| ▲ | jlward4th 6 hours ago | |||||||
I recently discovered a similar concerning security issue with my KVM. In my case it was a pretty standard KVM for multiple machines to share a keyboard, mouse, and screen but also Ethernet. One day while looking at my home network I noticed the KVM had its own IP and was transferring GBs of data everyday. I quickly blocked it from my network. But having used it for a number of months I worried that with screen capture and access to all my input devices, someone could have gotten access to pretty much everything I use. I wasn’t able to figure out if any data was actually being sent off my network and I really didn’t want to put myself in any more risk so I just threw it in an electronics recycling bin. Pretty scary what a network connected KVM could maliciously do. | ||||||||
| ▲ | Renaud 5 hours ago | parent | next [-] | |||||||
Shame you threw it away. It would have been useful to collect the traffic with Wireshark and share that with info about the device in a post or a blog for others to investigate and be warned about that brand and model. | ||||||||
| ▲ | stragies 5 hours ago | parent | prev | next [-] | |||||||
Why did you not just login to the device, and switched off "Broadcast to multicast", or changed the destination address? Edit: Some brands of Network-KVM use this, so that you can control the target device from another device, like e.g. an App on a tablet. That way you don't have to stand next to the target device in the noisy and cold machine room | ||||||||
| ||||||||
| ▲ | CoastalCoder 5 hours ago | parent | prev [-] | |||||||
Is it possible for you to name the KVM model? It sounds like a potential risk is to the public. | ||||||||
| ||||||||