[Discuss] Security

[jabr at blu.org (John Abreau)]

Every Ethernet device has a unique MAC address. If you document
every MAC address of all your company's legitimate systems and
devices, then any unknown MAC address will be a rogue device.
Tracking them down should then be fairly straightforward.



On Wed, Nov 2, 2011 at 2:19 PM, Matt Shields <matt at mattshields.org> wrote:
> On Wed, Nov 2, 2011 at 2:05 PM, Gregory Boyce <gboyce at badbelly.com> wrote:
>
>> On Wed, Nov 2, 2011 at 1:10 PM, ?<markw at mohawksoft.com> wrote:
>> > At my work, here are a few vending machines. One of these machines has a
>> > nice little antenna on it. Presumably, it communicates via cellular
>> > network to the vendor in order to report on usage and supplies. Yes, good
>> > idea. Cool.
>> >
>> > It occurs to me that this machine, most likely, did not have to go
>> through
>> > any vetting. Not only that, I bet the grunts that stock these machines
>> are
>> > hired more for strong backs and no criminal record.
>> >
>> > So, here we have a powered machine with external wireless connectivity on
>> > the premises with no actual over site. It is there 24x7, powered!
>> >
>> > Think of all the cool/evil things you could put in a vending machine with
>> > a wireless link. Imagine having direct access to a Linux box in almost
>> any
>> > company you want. You could run any software you want. You could have
>> > wi-fi too. Could you break the company's wireless security? Could you
>> > monitor their wireless communications? Could you eaves drop on
>> > conversations near by?
>> >
>> > Everyone suspects the cleaning crew, and if you are interested in
>> > security, you do background checks. Almost no one cares about the vending
>> > machines.
>>
>> There's nothing that device can do to your wilreless network that a
>> person with a directional antennae can't already do. ?As long as you
>> don't plug it into your internal network, you're not worse off.
>>
>> As for the eavesdropping, you wouldn't need an obvious antennae for
>> that. ?There could be a camera or microphone in older vending
>> machines, televisions, coffee machines, fridges, ceiling tiles or even
>> a cabinet. ?These could have less obvious antennas or hey, just have
>> the recordings picked up occasionally during maintenance.
>>
>> There's an infinite number of things that "could" happen. ?You need to
>> consider the likelihood and impact of those sorts of attacks. ?In most
>> cases the likelihood is minimal. ?Impact is probably minimal as well
>> unless its in the board room.
>> _______________________________________________
>> Discuss mailing list
>> Discuss at blu.org
>> http://lists.blu.org/mailman/listinfo/discuss
>>
>
> I think his point was more that these "smart" vending machines are becoming
> more commonplace. ?Even these days companies put ethernet jacks in the
> kitchen, so what *if* someone who was malicious put something inside a
> vending machine and plugged it into your network. ?Or what if it had
> camera/microphone, most people talk shop even in the kitchen.
>
> Speaking of that, I remember a few years ago a company I was at talking
> about checking ethernet jacks periodically to make sure no devices were
> plugged in that shouldn't be.
>
> Matthew Shields
> Owner
> BeanTown Host - Web Hosting, Domain Names, Dedicated Servers, Colocation,
> Managed Services
> www.beantownhost.com
> www.sysadminvalley.com
> www.jeeprally.com
> Like us on Facebook <http://www.facebook.com/beantownhost>
> Follow us on Twitter <https://twitter.com/#!/beantownhost>
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>



-- 
John Abreau / Executive Director, Boston Linux & Unix
Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99