| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Glenn_Everhart at bankone.com (Glenn_Everhart@...kone.com) Subject: Viral infection via Serial Cable A serial connection using protocols like xmodem, ymodem, kermit, or the like might well avoid exposing a machine to malware. A malware program must be able to use some facilities offered by a network typically if it is to propagate on a network. Serial connections running occasional file transfer protocols don't offer services that most malware would know how to use. This does not mean there are no services; just that a malware author is unlikely to notice a serial line and test, say, for a kermit or uucp server at the other end. (If those allow access only to a single directory containing nothing interesting, too, that isn't going to allow much exposed function for attacks.) Obviously if the serial line carries IP somehow, it might be used without the malware even noticing anything difficult. An intermediate ground like using some not currently fashionable serial network (e.g., run DECnet over the line) would probably avoid being exploited too, but someone who knew what was going on could attack it or use it to spread malware. -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Jean Gruneberg Sent: Monday, August 30, 2004 3:21 PM To: 'Full Disclosure' Subject: RE: [Full-Disclosure] Viral infection via Serial Cable Hi all Thanks for the info. I presumed there wasn't anything running around that normally would 'see' a serial connection and keeping the machine off an ordinary network system will protect it machine... Need to look at the pc more to see if and what patches / sp etc have been applied as well, if it is a vanilla system etc Pity the machine runs 18 hours a day and they don't like taking it offline for the IT guy to have a look see ;-) Jean --- Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.744 / Virus Database: 496 - Release Date: 2004/08/24 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you **********************************************************************
Powered by blists - more mailing lists