Brave New World: Pervasive Insecurity of Embedded Network Devices
Embedded network devices have become an ubiquitous fixture in the modern home, office as well as in the global communication infrastructure. Devices like routers, NAS appliances, home entertainment appliances, wifi access points, web cams, VoIP appliances, print servers and video conferencing units reside on the same networks as our personal computers and enterprise servers and together form our world-wide communication infrastructure. Widely deployed and often misconfigured, they constitute highly attractive targets for exploitation. In this study we present the results of a vulnerability assessment of embedded network devices within the world's largest ISPs and civilian networks, spanning North America, Europe and Asia. The observed data confirms the intuition that these devices are indeed vulnerable to trivial attacks and that such devices can be found throughout the world in large numbers.
- RouterScan-RAID09-Poster.pdf application/pdf 151 KB Download File
Recent advances in intrusion detection: 12th International Symposium, RAID 2009, Saint-Malo, France, September 23-25, 2009: proceedings, Lecture Notes in Computer Science, vol. 5758 (New York: Springer, 2009), pp. 378-380.