RE: Online Games Consoles and Security Implications

From: Dom De Vitto (dom@DeVitto.com)
Date: 05/21/02 

From: "Dom De Vitto" <dom@DeVitto.com>
To: <John_Leitch@NAI.com>, <vuln-dev@securityfocus.com>
Date: Tue, 21 May 2002 20:46:03 +0100

When the dreamcast came out Fydor added the OS detection sigs to nmap.

So I guess at least a dreamcast doesn't have a built in firewall and
will respond in some way to uninitiated communications.

(obviously, ideally they should only permit communication to/from
servers they have initiated some kind of connection to already)

Dom

-----Original Message-----
From: John_Leitch@NAI.com [mailto:John_Leitch@NAI.com]
Sent: Tuesday, May 21, 2002 9:23 AM
To: vuln-dev@securityfocus.com
Subject: Online Games Consoles and Security Implications

Hi.
A strange but interesting thread maybe.......
With the advent of online consoles such as the XBOX (microsofts own so I
guess security could be a little weak, my own thoughts BTW) and the PS2.
What issues are unleashed that could have or cause massive security
implications for the home user. For instance: XBOX / PS2 can be
connected to a home LAN for access or they could be directly connected
via the broadband connectors. I am sure there are no built in security
features for either platform.
Question:
Could the devices be used in anyway that could allow an attacker to
a) Crash said device
b) Use device as a lever to interact between network devices
c) Any other nefarious actions

Having not had the chance to PEN-TEST any of these as of yet I was
wondering what the online security groups thought of this.
FYI: The Microsoft XBOX HAS BEEN hacked via a modchip (modchip allows
playback of CDR DVDR and all region DVD flicks) The PS2 has had the same
mod issues as above (only it took longer than the 4 weeks to hack the
XBOX) Thanks /John Leitch

Relevant Pages

  • Re: Online Games Consoles and Security Implications
    ... Also guys don't forget that these devices are fully linux and other unix ... > servers they have initiated some kind of connection to already) ... > With the advent of online consoles such as the XBOX (microsofts own so I ... > guess security could be a little weak, my own thoughts BTW) and the PS2. ...
    (Vuln-Dev)
  • RE: Online Games Consoles and Security Implications
    ... I don't know that any "massive security implications" would be possible, ... worst case scenario someone crashes your PS2 during a gaming session. ... connection you get into what could possibly be more problems. ... With the advent of online consoles such as the XBOX (microsofts own so I ...
    (Vuln-Dev)
  • [NEWS] eSeSIX Thintune Thin Client Multiple Vulnerabilities
    ... Get your security news from a reliable source. ... All Linux-based Thintune models with firmware version 2.4.38 and prior ... REMOTE ROOT SHELL / BACKDOOR ... ica con_0_10 - password for first ICA connection ...
    (Securiteam)
  • [Full-Disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA
    ... Subject: FEEDBACK: Testing Microsoft and the DMCA ... book about information security and Microsoft Internet Information Services ... Microsoft's Xbox game console. ...
    (Full-Disclosure)
  • Re: [Full-Disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA
    ... Next it will be illegal to throw away your xbox because someone ... > book about information security and Microsoft Internet Information ... > Huang spoke with CNET News.com about the book, the importance of hardware ...
    (Full-Disclosure)
Quantcast