Dell E-Port Plus- Manuals

Dell E-Port Plus– User Manual in PDF format online.

Manuals:

User Manual

User Manual Dell E-Port Plus

Summary

Page 2 - Contents

NCC Group | Page 2 © Copyright 2013 NCC Group Contents 1 List of Figures and Tables .......................................................................................................... 4 2 Introduction ...............................................................................................

NCC Group | Page 3 © Copyright 2013 NCC Group 10.6.1 Weight ......................................................................................................................... 23 10.6.2 Heat ..........................................................................................................

Page 4 - List of Figures and Tables

NCC Group | Page 4 © Copyright 2013 NCC Group 1 List of Figures and Tables Figure 1: Dell PR02X dock ………………………………………………………………………………. 5 Figure 2: Dell PR02X dock rear …………………………………………………………………………. 6 Figure 3: Dell PR02X dock front ………………………………………………………………………… 7 Figure 4: Dock teardown #1 ………………………………...

Page 5 - Introduction; , but not necessarily to secure the dock. This; in the; Previous Research

NCC Group | Page 5 © Copyright 2013 NCC Group 2 Introduction Laptop docking stations are widely used in organisations, often in hot-desking environments. They provide a neat connectivity solution for workers who are semi-mobile and therefore use laptops rather than desktop PCs. However, laptop docks...

Page 6 - How does a docking station work?

NCC Group | Page 6 © Copyright 2013 NCC Group 3 How does a docking station work? Essentially, the main function of a docking station is to extend the ports available on a laptop, via a proprietary connector, which is usually on the laptop's base to the rear of the docking station. There are specific...

Page 9 - plate

NCC Group | Page 9 © Copyright 2013 NCC Group Dock Teardown: 1. Front of the device 2. Back of the device 3. Remove all visible cross-head screws on the base and rear. Then using a flat-blade screwdriver prise open the base carefully all the way around - the base will then just lift off 4. Remove th...

Page 10 - Useful properties of laptop docking stations for an attacker; after

NCC Group | Page 10 © Copyright 2013 NCC Group The primary integrated circuits are highlighted in the picture above; they are:  Red - SMSC LPC47N237 [6] - 3.3V I/O Controller for Port Replicators and Docking Stations  Yellow - SN75DP122A [7] - DisplayPort 1:2 Switch with Integrated TMDS Translator...

Page 11 - What would a hardware implant do?; Capture data from connected laptop via interfaces; Network tapping

NCC Group | Page 11 © Copyright 2013 NCC Group 5 What would a hardware implant do? There are a number of attacks that could be performed from a docking station; these are each described in this section, but at a high level the requirements for a hardware implant in this scenario are as follows: • Ca...

Page 13 - Active network attack

NCC Group | Page 13 © Copyright 2013 NCC Group Figure 15: Ethernet pin locations Figure 16: Module pin-outs The connected Ethernet tap is shown in Figure 17 and the two Cat 5 Ethernet connectors on the other end of the tap are shown in Figure 18. Note the presence of the two capacitors (red circles)...

Page 14 - Passive video monitoring; . Figure 19 shows the different connectors on the VideoGhost:

NCC Group | Page 14 © Copyright 2013 NCC Group From an implant perspective, the hardware modification required would be more complex, as a hub would need to be inserted between the current Ethernet connections on the docking station PCB and the RJ-45 Ethernet socket so that it was situated between t...

Page 15 - ). The reason it would be easier is that; Keystroke insertion; . Although this could be accomplished via either

NCC Group | Page 15 © Copyright 2013 NCC Group Figure 20: VGA connector pins Figure 21: VGA connector hidden behind a cage of pins 5.4 USB / PS/2 keyboard monitoring Hardware key-loggers have been around for many years now and are clearly useful for obtaining passwords and other sensitive data. This...

Page 16 - Audio monitoring; Webcam monitoring

NCC Group | Page 16 © Copyright 2013 NCC Group 5.6 Audio monitoring If the target user has a headset with an attached boom microphone (which uses the audio mini-jack sockets) then this audio could easily be recorded, stored and forwarded, in addition to any audio that the user was listening to on th...

Page 18 - Control Platform; running Linux and connected to a 3G/HSPA modem, as shown in Figure

NCC Group | Page 18 © Copyright 2013 NCC Group 6 Control Platform At the heart of the implant there needs to be some kind of control system that takes inputs from each of the taps, processes the data where required and forwards it to the attacker via an out-of-band network. The NCC Group hardware-ba...

Page 19 - USB sound card and Ethernet adapter; “Store and forward” or “Remotely initiated full control”.

NCC Group | Page 19 © Copyright 2013 NCC Group The device measures 86mm x 56mm x 21mm and weighs only 45g. It is based on an ARM 11 processor and runs Linux. 6.1.2 USB sound card and Ethernet adapter A USB sound card (Figure 31) is required, as the Raspberry Pi doesn’t have an analogue audio input. ...

Page 20 - need to be employed to ensure that; Physical space available within the docking station; Power considerations

NCC Group | Page 20 © Copyright 2013 NCC Group 6.2.2 Remotely initiated full control Purely from a control perspective this is the most preferable, as full control of the implant can be gained by the attacker at any time. The modem needs to be configured as "auto-answer" and therefore, appro...

Page 21 - We know that V; = 5V. If we assume that R2 = 1K then we can calculate R1 using; calculated as follows:; Putting it all together

NCC Group | Page 21 © Copyright 2013 NCC Group A simple voltage divider circuit (Figure 36) is required to reduce the voltage from +19.5V to +5V Figure 36: Simple voltage divider circuit We know that V in = 19.5V and V out = 5V. If we assume that R2 = 1K then we can calculate R1 using the following ...

Page 22 - 0 Detecting docking station-based hardware implants; Passive network tapping; A number of ways have been proposed; Keystroke insertion; A simple USB monitoring tool; Audio monitoring

NCC Group | Page 22 © Copyright 2013 NCC Group 10 Detecting docking station-based hardware implants Just as important as understanding how a hardware implant would be constructed is understanding how one would be detected. This section therefore, discusses approaches for detecting each proposed inte...

Page 23 - Other techniques; A new

NCC Group | Page 23 © Copyright 2013 NCC Group 10.6 Other techniques There are some other more general techniques that could be used to identify that a hardware implant existed within a docking station. 10.6.1 Weight A new “known-good” (implant free) docking station could be accurately weighed and t...

Page 25 - 1 Attack mitigation; Active network connection; Ensure that all sensitive network data is encrypted; Physical security

NCC Group | Page 25 © Copyright 2013 NCC Group 11 Attack mitigation Another defensive layer is mitigation techniques to prevent implants either being installed in the first place or to prevent them working when they are installed. 11.1 Active network connection Recommendation: Only allow one MAC add...

Page 26 - 2 Conclusion

NCC Group | Page 26 © Copyright 2013 NCC Group 12 Conclusion Laptop docking stations are widely used and trusted devices, which provide extensive access to potentially sensitive data. Their anonymity, accessibility and lack of physical protection within an organisation can easily result in them bein...

Page 27 - 3 References & further reading

NCC Group | Page 27 © Copyright 2013 NCC Group 13 References & further reading 1. http://en.wikipedia.org/wiki/Kensington_Security_Slot 2. http://support.dell.com/support/edocs/acc/eapr/en/ 3. http://www.zdnet.com/inside-the-biggest-bank-raid-that-never-was-3039191956/ 4. http://en.wikipedia.org...