I'm working on a project where we need to receive data from a remote sensor via an Iridium modem. If you don't know, Iridium is a satellite system - basically a cellphone on steroids. This data has to be published to the rest of the research team.
So no problem - I hook up an external serial port dialup modem to my desktop (running Fedora Core 5) and write a program to grab the data off the serial port and write it to a file. Then wrote a CGI script to serve up that file on a simple web page - both the raw binary file, and a parsed version complete with a google map of the position as reported by the GPS receiver in the sensor package!
The modem is configured via kermit, and the program that receives the data reads it a byte at a time out of the serial port and writes it to a file. Never looks at it, and again - a byte at a time, so no possibility of a buffer overflow. PPP is not even installed on the machine. Kermit and the receive program are running as root at the moment - that will change soon.
So - this a.m. I get a broadcast email from our IT folks warning that any network equipment "including wireless access points and modems" must be approved by corporate IT. So, I dutifully ask what I need to do to get my modem approved. Well, as I hear it, they're still unscrewing the director of IT security from the ceiling back at HQ :Q And by the way, I'm not supposed to be running a web server either
So ... needless to say, the modem is unplugged at the moment. But, given the configuration I've described, is it really a risk? You can't establish any sort of terminal connection with it - if you dialed it up, my system would just log everything you sent across. If there is a risk, how can I fix it?
So no problem - I hook up an external serial port dialup modem to my desktop (running Fedora Core 5) and write a program to grab the data off the serial port and write it to a file. Then wrote a CGI script to serve up that file on a simple web page - both the raw binary file, and a parsed version complete with a google map of the position as reported by the GPS receiver in the sensor package!
The modem is configured via kermit, and the program that receives the data reads it a byte at a time out of the serial port and writes it to a file. Never looks at it, and again - a byte at a time, so no possibility of a buffer overflow. PPP is not even installed on the machine. Kermit and the receive program are running as root at the moment - that will change soon.
So - this a.m. I get a broadcast email from our IT folks warning that any network equipment "including wireless access points and modems" must be approved by corporate IT. So, I dutifully ask what I need to do to get my modem approved. Well, as I hear it, they're still unscrewing the director of IT security from the ceiling back at HQ :Q And by the way, I'm not supposed to be running a web server either
So ... needless to say, the modem is unplugged at the moment. But, given the configuration I've described, is it really a risk? You can't establish any sort of terminal connection with it - if you dialed it up, my system would just log everything you sent across. If there is a risk, how can I fix it?