Attack Of The Dreamcasts

kevin_conaway writes "A pair of coders are now suggesting that it is possible, with a modified dreamcast system running Linux to sneek into an office building and stick it on a network drop and leave. The dreamcast will then probe for ways to connect to the outside world. They say they have created similar software for iPAQs and a special bootable cdroms for print servers and similar boxes. Just a reminder that are networks need to be as secure on the inside as they should be on the outside. Get the story here."

how is this any different

[Dopefish_1]

from sneaking in and connecting a laptop to the network? I mean, wouldn't a Dreamcast plugged into the company network be a bit more suspicious than a computer?

Re:how is this any different

[greg_barton]

Heck, just use an EPIA based system. Cheaper than a Dreamcast. Boot from a CF card. Fanless. Silent.

Re:how is this any different

[digitalsushi]

no, no. you dont wanna just sneak a laptop into a network... sneak it into another computer! If i wanted to mess another netadmin up... i could hide a smaller, fanless computer inside a larger computer. Then I'd figure some clever way to conceal the ethernet cable i just tapped. :) Come on, it would take half of you at least an hour to figure that one out.

How is that going to work?

[Kith_Me]

Someone strolls into the office, notices a dreambox in the corner... and they say "Hmmm, that is normal, I'll just ignore that"... hehe

More likely that they would say "Cool, lets see what game is in it!"

Re:How is that going to work?

[jayhawk88]

"Hey Bob?"
"Yeah Mike?"
"There's something wrong with your Dreamcast, I can't get it to boot up Soul Calibur."
"My Dreamcast? What Dreamcast?"
"Your Dreamcast...you know, the one you had plugged into the 2nd floor comms closet?"
"That's not my Dreamcast. Did you ask Dave?"
"Yeah, both he and Shirley say they've never seen it before."
"And you say it won't play Soul Calibur? Did you try booting it with no disc?"
"Yeah, it comes up with some weird black screen and says it's beginning port scan, or some such nonsense like that."
"Huh, I wonder what made it do that?"
"Who knows. Oh well, guess I'll go plug it back into the router that it was plugged into."

Ok. Reality check folks.

[carlcmc]

IF ... someone can get in undetected and hook up a dreamcast in a few minutes, your security has already been breached. If your company has something it doesn't want people to access without authorization on the computer, they should have at least the same security focus for the building.

With that in mind, when was the last time you walked into your company in non-work clothes, you knew where you were going, and walked confidently there and no one stopped and questioned you? I wear a name tag and go there every day, but in my shorts and tshirt with no name tag, I'm never stopped. I think thats the way it is in many places.

Yeah, right.

[autechre]

"availability of an Ethernet adaptor"?

You almost have to kill someone to get a network adaptor for the Dreamcast. I'm not even sure they're being manufactured anymore (I wouldn't think so), but there are a few on eBay; the cheapest one is $60.

Besides, as other posters have mentioned, a Dreamcast doesn't exactly look inconspicuous to me, especially if some person I don't recognise is carrying one around in my building.

Real Risk

[stoolpigeon]

for those of you w/real reasons to be concerned- would be that if these guys have thought of this - who else already has something much better in a nice small, concealable package.

And then think about how many businesses don't even come close to providing physical security to all the ports that connect to their network. Sure the computer room is locked- but how many cleaning people are in the offices at night? Usually if you worry about them at all- it would be that they steal, not leave something behind.

I had to do some work once at a call center for a client of ours. A large credit card company.

I pulled up to their building but it was this big glass box and I wasn't sure where the entrance was. I just walked around until I found a door. It was open and their were people standing around smoking. So I walked in. I was in the back by the break room.

I wandered around in there for 10 minutes or so until I found the front desk. When I walked into the lobby from inside the building and asked for the guy I was supposed to meet she was pretty freaked out. They brought up security people and asked how I got in, etc.

I hope my credit card company isn't that easy to get into. But I'd be surprised if its much more secure. I wouldn't be surprised it it is less secure.

Something to think about.

.

So the commercials were right...

[Cutriss]

All those girl ninjas running around stealthily tucking Dreamcasts under their arms - They weren't trying to steal them. They were trying to deploy them!

Now I understand the tagline... It's thinking...

Did it.

[Skyshadow]

Back when I was in high school (1994 or '95), we put together a small 386 -- no case, no nothin' -- with a NIC and stashed it above the library computer lab. This was pretty much just to see if we could, which as I think about it seems like the reasoning behind most of what I did in high school. Well, at least the things I did in high school that didn't involve girls.

We used it to run a dump of all the packets on the network and get pretty much all the passwords used by anyone. We printed out a copy and sent it to the bozo they had in charge of IT, and he called in a mess of expensive consultants to reload everything on the network.

Of course, they didn't fix the basic problem or find our little friend. For all I know it's still running up above the 'ol drop ceiling -- we were to chicken to try and retrieve it. Of course, this was a private school, so the real joke was on us (the clue -- consultants were being paid for by our own stupid selves).

I'm sure a few people mentioned it, but...

[glwtta]

yeah, if you have random people entering your building unsupervised and plugging things into the network, you just might have a security problem, Dreamcast or no Dreamcast.

I would think much in the same way, a Dreamcast running linux can be used to seriously injure a person, but sneaking up on them and hitting them over the head with it, repeatedly. Of course that's not newsworthy, unless it's a Dreamcast running linux.

Wouldn't it be cheaper and just as effective

[pete-classic]

to just burn a CDR that boots Linux and does all the same stuff on a PC with any of the top X ethernet cards? Set it up to stubbornly ignore all keyboard input and never display anything on the screen. Write "coaster" on it with a black magic marker, drop it in some currently unused PC and hit power/reset and haul ass. Do it at 4:50 PM on a Friday and you'll probably have to 9:00 AM on monday to own some other box on a more permanent basis.

Hell, you might be able to modify a tomsrtbt to do this and wipe (or dd if=/dev/zero of=/dev/fd0; dd if=/dev/urandom of=/dev/fd0) the diskette once the ramdisk is loaded.

IOW, this whole thing strikes me as more of a "stunt" than a "hack."

-Peter

Security research project addressing this issue

[Ryu2]

Check out the SPINACH project at Stanford: http://mosquitonet.stanford.edu/publications/spina ch.html

It's designed to precisely address this issue by limiting network access from hosts whose Hardware Ethernet addresses are unknown to the local subnet only (not past the router) until it is authenticated (by some password or other scheme). Thus, if you put a Dreamcast on a SPINACH network, it could only reach hosts on the immediate subnet, unless you spoofed the MAC address or something...