System information

ManualsBrandsBelkin ManualsData Input DevicesF1DN108C

1

2

3

4

5

6

7

8

9

Can an intrusion detection system

(IDS) or an anti-virus software

detect an attack on KVMs?

No. The attacks on KVMs are targeted and

very particular, the code used in such attacks

is written by professionals with specic

intentions, taking advantage of KVM and or

peripheral device vulnerabilities. In the case

of a targeted attack(s) that use Zero Day

Vulnerabilities, IDSs and anti-virus software

are not efcient to protect the network.

What are the signs that your

KVM has been tampered with?

1. The KVM did not arrive in its original

secure packaging. If you are not sure how

the packaging of the KVM is supposed to

look, please contact Belkin support and

request an image.

2. The holographic labels show signs of an

external tampering attempt.

3. The screws show signs that they have

been opened or replaced.

4. The LEDs of the KVM ash continuously

indicating that the KVM has been

physically tampered with.

What should you do if you think that

the Belkin Secure KVM that you

purchased, has been tampered with?

1. Stop using the Belkin Secure KVM

immediately.

2. Contact your Information Security Ofcer.

3. Contact Belkin Support as soon as possible.

Please note that Belkin Secure KVM cannot

be upgraded, serviced, or xed.

What should I do if I discover a

security vulnerability in the

Belkin Secure KVM?

If you are aware of potential security vulnerability

while installing or operating this product, we

encourage you to contact us immediately at

the following email address: gov_security@

belkin.com and let us know. Alternatively you

can call our technical support toll-free number

at (800) 282-2355. Belkin maintains proper

system and procedures to handle such cases

as required by worldwide security agencies.

What are the risks when having

a microphone input switched

by a KVM?

Eavesdropping and data leakage can be a

result of having a microphone input switched

by a KVM; as computer sound cards can be

reprogrammed by malicious code to detect

weak audio signals. For this reason, KVMs

should not switch an analog microphone input

signal to protect from this inherent vulnerability

of analog audio leakages.

Is it possible to attack a secure

KVM remotely?

Yes, it is possible to attack the KVM remotely,

through the computers connected to the KVM,

or through one of the peripherals connected

to the KVM. This is especially applicable to

secure KVMs connected between the Internet

and classied networks.

What is the risk of a shared

display or projector with a

secure KVM?

A shared display or projector can store

information loaded on it from connected

computers in multiple ways. A display may be

used as a mail-box to leak data across connected

computers through EDID, MCCS, rmware

upgrade, asset tags etc. A typical display has up

to 10 megabytes (MB) of storage which may

be utilized by the attacker to load information

through the KVM. When switched between

networks the shared display is used as a shared

storage device that is switched between the two

networks.

Detection of KVM Attacks

Belkin Secure KVM

Back to Table of Contents

4