Date   : Sun, 13 Nov 2011 13:12:48 +0000
From   : robert@... (Rob)
Subject: Security Project - Update 1

On 13 November 2011 12:49, Martyn Ruks <Martyn.Ruks@...>
wrote:
> I have approached the subject from where my strength lies in network security 
and so started looking at the login process. I have now written some python
code that will talk to a Level 2 FileStore using the UDP/IP transport as
that works well with BeebEm.

Looks like fun.   I should point out, however, that Level 2, and the
entire "BBC Micro" range never actually supported access via Ethernet;
the translation in BeebEm is a bit of a hack to make a UDP network
look like an econet (which is completely different physically,
electrically and protocol-wise) network!  I don't see how it could
introduce any security vulnerabilities in the examples shown, but if
you start poking about with messed up timings, badly formatted
packets, etc., then all you'll be poking holes in is BeebEm :-)

I know you'd prefer to work via emulators, but something like an old
A5000 with an Ethernet card, running Level 4, would be easy to drop
into a modern network without disrupting anything, and would give you
a more realistic target :-)

Best wishes - look forward to reading more about this!

Rob