Also guys don't forget that these devices are fully linux and other unix capable... I have apache and a hacked up debian running on my dream cast with no problems ... I think there is a ps2linux distro as well. With the new mod chips out I have already heard rumors of an Xbox based linux distro as well. These guys usually have the low down on the hardware "hacks" and that sort of stuff... http://www.lik-sang.com/catalog/default.php Heres a link to at least a few linux distros for the dream cast and ps2. http://linuxdevices.com/articles/AT7466555948.html ftp://ftp.m17n.org/pub/super-h/dreamcast/ ftp://ftp.m17n.org/pub/linux-sh/CD-R/ http://www.netbsd.org/Ports/dreamcast/ http://www.netbsd.org/Ports/playstation2/ The dreamcast is quite fun in gdb I certainly suggest trying this at home. You could hack out some hitachi sh3 shellcode or something if you are bored. =] enjoy! -KF On Tuesday, May 21, 2002, at 12:46 PM, Dom De Vitto wrote: > When the dreamcast came out Fydor added the OS detection sigs to nmap. > > So I guess at least a dreamcast doesn't have a built in firewall and > will respond in some way to uninitiated communications. > > (obviously, ideally they should only permit communication to/from > servers they have initiated some kind of connection to already) > > Dom > > -----Original Message----- > From: John_Leitchat_private [mailto:John_Leitchat_private] > Sent: Tuesday, May 21, 2002 9:23 AM > To: vuln-devat_private > Subject: Online Games Consoles and Security Implications > > > Hi. > A strange but interesting thread maybe....... > With the advent of online consoles such as the XBOX (microsofts own so I > guess security could be a little weak, my own thoughts BTW) and the PS2. > What issues are unleashed that could have or cause massive security > implications for the home user. For instance: XBOX / PS2 can be > connected to a home LAN for access or they could be directly connected > via the broadband connectors. I am sure there are no built in security > features for either platform. > Question: > Could the devices be used in anyway that could allow an attacker to > a) Crash said device > b) Use device as a lever to interact between network devices > c) Any other nefarious actions > > > Having not had the chance to PEN-TEST any of these as of yet I was > wondering what the online security groups thought of this. > FYI: The Microsoft XBOX HAS BEEN hacked via a modchip (modchip allows > playback of CDR DVDR and all region DVD flicks) The PS2 has had the same > mod issues as above (only it took longer than the 4 weeks to hack the > XBOX) Thanks /John Leitch >
This archive was generated by hypermail 2b30 : Tue May 21 2002 - 17:57:28 PDT