RE: Online Games Consoles and Security Implications

From: Vasisht Tadigotla (vasishtat_private)
Date: Tue May 21 2002 - 19:27:38 PDT

Next message: Jason Haar: "OT? Are chroots immune to buffer overflows?"

Previous message: Elan Hasson: "RE: Online Games Consoles and Security Implications"
In reply to: Steve Maks: "RE: Online Games Consoles and Security Implications"
Next in thread: Ryan Verner: "Re: Online Games Consoles and Security Implications"
Next in thread: hellNbak: "Re: Online Games Consoles and Security Implications"
Reply: Ryan Verner: "Re: Online Games Consoles and Security Implications"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If you could install Linux on an Xbox, which has a harddisk unlike
Dreamcast where you have to load the OS everytime you boot, you might have
a problem. In anycase Xbox is a kind of a PC anyway and would be
vulnerable to all kinds of exploits for the x86 arch that are floating
around. The Xbox Linux project is trying to port Linux to an Xbox but i
haven't checked back in some time, so it's just a matter of time before
people use their Xbox consoles as Linux machines.

vasisht


On Tue, 21 May 2002, Steve Maks wrote:

> I have yet to really look into the PS2 security, but, and I think we had a
> thread on this awhile back, the Dreamcast was vulnerable to some DoS attacks
> when hooked to a network via modem or broadband.  Off the top of my head, I
> remember it being vulnerable to the ping of death.  
> 
> I don't know that any "massive security implications" would be possible,
> worst case scenario someone crashes your PS2 during a gaming session.  Now
> when you think about people who are using PS2 Linux with a broadband
> connection you get into what could possibly be more problems.  I don't know
> that anyone has rooted a PS2, but it's not entirely impossible.  It would be
> interesting to hear from anyone with an Xbox if they have played around with
> network connectivity at all.  
> 
> Steve
> 
> -----Original Message-----
> From: John_Leitchat_private [mailto:John_Leitchat_private]
> Sent: Tuesday, May 21, 2002 3:23 AM
> To: vuln-devat_private
> Subject: Online Games Consoles and Security Implications
> 
> 
> Hi.
> A strange but interesting thread maybe.......
> With the advent of online consoles such as the XBOX (microsofts own so I
> guess security could be a little weak, my own thoughts BTW) and the PS2.
> What issues are unleashed that could have or cause massive security
> implications for the home user.
> For instance:
> XBOX / PS2 can be connected to a home LAN for access or they could be
> directly connected via the broadband connectors.  I am sure there are no
> built in security features for either platform.
> Question:
> Could the devices be used in anyway that could allow an attacker to 
> a)	Crash said device
> b)	Use device as a lever to interact between network devices
> c)	Any other nefarious actions
> 
> 
> Having not had the chance to PEN-TEST any of these as of yet I was wondering
> what the online security groups thought of this.
> FYI:  The Microsoft XBOX HAS BEEN hacked via a modchip (modchip allows
> playback of CDR DVDR and all region DVD flicks)
> The PS2 has had the same mod issues as above (only it took longer than the 4
> weeks to hack the XBOX)
> Thanks
> /John Leitch
>

Next message: Jason Haar: "OT? Are chroots immune to buffer overflows?"
Previous message: Elan Hasson: "RE: Online Games Consoles and Security Implications"
In reply to: Steve Maks: "RE: Online Games Consoles and Security Implications"
Next in thread: Ryan Verner: "Re: Online Games Consoles and Security Implications"
Next in thread: hellNbak: "Re: Online Games Consoles and Security Implications"
Reply: Ryan Verner: "Re: Online Games Consoles and Security Implications"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 21 2002 - 22:28:48 PDT