Slashdot Mirror

← Back to Stories (view on slashdot.org)

Misusing Ethernet To Kill Computer Infrastructure Dead

Posted by timothy on from the might-want-to-pull-out-some-of-these-cables-frank dept.

Some attacks on computers and networks are subtle; think Stuxnet. An anonymous reader writes with a report at Net Security of researcher Grigorios Fragkos's much more direct approach to compromising a network: zap the hardware from an unattended ethernet port with a jolt of electricity. Fragkos, noticing that many networks include links to scattered and unattended ethernet ports, started wondering whether those ports could be used to disrupt the active parts of the network. Turns out they can, and not just the ports they connect to directly: with some experimentation, he came up with a easily carried network zapping device powerful enough to send a spark to other attached devices, too, but not so powerful -- at least in his testing -- to set the building on fire. As he explains: I set up a network switch, and over a 5 meters Ethernet cable I connected an old working laptop. Over a 3 meters cable I connected a network HDD and over a 100 meters cable I connected my “deathray” device. I decided to switch on the device and apply current for exactly 2 seconds. The result was scary and interesting as well. The network switch was burned instantly with a little “tsaf” noise. There was also a buzzing noise coming from the devices plugged-in to the network switch, for a less than a second. There was a tiny flash from the network HDD and the laptop stopped working. It is not the cheapest thing in the world to test this, as it took all of my old hardware I had in my attic to run these experiments. I believe the threat from such a high-voltage attack against a computer infrastructure is real and should be dealt with.

3 of 303 comments (clear)

  1. How many volts and milliamps did you hit it with? by RHenningsgard · · Score: 4, Interesting

    A few years ago, I helped design and build a production-line test system for RJ-45 jacks, and the test spec required us to "HIPOT" test by applying 2,250 volts to the network connections with the shell grounded, verifying that there was no appreciable current leaked to ground. I assume from your description that you applied a fairly high current across the signal lines, which would certainly burn out the windings on the RJ-45 jack isolation transformer was at the other end of that specific cable. How you got the damage to propagate beyond a single RJ-45 termination is something of a mystery to me.

  2. Re:Hammer Attack by sinij · · Score: 5, Interesting

    Actually, in all seriousness, I had to do this 'hammer attack' in the past as part of FIPS 140 physical security mechanisms testing. Was a hardened case with interlocking plates, and after 30 minutes of banging on it I only succeeded denting it. I had to write in the report that I needed a bigger hammer. No kidding.

  3. Re:Simon Travaglia would be proud by RenderSeven · · Score: 4, Interesting

    I made one in '81 long before I heard of BOFH and way before Ethernet. Our network was serial with some ARCNET and made a mains cable for each as a joke, back when bosses generally had a sense of humor.