I have yet to really look into the PS2 security, but, and I think we had a thread on this awhile back, the Dreamcast was vulnerable to some DoS attacks when hooked to a network via modem or broadband. Off the top of my head, I remember it being vulnerable to the ping of death. I don't know that any "massive security implications" would be possible, worst case scenario someone crashes your PS2 during a gaming session. Now when you think about people who are using PS2 Linux with a broadband connection you get into what could possibly be more problems. I don't know that anyone has rooted a PS2, but it's not entirely impossible. It would be interesting to hear from anyone with an Xbox if they have played around with network connectivity at all. Steve -----Original Message----- From: John_Leitchat_private [mailto:John_Leitchat_private] Sent: Tuesday, May 21, 2002 3:23 AM To: vuln-devat_private Subject: Online Games Consoles and Security Implications Hi. A strange but interesting thread maybe....... With the advent of online consoles such as the XBOX (microsofts own so I guess security could be a little weak, my own thoughts BTW) and the PS2. What issues are unleashed that could have or cause massive security implications for the home user. For instance: XBOX / PS2 can be connected to a home LAN for access or they could be directly connected via the broadband connectors. I am sure there are no built in security features for either platform. Question: Could the devices be used in anyway that could allow an attacker to a) Crash said device b) Use device as a lever to interact between network devices c) Any other nefarious actions Having not had the chance to PEN-TEST any of these as of yet I was wondering what the online security groups thought of this. FYI: The Microsoft XBOX HAS BEEN hacked via a modchip (modchip allows playback of CDR DVDR and all region DVD flicks) The PS2 has had the same mod issues as above (only it took longer than the 4 weeks to hack the XBOX) Thanks /John Leitch
This archive was generated by hypermail 2b30 : Tue May 21 2002 - 15:51:55 PDT