virus along the serial cable, you just need to gain remote access to the CAD/CAM workstation and cause it to do something nasty.Sure, but you can only move up a stack which exists. Given that there should be no applications on the other end of the RS232 apart from the CAD/CAM control program (one would hope, this would be considered 'normal'), the only hackable device should be that program. It's not unlikely that the program in question could be set to perform destructive actions; allot of industrial software of this type is not well written and buffers certainly don't always get checked. This would require a custom hack though, I don't know of any viri which carry protocol definitions for RS232 CAD/CAM programs.
This would require prior knowledge of it's operation and configuration, of course, and the will to carry out this crack -- but one of the cited scenarios was a "disgruntled employee" and we can presume that they have special knowledge of the environment.
In other words: keep that box off the LAN. That's my suggestion. We *know* that win2k is vulnerable to worm and virus outbreaks, and that's all we need to know for this scenario. It's like tunneling from a system with an external IP into a NAT'ed LAN -- same exact concept, only probably easier because you already have an authenticated connection to your destination.
I agree with you, but when the quote is put into context, that's not what Bush meant. It was an angry response of his to an American who owned a website criticizing him."There aught to be limits to freedom!" George BushNot to defend the guy, he makes allot of stupid comments and decisions, however he is talking about laws and he is not wrong, there are many people in the world who need certain freedoms removed. How about they learn to remove the freedom of gun ownership.
Bush's point was that there ought to be limits to free speech and that people shouldn't be allowed to criticize him (and, to be fair, he could have meant others as well).
You give the man too much credit.
-Barry
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: write events log to CD?, (continued)
- Re: write events log to CD? Harlan Carvey (Aug 30)
- Viral infection via Serial Cable Jean Gruneberg (Aug 30)
- Re: Viral infection via Serial Cable Über GuidoZ (Aug 30)
- RE: Viral infection via Serial Cable Jean Gruneberg (Aug 30)
- Re: Viral infection via Serial Cable Über GuidoZ (Aug 30)
- Re: Viral infection via Serial Cable Christian (Aug 30)
- Re: Viral infection via Serial Cable Christian (Aug 30)
- Re: Viral infection via Serial Cable James Tucker (Aug 30)
- Re: Viral infection via Serial Cable J.A. Terranson (Aug 30)
- Re: Viral infection via Serial Cable James Tucker (Aug 31)
- Re: Viral infection via Serial Cable Barry Fitzgerald (Aug 31)
- RE: Viral infection via Serial Cable Aditya (Aug 30)
- Re: write events log to CD? Marcel Krause (Aug 30)
- Re: write events log to CD? Oliver J. Morais (Aug 30)
- Re: write events log to CD? Ali Campbell (Aug 30)
- Re: write events log to CD? James Tucker (Aug 30)
- Re: write events log to CD? Alan J. Wylie (Aug 30)