[Gllug] Securing a standalone server on a casino floor.

Bruce Richardson itsbruce at workshy.org
Fri Apr 1 13:45:56 UTC 2011


On Fri, Apr 01, 2011 at 02:24:42PM +0100, tid wrote:
> I'm about to take on a short project securing a stand-alone server
> running an Linux/java-based gambling app driving one display
> on a casino floor  - I don't have many details about the app, but the
> client wants all physical access to the machine disabled. There
> will be two modes: "demo", and "live", which will be controlled by
> inserting a USB dongle, then removing it.
[snip]
>  - disable keyboard / mouse access on the mobo if possible
[snip]
>  - Can't disable the USB as the app requires it.

OK, so you're aware of the programmable USB device exploit? 

http://www.irongeek.com/i.php?page=security/plug-and-prey-malicious-usb-devices

-- 
Bruce

Vajazzle - giving new meaning to the phrase "I'll scratch your eyes
out".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20110401/75b0fdd6/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list