I understadn where you're coming from if speaking about protocol.
However, in most cases there will be many more ways to exploit
something over TCP/IP then over a raw RS232 connection. The serial
port will need to have something listening on it, that is also
exploitable. Compare this to the amount
Most viruses use the user (they expect to contact a stupid user which
will execute it), they don't care how it reached your pc, it knows the
user will spread it somehow (i.e. it's a nice porno exe which will be
sent to friends, ...). Current viruses do not even need user
interaction, some
Of
[EMAIL PROTECTED]
Sent: Wednesday, September 01, 2004 22:33
To: Harlan Carvey
Cc: Full Disclosure
Subject: Re: [Full-Disclosure] Viral infection via Serial Cable
On Wed, 01 Sep 2004 10:06:43 PDT, Harlan Carvey said:
You're right, but what does that have to do with
an
RS-232 serial cable
On Mon, 30 Aug 2004 16:32:01 EDT, =?ISO-8859-1?Q?=DCber_GuidoZ?= said:
The same reason there are so many Windows viruses... 90 something % of
the people online are using Windows, that's thats what the viruses are
after. Back in the day when serial connections were the only means of
The same reason there are so many Windows
viruses... 90 something % of
the people online are using Windows, that's thats
what the viruses are
after. Back in the day when serial connections
were the only means of
communication possible, viruses weren't very
possible
Actually, at the
I wasn't trying to say there weren't viruses in those days. (Those
days being mid-late 80's.) I was just trying to explain the same fact
you pointed out - they didn't spread like they do today. (Did I really
say not possible? I'll have to go back and read that =P )
I believe the original author
On Wed, 01 Sep 2004 05:42:40 PDT, Harlan Carvey said:
You're right, but what does that have to do with an
RS-232 serial cable?
What did you hook your modem to the computer with? It wasn't
like you could fit those old 300 baud acoustic couplers in a PCI slot
(not that PCI had been invented yet
You're right, but what does that have to do with
an
RS-232 serial cable?
What did you hook your modem to the computer with?
Phone cord with an RJ-ll connector. Even back when I
did own a 300baud modem, installed in an Epson QX-10,
it was phone cable...not RS-232.
Once again this discussion is drifting very far away from the FACTS,
let alone relevance:
1. On a BBS you connect through a modem; a modem (typically) uses an
AT command set, and you would require another modem to connect to.
Data transfer happens as a subset of this command set. These protocols
On Wed, 01 Sep 2004 10:06:43 PDT, Harlan Carvey said:
You're right, but what does that have to do with
an
RS-232 serial cable?
What did you hook your modem to the computer with?
Phone cord with an RJ-ll connector. Even back when I
did own a 300baud modem, installed in an
Well stated James, as usual. You'll have to excuse me if it appeared I
participated in the pissing contest. Was only trying to reiterate my
point, not to mention pointing out what I WASN'T talking about. It
seemed there was some confusion.
James Tucker said:
4. Most viruses in circulation today
ALD So the question is, is a pc / machine connected to another
ALD pc via serial
ALD cable only using specialized windows software to move data
ALD to the machine at
ALD all vulnerable to viruses? Can they transmit themselves
ALD across a serial
ALD cable?
you certainly have a
If I understand this correctly, you have a system like this:
-machine A has windows and is connected to the Internet.
-machine B is the laser cutter with windows 2000.
-machine A is used to control machine B. The commands are sent
from machine A through a serial cable to machine B.
If this is
If you want to check to see if the system has the MS tcp/ip stack
running on the port, boot the machine and look in the network
connections folder. You will see an incoming connections connection
listed. If this is present (i doubt it, but anything is possible) then
turn on IPSec for the
Disclosure'
Subject: RE: [Full-Disclosure] Viral infection via Serial Cable
Hi all
Thanks for the info. I presumed there wasn't anything running around that
normally would 'see' a serial connection and keeping the machine off an
ordinary network system will protect it machine...
Need to look
James Tucker wrote:
Sure, but you can only move up a stack which exists.
Given that there should be no applications on the other end of the
RS232 apart from the CAD/CAM control program (one would hope, this
would be considered 'normal'), the only hackable device should be that
program. It's not
Very interesting situation. To be honest I've never tried to
experiment with such a setting in a virus lab, however I do know that
viruses can travel via any electronic means of communication. Back
before RJ-45 jacks were used much, NICs had serial or BNC plugs
instead. Viruses traversed through
lol, well if they don't allow us (IT staff) to do our jobs, then they
will REALLY be upset when it's offline for 18 DAYS since it's broke.
=)
I'm sure there are viruses out there (older ones mind you) that would
be aware of a serial connection. The reason no newer ones would... who
uses a serial
I might also suggest that it is likely (although not guaranteed, maybe
ask the manufacturer) that the application will put a full lock on the
RS232 comms, and as such, a virus could only transfer data to the OS /
program if the lock was removed (program was closed).
As for viral infections via
On Mon, 30 Aug 2004, Jean Gruneberg wrote:
So the question is, is a pc / machine connected to another pc via serial
cable only using specialised windows software to move data to the machine at
all vulnerable to viruses? Can they transmit themselves across a serial
cable?
You are confusing
Über GuidoZ wrote:
even though it's officially a serial connection... the assumtion is
talking about RS232 specs: http://www.google.com/search?q=rs232 I
think we're all aware a virus can most certainly traverse through a
USB connection.)
hm, i fail to see the point here. isn't a serial connection
Über GuidoZ wrote:
even though it's officially a serial connection... the assumtion is
talking about RS232 specs: http://www.google.com/search?q=rs232 I
think we're all aware a virus can most certainly traverse through a
USB connection.)
hm, i fail to see the point here. isn't a serial connection
So the question is, is a pc / machine connected to another pc
via serial cable only using specialised windows software to
move data to the machine at all vulnerable to viruses? Can
they transmit themselves across a serial cable?
It all really depends on how transport independent
23 matches
Mail list logo
