alt Hacker NewsI recently discovered a similar concerning security issue with my KVM. In my case it was a pretty standard KVM for multiple machines to share a keyboard, mouse, and screen but also Ethernet. One day while looking at my home network I noticed the KVM had its own IP and was transferring GBs of data everyday. I quickly blocked it from my network. But having used it for a number of months I worried that with screen capture and access to all my input devices, someone could have gotten access to pretty much everything I use. I wasn’t able to figure out if any data was actually being sent off my network and I really didn’t want to put myself in any more risk so I just threw it in an electronics recycling bin. Pretty scary what a network connected KVM could maliciously do.
Replies
Why did you not just login to the device, and switched off "Broadcast to multicast", or changed the destination address?
Edit: Some brands of Network-KVM use this, so that you can control the target device from another device, like e.g. an App on a tablet. That way you don't have to stand next to the target device in the noisy and cold machine room
Is it possible for you to name the KVM model?
It sounds like a potential risk is to the public.
Shame you threw it away. It would have been useful to collect the traffic with Wireshark and share that with info about the device in a post or a blog for others to investigate and be warned about that brand and model.