Full Disclosure mailing list archives
Re: Viral infection via Serial Cable
From: stephane nasdrovisky <stephane.nasdrovisky () paradigmo com>
Date: Thu, 02 Sep 2004 08:26:56 +0200
Most viruses use the user (they expect to contact a stupid user which will execute it), they don't care how it reached your pc, it knows the user will spread it somehow (i.e. it's a nice porno exe which will be sent to friends, ...). Current viruses do not even need user interaction, some expect to contact a stupid user who's using some outlook flavor. The worms are using servers and their vulnerabilities (and the admin lazyness), ip or higher level email features. Current viruses and worms are not very different as they do not always need user action. Some viruses could be called worms as they spread automatically, using server features of some clients. Back in the 80s and early 90s, I was using fidonet (a modem/rs232 based network), file and email transfers were automatic (using a software like binkley term). There were no known way for automatically execute the files you received (outlook or outlook express did not exist, not even windows nt, just msdos), but viruses were working anyway. It was the begining of companies like mcafee! That was the time I first checked my executables before executing anything on my PC.
Über GuidoZ wrote:
James Tucker said:4. Most viruses in circulation today use TCP/IP or higher level protocols, not native RS232.ANDPersonally I never saw or heard of a virus which tries to communicate with another computer attached to an RS232 port (maybe a laplink virus or the like??), as this is an unusual scenario.Exactly the point I was trying to make. Nothing more, nothing less.
I too never heard such a think, which doesn't mean: -such a virus/worm does not exist-the software on any side of the rs232 link is not vulnerable (I guess the risk will not come from a virus/worm but a targeted attack by someone knowing the vulnerabilities of this soft and also knowing your network infrastructure and that you have this soft)
Current thread:
- Re: Viral infection via Serial Cable Valdis . Kletnieks (Sep 01)
- Re: Viral infection via Serial Cable Harlan Carvey (Sep 01)
- Re: Viral infection via Serial Cable Valdis . Kletnieks (Sep 01)
- Re: Viral infection via Serial Cable Über GuidoZ (Sep 01)
- Re: Viral infection via Serial Cable Harlan Carvey (Sep 01)
- Re: Viral infection via Serial Cable Valdis . Kletnieks (Sep 01)
- Re: Viral infection via Serial Cable James Tucker (Sep 01)
- Re: Viral infection via Serial Cable Über GuidoZ (Sep 01)
- Re: Viral infection via Serial Cable stephane nasdrovisky (Sep 02)
- Re: Viral infection via Serial Cable Valdis . Kletnieks (Sep 01)
- Re: Viral infection via Serial Cable Harlan Carvey (Sep 01)
- <Possible follow-ups>
- RE: Viral infection via Serial Cable yaakov yehudi (Sep 02)
- Re: Viral infection via Serial Cable Über GuidoZ (Sep 03)