When the dreamcast came out Fydor added the OS detection sigs to nmap. So I guess at least a dreamcast doesn't have a built in firewall and will respond in some way to uninitiated communications. (obviously, ideally they should only permit communication to/from servers they have initiated some kind of connection to already) Dom -----Original Message----- From: John_Leitchat_private [mailto:John_Leitchat_private] Sent: Tuesday, May 21, 2002 9:23 AM To: vuln-devat_private Subject: Online Games Consoles and Security Implications Hi. A strange but interesting thread maybe....... With the advent of online consoles such as the XBOX (microsofts own so I guess security could be a little weak, my own thoughts BTW) and the PS2. What issues are unleashed that could have or cause massive security implications for the home user. For instance: XBOX / PS2 can be connected to a home LAN for access or they could be directly connected via the broadband connectors. I am sure there are no built in security features for either platform. Question: Could the devices be used in anyway that could allow an attacker to a) Crash said device b) Use device as a lever to interact between network devices c) Any other nefarious actions Having not had the chance to PEN-TEST any of these as of yet I was wondering what the online security groups thought of this. FYI: The Microsoft XBOX HAS BEEN hacked via a modchip (modchip allows playback of CDR DVDR and all region DVD flicks) The PS2 has had the same mod issues as above (only it took longer than the 4 weeks to hack the XBOX) Thanks /John Leitch
This archive was generated by hypermail 2b30 : Tue May 21 2002 - 15:38:23 PDT