lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: uberguidoz at gmail.com (Über GuidoZ)
Subject: Viral infection via Serial Cable

I understadn where you're coming from if speaking about protocol.
However, in most cases there will be many more ways to exploit
something over TCP/IP then over a raw RS232 connection. The serial
port will need to have something listening on it, that is also
exploitable. Compare this to the amount of exploitable services and
such listening on a TCP/IP connection over the network. Matter of
propability is what I was getting at... I apologize if I wasn't clear
on this point.

Accepting the fact that MANY viruses exist in the wild that are
designed to infect over TCP/IP, the chance of running into one that
infects over a serial port is little to none. (Granted, unless that
connection is being used as a network comunication device, which then
in turns changes the entire argument back over to TCP/IP and network,
not RS232 data.) Interesting thoughts all, please keep them coming.

-- 
Peace. ~G


On Tue, 31 Aug 2004 02:49:41 +0200, Christian <evil@...ouse.de> wrote:
> ?ber GuidoZ wrote:
> > even though it's officially a serial connection... the assumtion is
> > talking about RS232 specs: http://www.google.com/search?q=rs232 I
> > think we're all aware a virus can most certainly traverse through a
> > USB connection.)
> >
> 
> hm, i fail to see the point here. isn't a serial connection to the
> outside world "just another link"? who cares, if it is a serial
> connection or ethernet? maybe i am biased with SLIP under linux - Serial
> Line IP, so the serial device really gets an ip-address and then it's
> tcp/ip all the way and no application/virus would care if this is
> "serial link". or is all data just sent to "com1"?
> 
> thanks,
> Christian.
> --
> BOFH excuse #416:
> 
> We're out of slots on the server

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ