How do I set up a serial console on Debian Linux HP server for troubleshooting and login purpose?
To setup a serial console you need to edit the following files under Debian Linux: ![]()
Our Setup
You can list your working serial port under Linux as follows:
# setserial -g /dev/ttyS[0123] Sample outputs:
May 31, 2016 What I did to overcome this was to 'roll back' my driver to the 3.3.3.114 dated 2009. I did an internet search for this driver, downloaded the driver and installed the driver. I then switched the comm port I was plugging the Prolific USB Serial Adapter into, to the older driver, and everything worked fine again. Hope this helps.
/dev/ttyS0 (COM1) is detected and working serial console under Linux. For testing purpose, I’m going to set baud rate to 19200 and terminal type to vt100.
Grub Configuration (Grub2)
Edit /etc/default/grub, enter:
# vi /etc/default/grub Append / modify as follows:
Save and close the file. Next run the following command to generate a grub2 config file /boot/grub/grub.cfg :
# update-grub
A Note About Grub Legacy (older version)
If you are not using GRUB2 update /boot/grub/menu.lst (grub legacy) with kernel line as follows with console port, and baud rate:
Save and close the file.
/etc/inittab Configuration
Edit /etc/inittab, enter:
# vi /etc/inittab You need put a getty on a serial line for a terminal:
Save and close the file.
/etc/securetty Configuration
Edit /etc/securetty, enter:
# vi /etc/securetty Make sure UART serial ports /dev/ttyS0 is listed:
Save and close the file. Now, you can reboot the server for testing purpose.
How Do I Connect Using a Serial Console?
You need to use the minicom command, which is a communication program that runs under most unices. You can install minicom as follows on your Debian / Ubuntu desktop system:
# apt-get install minicom For rpm based distro such as RHEL / Fedora / CentOS Linux, enter: # yum install minicom Run minicom as follows to create a configuration file: # minicom -s -c on Press [down] key and select Serial port setup:
Alternatively, you can create minicom config DFL file as follows:
# cat /etc/minicom/minirc.dfl Save and close the file. To connect to a serial console simply type the minicom command as follows: # minicom Sample outputs: How Do I Connect From MS-Windows XP / 2000 / Vista / 7 Desktop System?
You can use the HyperTerminal or putty client as described here.
How Do I Connect To a Serial Console Over IP Network?
You need to use the KVM over IP client as described here or use the ipmitool command line tool for serial console redirection over IP (LAN/WAN). It is highly recommend that you access server over a serial console using some sort of VPN to encrypt all traffic.
Three different ways to intercept and modify serial data on ship networks. The serial data that controls steering, engine control and so much more on board ship…
How-to
Vessels typically have two distinct networks on board; one IP/ethernet network for business systems, crew mail & web browsing and a serial network for the operational technology (OT) systems, including steering, propulsion, ballast and navigation data, among many.
We’ve shown before how it’s relatively straightforward to compromise the business network through the satcom terminal if basic security controls aren’t in place. However, affecting the OT systems requires additional work.
We know serial network security well from our years of experience in utilities; some of our team used to run ICS security at UK power and water companies.
Serial datacomms usually follow RS232, RS422 or RS485. So long as you’re at the right point on the network, it’s usually trivial to intercept and tamper with the data, almost invariably invisible to the crew.
![]() Crossing the streams: bridging the networks
How do you get from the IP network to the serial network? You need to find bridging points where one network device deals with both IP and serial.
There are plenty on board: the ECDIS, Voyage Data Recorder, serial-IP convertors, synthetic radar, sometimes BNWAS, ocasionally the AIS transponder. There are often many more.
Here’s a serial interface inside an ECDIS case. It was simply a Windows PC. Windows XP, so trivial to exploit and take control of the serial COM ports after taking control from the IP network
In the video, we look at exploiting the serial to IP convertors.
Exploiting convertors
Moxa, Perle and other serial to IP convertors are used to send serial data over IP/ethernet networks cabling. This can reduce cabling cost and can also offer better signal strength compared to pure serial networks.
In the video we showed three issues:
Default convertor passwords
Serial to IP convertors usually have a web interface for configuration. The default credentials are usually admin/superuser, superusr/<blank> or admin/<blank> in the case of Perle and usually admin/moxa, admin/admin or admin/<blank> in the case of Moxa convertors. These are published by the manufacturers on their own web sites!
Once you’ve got the password, you can administrate the convertor. That means complete compromise and control of the serial data it is sending to the ships engine, steering gear, ballast pumps or whatever.
Exploitable convertors
There’s an interesting security flaw in some Moxa convertor firmware. An exploit is available in the Metasploit security exploit framework. The vulnerability is referenced as CVE-2016-9361 and allows the hacker to recover the admin password, EVEN IF IT HAS BEEN CHANGED!
Man in the Middle attacks, changing the ships direction
That’s what we show in the video demo. We take the GPS data stream and modify it once it’s on the serial network.
By ARP poisoning on the network, the serial traffic is routed through our attack laptop. We’re using ettercap for simplicity.
We simply inject a filter and modify the GPS location data being fed to the ECDIS.
This is an insidious hack as we aren’t injecting obvious gross errors.
If the ECDIS is in ‘track control’ mode whereby it directs the autopilot, then the hacker can fool it and cause the ship to change direction.
If the crew are alert, then they should pick it up and take control, but they are being presented with exactly the same tampered position data as the automated systems…
The data stream conforms to NMEA0183, which we’ve written about extensively.
Mitigating this attack
First, it’s critical that vessel networks are segregated. This applies to both the IP and serial networks. Serial networks are often overlooked as there are often different teams responsible for IT and OT networks.
My experience from utilities suggests that IT and OT network personnel often don’t work together closely, leading to misunderstandings and allowing security holes to creep in
Then, passwords for serial devices must be changed from default.
Many newer serial to IP convertors support SSH or similar traffic encryption, making MITM much more difficult. Enable and configure encrypted communications
![]()
Finally, serial device software must be kept up to date and patched against security flaws.
![]() Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |