Let's look at the original question as written --
> Here is the question: Is this as good as thin air? Can you
> see any way a hacker could use such a connection to penetrate the
> bank's network?
So we have 2 scenarios: (a) two computers connected by a serial cable; and
(b) two computers capable of exchanging data only by 'sneakernet'.
Very simply, the former provides an inherently general-purpose, always-up
data link between the two machines, while the latter only provides the
periodic transfer of data in small chunks. While bogus transaction data
(i.e., in proper format) might be transmitted over either medium, (a) is
much more flexible -- hence, more likely to be used for a nonintended
purpose.
Enforcing the protocol on the line is the obvious defence against this.
Even if the external host were compromised, the internal host's custom
serial software, if well-written, would only know how to deal with
transaction data, everything else would be logged and cause an alarm
condition.
I think that for a vanilla serial cable, a lot rests on 3 factors:
(a) the robustness of the software doing the communication, from
hardware drivers, all the way up to the transaction protocol -- e.g., no
buffer overruns, no insertion attacks;
(b) aside from the serial port, the security of the internal host;
(c) the physical security of the facility containing the hosts.
If all 3 of these security factors are beyond question, then YES a plain
old serial cable is as good as thin air.
Otherwise, NO -- the cable could end up at the mercy of software on two
compromised hosts, or perhaps a laptop and some splicing tools. Here
comes file transfer and remote login to the internal host, via a
convenient external gateway....
In this case, something more is needed to enforce the protocol on the
line. Mr. Nelson recommended a hardware enforcing unidirectional Xmodem
for the "paranoid" -- but if one of the factors mentioned above is a weak
link in the chain, hardware must be the only option. Furthermore, if
physical security is a concern, said hardware should be tamper-resistant,
as should its physical connections to the 2 hosts.
Hope this helps.
Cheers,
--
Stephen D. James <[EMAIL PROTECTED]>
Research Scientist and Engineer POC Systems
