lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b7bc1b1f0408301332592596e4@mail.gmail.com>
From: uberguidoz at gmail.com (Über GuidoZ)
Subject: Viral infection via Serial Cable

lol, well if they don't allow us (IT staff) to do our jobs, then they
will REALLY be upset when it's offline for 18 DAYS since it's broke.
=)

I'm sure there are viruses out there (older ones mind you) that would
be aware of a serial connection. The reason no newer ones would... who
uses a serial connection for communication to others computers
anymore? Like 0.00001% of the population. (This isn't including USB
even though it's officially a serial connection... the assumtion is
talking about RS232 specs: http://www.google.com/search?q=rs232 I
think we're all aware a virus can most certainly traverse through a
USB connection.)

The same reason there are so many Windows viruses... 90 something % of
the people online are using Windows, that's thats what the viruses are
after. Back in the day when serial connections were the only means of
communication possible, viruses weren't very possible. I doubt you'll
find a live one running around unless you try to use a 10 yr old
floppy no one has touched forever. (And you'd hope that this NAV that
was preinstalled could take care of stuff like that. =/ )

I did some Google hunting because you got me curious, but came up
blank about a virus targetinging a serial device. I don't think it's
the same type of thing, but of course external modems can pass viruses
through the serial port, assuming they are attached that way. But,
then again, you're talking about a direct connection to a translation
device, not a raw dump thru your DB9 or whatever. Waiting on other
thoughts, but I think you're pretty safe. =)

~G

On Mon, 30 Aug 2004 21:21:19 +0200, Jean Gruneberg
<gruneberg@...amail.co.za> wrote:
> Hi all
> 
> Thanks for the info.  I presumed there wasn't anything running around that
> normally would 'see' a serial connection and keeping the machine off an
> ordinary network system will protect it machine...
> 
> Need to look at the pc more to see if and what patches / sp etc have been
> applied as well, if it is a vanilla system etc  Pity the machine runs 18
> hours a day and they don't like taking it offline for the IT guy to have a
> look see ;-)
> 
> 
> 
> Jean


-- 
Peace. ~G


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ