lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: uberguidoz at gmail.com (Über GuidoZ)
Subject: Viral infection via Serial Cable

Very interesting situation. To be honest I've never tried to
experiment with such a setting in a virus lab, however I do know that
viruses can travel via any electronic means of communication. Back
before RJ-45 jacks were used much, NICs had serial or BNC plugs
instead. Viruses traversed through them just like they do today.

It completely depends on the communication setup I suppose. Granted, I
doubt your everyday worm would be able to make the jump via
specialized instructions to the serial outlet, however if something
was programed to do such a thing, I'm sure it's possible.

If it's just connected to the LAN as a PC, then you have a lot more to
worry about obviously. (Depending on the network protocol, there may
be little limitations at all.) Are you able to update this Windows
2000 install? Is it extremely customized for this laser, or does the
laser software just work on Windows?

~G

On Mon, 30 Aug 2004 19:35:25 +0200, Jean Gruneberg
<gruneberg@...amail.co.za> wrote:
> Hi all
> 
> OK - here is a basic question - sorry if this is totally clueless.
> 
> I have a client who runs a heavy engineering shop.  To date all his
> computerised punches and bend breaks etc. have been driven via a windows CAD
> workstation talking to them on a serial cable - basically a data dump to the
> machine which runs a modified dos based OS.
> 
> So he buys a new sheet metal laser cutter and they bring the system online
> whilst I'm busy throwing shielded cabling for serial comms to the new
> machine - lo and behold the system boots to windows 2000 (the concept of a
> high powered laser metal cutting device driven by windows is another
> conversation entirely...)
> 
> So I have a closer look at the beast and it is basically a pc built into a
> very large machine - has all the usual LAN / USB etc.  The system even comes
> pre-installed with Norton AV.  We (read me) make a management decision not
> to park said machine on the LAN (concept of disgruntled employee and said
> laser)  also the data suite that talks to the laser is now windows based and
> not an old dos prompt data suite to the older machines.
> 
> So the question is, is a pc / machine connected to another pc via serial
> cable only using specialised windows software to move data to the machine at
> all vulnerable to viruses?  Can they transmit themselves across a serial
> cable?
> 
> Jean
> 
> ---
> 
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.744 / Virus Database: 496 - Release Date: 2004/08/24
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 


-- 
Peace. ~G

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ