Get a virus through the serial port.

  • Thread starter Thread starter Control Freq
  • Start date Start date
C

Control Freq

Hi,
Is it possible for my PC to get a virus thrugh the serial port?
I have an industrial computer directly connected to another PC through
a serial port. This industrial PC ONLY connects to this other PC
through the serial port, although the PC itself is connected to the
corporate network, and ultimately to the internet.

I have been advised that the industrial PC should have some antivirus
software installed due to this serial port connecton.

What do the list think about this? Is it possible to get a virus
through the serial port?
Both computers are running XP. The programs which communicate over
serial are custom applications developed by me.

It has already been suggested that the industrial PC has USB ports so
it is possible to get a virus onto the industrial PC through that, so
that initself would warrant installing antivirus software, but I was
more interested in the possibilities of how a virus would get through
the serial port.

Thanks for looking.

Regards
 
From: "Control Freq" <[email protected]>

| Hi,
| Is it possible for my PC to get a virus thrugh the serial port?
| I have an industrial computer directly connected to another PC through
| a serial port. This industrial PC ONLY connects to this other PC
| through the serial port, although the PC itself is connected to the
| corporate network, and ultimately to the internet.

| I have been advised that the industrial PC should have some antivirus
| software installed due to this serial port connecton.

| What do the list think about this? Is it possible to get a virus
| through the serial port?
| Both computers are running XP. The programs which communicate over
| serial are custom applications developed by me.

| It has already been suggested that the industrial PC has USB ports so
| it is possible to get a virus onto the industrial PC through that, so
| that initself would warrant installing antivirus software, but I was
| more interested in the possibilities of how a virus would get through
| the serial port.

| Thanks for looking.

| Regards


It all depends upon what protocols are used on the serial port. If it uses TCP/IP - yes.
A virus could spread over the serial port.
 
Control Freq said:
Hi,
Is it possible for my PC to get a virus thrugh the serial port?
I have an industrial computer directly connected to another PC through
a serial port. This industrial PC ONLY connects to this other PC
through the serial port, although the PC itself is connected to the
corporate network, and ultimately to the internet.

I have been advised that the industrial PC should have some antivirus
software installed due to this serial port connecton.

What do the list think about this? Is it possible to get a virus
through the serial port?
Both computers are running XP. The programs which communicate over
serial are custom applications developed by me.

It has already been suggested that the industrial PC has USB ports so
it is possible to get a virus onto the industrial PC through that, so
that initself would warrant installing antivirus software, but I was
more interested in the possibilities of how a virus would get through
the serial port.

Thanks for looking.

Regards
Click to expand...


As best as I know it.

The way you get a virus is the transfer of data, if that data is infected
with a virus, the data/virus cares not whether it is transferred by USB,
DB9, DB25, modem or network interface it is simply transferred.
(and what protocols are open on those ports)

If your only communication between the PC's is the serial connection and the
other PC is connected to the Internet, then I would feel pretty secure if
the PC connected to the Internet had a good anti-virus program on it, and
since that is the only point of entry then if your first PC is scanned to be
virus free then the second PC should be pretty safe.

I would be concerned about a firewall and all the security updates from
Microsoft, on both PC's.

If you still feel the need to put an anti-virus program on the industrial PC
think, how will you update the virus definitions? USB drive etc, because if
your definitions are not up to date, the anti-virus program becomes outdated
and ineffective.

Clark
 
Control said:
Is it possible for my PC to get a virus thrugh the serial port?
I have an industrial computer directly connected to another PC
through a serial port.
Click to expand...

If the 2 PC's are talking to each other or transfering data with a
custom program running on both computers, then no, your industrial
computer is not at risk to get a virus.

Even if the other networked PC gets a virus, the virus would have no
indication of the existance of the industrial computer connected to it
via the serial port.
I have been advised that the industrial PC should have some
antivirus software installed due to this serial port connecton.
Click to expand...

That's the typical, knee-jerk reaction by most tech's - put AV and
firewall software on EVERYTHING, even the toaster.

It's an indication that they don't really understand the topology of
your network.
What do the list think about this? Is it possible to get a virus
through the serial port?
Click to expand...

If you were using the serial port as a replacement for a network card,
and if you were running a TCP/IP or NetBeui protocal driver over the
serial port (does such a thing even exist?) and if you were sharing
specific drives or directories via that connection (or if you did not
patch certain known vulnerabilities) then yes, some network worms can
make it through, but I doubt they'd do much dammage.

For example, do you read e-mail or surf the web on this industrial
computer? If the answer is no to both questions, then you really
really don't need to run AV software on it.
Both computers are running XP. The programs which communicate
over serial are custom applications developed by me.
Click to expand...

The you have nothing to worry about. Viruses, trojans and worms
require a network path from one computer to another to replicate. The
serial port connection will not serve as a viable path for malware in
your case.
It has already been suggested that the industrial PC has USB
ports so it is possible to get a virus onto the industrial PC
through that,
Click to expand...

If nothing is connected to the USB ports, then you can't get a virus
through them. If you connect some form of removable storage media to
the USB ports (like a flash drive, portable hard drive, etc) then yes,
you can get a virus from the portable media device. Or if you connect
a USB-ethernet network card.

Sounds to me like you don't need AV software on that machine.
 
If the 2 PC's are talking to each other or transfering data with a
custom program running on both computers, then no, your industrial
computer is not at risk to get a virus.

Even if the other networked PC gets a virus, the virus would have no
indication of the existance of the industrial computer connected to it
via the serial port.


That's the typical, knee-jerk reaction by most tech's - put AV and
firewall software on EVERYTHING, even the toaster.

It's an indication that they don't really understand the topology of
your network.


If you were using the serial port as a replacement for a network card,
and if you were running a TCP/IP or NetBeui protocal driver over the
serial port (does such a thing even exist?) and if you were sharing
specific drives or directories via that connection (or if you did not
patch certain known vulnerabilities) then yes, some network worms can
make it through, but I doubt they'd do much dammage.

For example, do you read e-mail or surf the web on this industrial
computer? If the answer is no to both questions, then you really
really don't need to run AV software on it.


The you have nothing to worry about. Viruses, trojans and worms
require a network path from one computer to another to replicate. The
serial port connection will not serve as a viable path for malware in
your case.


If nothing is connected to the USB ports, then you can't get a virus
through them. If you connect some form of removable storage media to
the USB ports (like a flash drive, portable hard drive, etc) then yes,
you can get a virus from the portable media device. Or if you connect
a USB-ethernet network card.

Sounds to me like you don't need AV software on that machine.
Click to expand...


Thanks for all your valuable input guys. My client is showing the
typical 'knee jerk' reaction. But, to be fair, that is there job. My
application is using a custom app to communicate between PCs, it is
not using any form of TCP/IP protocol. I believe that if a virus were
to get onto the industrial PC (via a USB port for example) then it
could not propergate down the serial line. However, it could affect
the normal operations of the program running on the industrial PC to
an extent that the data being passed between the two computers could
be corrupted. This could cause a problem to the other server
application running on the server.

Maybe if I disabled any other form of entry, such as disabling the USB
ports, then my client might agree to not having any AV software
installed on the industrial PC.
However, this gives me a probem with doing software updates to our
custom application!

Thanks guys.
 
Control said:
Thanks for all your valuable input guys. My client is showing the
typical 'knee jerk' reaction. But, to be fair, that is there job.

Maybe if I disabled any other form of entry, such as disabling the
USB ports, then my client might agree to not having any AV
software installed on the industrial PC.
Click to expand...

Why is so much attention being paid to the USB ports?

Is some device or connection being made to them?

Do they not trust the people that work with the computer to not monkey
with them and insert their own USB devices into the computer?

There are a few things you can do to secure the USB ports:

1) install the computer into an enclosure that physically covers the
USB ports, or fabricate a tamper-proof cover for them.

2) if the USB ports are connected to the motherboard via an internal
cables, then simply unplug the cables.

3) From windows, go to the device manager and un-install (or
deactivate) the USB controller (remove it, or remove the USB root
hub).

I assume that the computer has no floppy or CD-rom drive, given that
you are paying so much attention to the USB ports as possible malware
intrusion entry points.

If they insist that AV software be installed on this industrial
computer, you need to convey to them the idea that the virus
definition files will not be easily (or automatically) be updated
unless the computer has a constant, live connection to the internet,
and it would be silly to give this computer an internet connection
just for that purpose since it would also give the computer it's only
realistic (and significant) entry point for malware.

The presence of AV software on an industrial PC can bring other
problems relating to real-time operation. Presumably the PC is
performing some sort of industrial monitoring or control function, and
such functions are dependent on real-time processes. AV software can
interfere with the real-time functionality of such a system when it
performs it's virus scans, and it might even falsely quarantine a
critical file or otherwise screw up and render the system inoperable
for the task it's supposed to perform.
 
Back
Top