Slip them a Dreamcast
Posted on August 02, 2002 @ 14:33 in General
The Register reprinted a Security Focus article by Kevin Poulsen, titled When Dreamcasts Attack. Two white hat hackers
developed their game box cum attack tool after finding themselves more than once with physical access to a client's facilities -- posing as an employee in once case, crawling through a drop ceiling in another -- but without a way to leverage that access into remote control of the company's network. "It's not that hard to get into an organization for one or two minutes," said Higbee.
With firewalls and other intrusion countermeasures in place at the electronic perimeter of companies and organizations, the physical perimeter of those same companies and organizations often turns out more porous. The two white hats demonstrated how dirt cheap 'throwaway' hardware, in the form of the discontinued Dreamcast game console, running Linux could easily be smuggled into a company's buildings, hooked up to their network through the ethernet port the Dreamcast provides. Outbound connections are usually not so strictly policed as inbound connections, so from that point on the hacker would have a whole arsenal of techniques at hir disposal to remotely exploit the now compromised network.
Comments and Trackbacks
No comments or trackbacks for this entry yet.
Post a comment
Comments and trackbacks have been closed on this site. My apologies.
Since MT-Blacklist inexplicably stopped working I had no other recourse than close comments and trackbacks to stop the spam. I've been meaning to correct this for quite a while, but life got in the way... in a good way I should add.