Slashdot Mirror

← Back to Stories (view on slashdot.org)

Attack Of The Dreamcasts

Posted by Hemos on from the swirly-logos-coming-at-you dept.

kevin_conaway writes "A pair of coders are now suggesting that it is possible, with a modified dreamcast system running Linux to sneek into an office building and stick it on a network drop and leave. The dreamcast will then probe for ways to connect to the outside world. They say they have created similar software for iPAQs and a special bootable cdroms for print servers and similar boxes. Just a reminder that are networks need to be as secure on the inside as they should be on the outside. Get the story here."

19 of 449 comments (clear)

  1. Linux on Dreamcast by Anonymous Coward · · Score: 1, Informative

    Here is the place to get Linux for your Dreamcast.

  2. ahem by _anomaly_ · · Score: 1, Informative

    "our" not "are"

    :-)
    --
    "I have no special gift, I am only passionately curious." - Albert Einstein
  3. Re:how is this any different by bowronch · · Score: 1, Informative
    From the article:
    They chose the Dreamcast for its small size, availability of an Ethernet adapter, and affordability -- the console was discontinued last year, and now sells used for under $100 on eBay. Loaded with custom Linux-based software and covertly plugged into a spare network port under a desk or above a ceiling, the harmless-looking toy becomes the enemy within, probing the company firewall for a way out to Internet.
    --
    My Stuff: pspChess and foobar2000 plugins
  4. Re:Any computer by eikonoklastes · · Score: 3, Informative

    Yes, it could. The nice thing about the dreamcast is that it is small and cheap. Less than $100 gets you a decent processor and a built in Ethernet adapter. If you're going to risk losing your box when it's discovered, I'd rather it was just a cheap dreamcast than a pricey laptop.

  5. Yeah, right. by autechre · · Score: 5, Informative


    "availability of an Ethernet adaptor"?

    You almost have to kill someone to get a network adaptor for the Dreamcast. I'm not even sure they're being manufactured anymore (I wouldn't think so), but there are a few on eBay; the cheapest one is $60.

    Besides, as other posters have mentioned, a Dreamcast doesn't exactly look inconspicuous to me, especially if some person I don't recognise is carrying one around in my building.

    --
    WMBC freeform/independent online radio.
    1. Re:Yeah, right. by JBMcB · · Score: 3, Informative

      The Sega Broadband (Ethernet) adapter is, like most of the rest of the Dreamcast, an off the shelf ethernet chip on a PCI-to-Dreamcast bus adapter. In fact, a genius/loony in Japan made a whole Dreamcast->ISA adapter, as witnessed here.

      http://www.ma.nma.ne.jp/~ikehara/dc/dcne.html

      --
      My Other Computer Is A Data General Nova III.
  6. Real Risk by stoolpigeon · · Score: 5, Informative

    for those of you w/real reasons to be concerned- would be that if these guys have thought of this - who else already has something much better in a nice small, concealable package.

    And then think about how many businesses don't even come close to providing physical security to all the ports that connect to their network. Sure the computer room is locked- but how many cleaning people are in the offices at night? Usually if you worry about them at all- it would be that they steal, not leave something behind.

    I had to do some work once at a call center for a client of ours. A large credit card company.

    I pulled up to their building but it was this big glass box and I wasn't sure where the entrance was. I just walked around until I found a door. It was open and their were people standing around smoking. So I walked in. I was in the back by the break room.

    I wandered around in there for 10 minutes or so until I found the front desk. When I walked into the lobby from inside the building and asked for the guy I was supposed to meet she was pretty freaked out. They brought up security people and asked how I got in, etc.

    I hope my credit card company isn't that easy to get into. But I'd be surprised if its much more secure. I wouldn't be surprised it it is less secure.

    Something to think about.

    .

    --
    It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
  7. Re:how is this any different by greg_barton · · Score: 5, Informative

    Heck, just use an EPIA based system. Cheaper than a Dreamcast. Boot from a CF card. Fanless. Silent.

  8. More ways - AUI transceivers by ultima · · Score: 3, Informative

    A Sun IPX (or any lunchbox style) system with an AUI port and a modified transceiver is much better. I use one of these as a secure syslog; in particular because you can modify the transceiver so that while it is capable of receiving data, it is incapable of sending at a hardware level. There is no way, short of physical access, to detect the machine. It's great for packet sniffing and logging -- syslog using UDP is connectionless, and works well with read-only network connections. This is also better than modifying the ethernet cable, because these modified cables do not actually work properly (the transceiver with tx pins removed will keep a valid *empty* tx signal, whereas a modified cable usually just pumps the rx'd signal back to tx, confusing the equipment into maintaining a link).

    And if you can sneak in once, why not twice? Or better, equip the computer with a cell modem or amateur radio equipment (How many "wartalkers" look for that, eh?) , and dial in. No need for probes which may set off IDS systems, or outgoing packets (like ARP or DNS requests) that alert crackers to a computer's presence.

    I think you cut pins 3 and 10 (on the connector to the computer on the transceiver) but that's not certain.

  9. Re:Because of the footprint and cost... by topham · · Score: 3, Informative

    4-5 dreamcasts, without broadband adapters. And, currently a broadband adapter is going for anywhere from $60-130US there are cheaper things I could aquire to do this...

    Hell, I have such a device sitting behind me. Ethernet (10baseT) and small enough to hide almost anywhere. (About the size of a dimm.)

  10. Cheap? by zsazsa · · Score: 3, Informative

    From the article: Cyberpunks will be toting cheap game consoles on their utility belts this fall

    Yeah, the Dreamcast is dirt cheap. The "broadband adapter" needed to hook it up to an ethernet network? Quite pricey.

  11. Re:Permissive dhcp by kbroom · · Score: 2, Informative

    Even with no IP address given by dhcp, I think it would be possible to sniff traffic via ARP poisoning.
    You don't need an IP to send ethernet packets (which is where ARP lives).

  12. Re:how is this any different by Suppafly · · Score: 3, Informative

    cheap, except the broadband adapters still get something like $150 off ebay..

  13. Security research project addressing this issue by Ryu2 · · Score: 5, Informative

    Check out the SPINACH project at Stanford: http://mosquitonet.stanford.edu/publications/spina ch.html

    It's designed to precisely address this issue by limiting network access from hosts whose Hardware Ethernet addresses are unknown to the local subnet only (not past the router) until it is authenticated (by some password or other scheme). Thus, if you put a Dreamcast on a SPINACH network, it could only reach hosts on the immediate subnet, unless you spoofed the MAC address or something...

    --
    There's 10 types of people in this world, those who understand binary and those who don't.
  14. Here is a number for you to remember by bogie · · Score: 3, Informative

    1-800-97-Legal. Its the number for Jacoby & Meyers because your going to need them after your arrested for "leaving a little back door".

    For anyone else thinking about doing this, don't be stupid and please use a little common sense. If you do something like this and get caught you will not only pay a huge fine like $10-25k minimum, but could easily end up in jail.

    --
    If you wanna get rich, you know that payback is a bitch
  15. Re:how is this any different by Anonymous Coward · · Score: 2, Informative

    It breaks spec like a bitch, but I've done this, and it works. You crimp one plug on each end with just the orange and green pairs, and use the bleu and brown pairs for a second set of plugs. Yes, this breaks specs, but it will work for 100Mb/s networks for at least a few dozen feet.

  16. Re:DC cooling by Gizzmonic · · Score: 3, Informative
    dreamcast "GD-ROMs" are stock yamaha CD-ROMs with a firmware or bootstrap program that tells them to only read GDs (this is easily defeated however)

    On a related note, the Nintendo gamecube is a stock panasonic DVD mechanism. Sega and Nintendo can't afford to mass manufacture custom drives...hey, even Sony and Microsoft don't do that...

    --
    (-1, Raw and Uncut is the only way to read)
  17. Re:Java-based disposable ethernet board! by topham · · Score: 3, Informative

    Tools exist to program the machine in assembler as well.

  18. Re:how is this any different by plover · · Score: 3, Informative
    It can still get caught the same way. Our network monitors are watching for port scanners on the inside as well as the outside, and it wouldn't take them long to notice it.

    Of course, physically FINDING it once they've learned of its existence might be a bit trickier. But I assume the second step they'd take would be to shut down the port on the nearest switch. (The first step, of course, would be the location of a suitable scapegoat. Nobody does anything around here without some kind of CYA plan.)

    --
    John