RE: Online Games Consoles and Security Implications

["Elan Hasson" <elan () daryl org>]

The xbox is VERY secure, read the docs on Network Security in the SDK.

MS even has a bit in there about Denial Of Service..and how the xbox can
handle it and not affect game performance.

-----Original Message-----
From: John_Leitch () NAI com [mailto:John_Leitch () NAI com]
Sent: Tuesday, May 21, 2002 4:23 AM
To: vuln-dev () securityfocus com
Subject: Online Games Consoles and Security Implications


Hi.
A strange but interesting thread maybe.......
With the advent of online consoles such as the XBOX (microsofts own so I
guess security could be a little weak, my own thoughts BTW) and the PS2.
What issues are unleashed that could have or cause massive security
implications for the home user.
For instance:
XBOX / PS2 can be connected to a home LAN for access or they could be
directly connected via the broadband connectors.  I am sure there are no
built in security features for either platform.
Question:
Could the devices be used in anyway that could allow an attacker to
a)      Crash said device
b)      Use device as a lever to interact between network devices
c)      Any other nefarious actions


Having not had the chance to PEN-TEST any of these as of yet I was
wondering
what the online security groups thought of this.
FYI:  The Microsoft XBOX HAS BEEN hacked via a modchip (modchip allows
playback of CDR DVDR and all region DVD flicks)
The PS2 has had the same mod issues as above (only it took longer than the
4
weeks to hack the XBOX)
Thanks
/John Leitch

Attachment: smime.p7s
Description: