Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Viral infection via Serial Cable

from [Über GuidoZ] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Viral infection via Serial Cable
Date: Mon, 30 Aug 2004 16:32:01 -0400 
lol, well if they don't allow us (IT staff) to do our jobs, then they
will REALLY be upset when it's offline for 18 DAYS since it's broke.
=)

I'm sure there are viruses out there (older ones mind you) that would
be aware of a serial connection. The reason no newer ones would... who
uses a serial connection for communication to others computers
anymore? Like 0.00001% of the population. (This isn't including USB
even though it's officially a serial connection... the assumtion is
talking about RS232 specs: http://www.google.com/search?q=rs232 I
think we're all aware a virus can most certainly traverse through a
USB connection.)

The same reason there are so many Windows viruses... 90 something % of
the people online are using Windows, that's thats what the viruses are
after. Back in the day when serial connections were the only means of
communication possible, viruses weren't very possible. I doubt you'll
find a live one running around unless you try to use a 10 yr old
floppy no one has touched forever. (And you'd hope that this NAV that
was preinstalled could take care of stuff like that. =/ )

I did some Google hunting because you got me curious, but came up
blank about a virus targetinging a serial device. I don't think it's
the same type of thing, but of course external modems can pass viruses
through the serial port, assuming they are attached that way. But,
then again, you're talking about a direct connection to a translation
device, not a raw dump thru your DB9 or whatever. Waiting on other
thoughts, but I think you're pretty safe. =)

~G

On Mon, 30 Aug 2004 21:21:19 +0200, Jean Gruneberg
<gruneberg@absamail.co.za> wrote:

Hi all

Thanks for the info.  I presumed there wasn't anything running around that
normally would 'see' a serial connection and keeping the machine off an
ordinary network system will protect it machine...

Need to look at the pc more to see if and what patches / sp etc have been
applied as well, if it is a vanilla system etc  Pity the machine runs 18
hours a day and they don't like taking it offline for the IT guy to have a
look see ;-)



Jean



-- 
Peace. ~G

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] Viral infection via Serial Cable, James Tucker
Next by Date:  Re: [Full-Disclosure] RealVNC server 4.0 remote 'd'dos vulnerabilitywith exploit, Orhan BAYRAK
Previous by Thread:  RE: [Full-Disclosure] Viral infection via Serial Cable, Jean Gruneberg
Next by Thread:  Re: [Full-Disclosure] Viral infection via Serial Cable, Christian
Indexes:  [Date] [Thread] [Top] [All Lists]