Wednesday, May 25, 2005

My server has a usb port on the front, should I be worried?

Recently at work we got a handful of new servers. In addition to all of the standard bells and whistles, and expected improvements in processing power, capacity and speed, these servers also had another new feature on their front panel - a USB port.

The intent of course is so that those Sys admins who carry around configuration files and other utils on usb keychain drives will be able to easily plug those drives in to update these servers.

Convenient as it might be, it really scares the crap out of me. Think for a minute about the following scenarios:

1. Someone plugs in a bootable usb drive and then hard-cycles the machine and manages to put a virus, spyware or other malware on the machine.

2. Someone plugs in a USB wireless adapter, and then has an accomplice connect to the server via wi-fi to steal information or put trojans on the machine

3. Someone walks in, plugs their digital music player into the server, downloads oodles of sensitive data, and then walks out, completely unsuspected.

While these might sound a bit far-fetched, but in reality why couldn't a saavy janitor pull something like this off?


Okolo said...

Hmm, if someone has physical access to the server, they can do a lot worse.


Yonah said...

Okolo, first, thanks for being the first to post a comment on my new blog. Secondly, you missed my point. I know that there are a million more things that someone can do with console access. Even if they don't have credentials, but having a usb port just adds more avenues for them. It also potentially enables me (or someone with physical access that I pay off) to do more damage with less action.