[Discuss] Security
markw at mohawksoft.com
markw at mohawksoft.com
Wed Nov 2 15:11:05 EDT 2011
> Every Ethernet device has a unique MAC address. If you document
> every MAC address of all your company's legitimate systems and
> devices, then any unknown MAC address will be a rogue device.
> Tracking them down should then be fairly straightforward.
Little known fact, you can change the mac address in a good number of
devices.
>
>
>
> On Wed, Nov 2, 2011 at 2:19 PM, Matt Shields <matt at mattshields.org> wrote:
>> On Wed, Nov 2, 2011 at 2:05 PM, Gregory Boyce <gboyce at badbelly.com>
>> wrote:
>>
>>> On Wed, Nov 2, 2011 at 1:10 PM, <markw at mohawksoft.com> wrote:
>>> > At my work, here are a few vending machines. One of these machines
>>> has a
>>> > nice little antenna on it. Presumably, it communicates via cellular
>>> > network to the vendor in order to report on usage and supplies. Yes,
>>> good
>>> > idea. Cool.
>>> >
>>> > It occurs to me that this machine, most likely, did not have to go
>>> through
>>> > any vetting. Not only that, I bet the grunts that stock these
>>> machines
>>> are
>>> > hired more for strong backs and no criminal record.
>>> >
>>> > So, here we have a powered machine with external wireless
>>> connectivity on
>>> > the premises with no actual over site. It is there 24x7, powered!
>>> >
>>> > Think of all the cool/evil things you could put in a vending machine
>>> with
>>> > a wireless link. Imagine having direct access to a Linux box in
>>> almost
>>> any
>>> > company you want. You could run any software you want. You could have
>>> > wi-fi too. Could you break the company's wireless security? Could you
>>> > monitor their wireless communications? Could you eaves drop on
>>> > conversations near by?
>>> >
>>> > Everyone suspects the cleaning crew, and if you are interested in
>>> > security, you do background checks. Almost no one cares about the
>>> vending
>>> > machines.
>>>
>>> There's nothing that device can do to your wilreless network that a
>>> person with a directional antennae can't already do. As long as you
>>> don't plug it into your internal network, you're not worse off.
>>>
>>> As for the eavesdropping, you wouldn't need an obvious antennae for
>>> that. There could be a camera or microphone in older vending
>>> machines, televisions, coffee machines, fridges, ceiling tiles or even
>>> a cabinet. These could have less obvious antennas or hey, just have
>>> the recordings picked up occasionally during maintenance.
>>>
>>> There's an infinite number of things that "could" happen. You need to
>>> consider the likelihood and impact of those sorts of attacks. In most
>>> cases the likelihood is minimal. Impact is probably minimal as well
>>> unless its in the board room.
>>> _______________________________________________
>>> Discuss mailing list
>>> Discuss at blu.org
>>> http://lists.blu.org/mailman/listinfo/discuss
>>>
>>
>> I think his point was more that these "smart" vending machines are
>> becoming
>> more commonplace. Even these days companies put ethernet jacks in the
>> kitchen, so what *if* someone who was malicious put something inside a
>> vending machine and plugged it into your network. Or what if it had
>> camera/microphone, most people talk shop even in the kitchen.
>>
>> Speaking of that, I remember a few years ago a company I was at talking
>> about checking ethernet jacks periodically to make sure no devices were
>> plugged in that shouldn't be.
>>
>> Matthew Shields
>> Owner
>> BeanTown Host - Web Hosting, Domain Names, Dedicated Servers,
>> Colocation,
>> Managed Services
>> www.beantownhost.com
>> www.sysadminvalley.com
>> www.jeeprally.com
>> Like us on Facebook <http://www.facebook.com/beantownhost>
>> Follow us on Twitter <https://twitter.com/#!/beantownhost>
>> _______________________________________________
>> Discuss mailing list
>> Discuss at blu.org
>> http://lists.blu.org/mailman/listinfo/discuss
>>
>
>
>
> --
> John Abreau / Executive Director, Boston Linux & Unix
> Email jabr at blu.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
> PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list