住宅网关和互联网服务提供商的安全分析：全球网络控制（悄无声息地）成为可能.pdf

《住宅网关和互联网服务提供商的安全分析：全球网络控制（悄无声息地）成为可能.pdf》由会员分享，可在线阅读，更多相关《住宅网关和互联网服务提供商的安全分析：全球网络控制（悄无声息地）成为可能.pdf（62页珍藏版）》请在三个皮匠报告上搜索。

1、Security analysis of Residential Gateways and ISPs Global network domination is(sneakily)possibleTa-Lun YenSenior Vulnerability Researcher,TXOne Research#BHEU BlackHatEventsInformation Classification:GeneralTXOne Networks|Keep the Operation RunningwhoamiTa-Lun Yen(logonfail)Vulnerability Researcher,

2、TXOne Networks Break Everything (software&hardware,reverse engineering,embedded systems)Various International InfoSec ConferencesTaiwanese hacker group UCCU Hacker#BHEU BlackHatEventsInformation Classification:GeneralTXOne Networks|Keep the Operation RunningWhat is a Residential Gateway?Bridges prem

3、ises to InternetDefinition Modem modulates fiber,coaxial,phone line to/from EthernetResidential Gateway performs modem+computing e.g.NAT,Firewall,Routing,DHCPRefers to many devices;focusing on ones from ISP#BHEU BlackHatEventsInformation Classification:GeneralTXOne Networks|Keep the Operation Runnin

4、gWhy is RG important and worth studying into?79%of household(*)has access to fixed internet(=has a RG)Gateway devices are lucrative targets for adversaries;not yet RGs(ones by ISPs)(*)OECD ICT Access and Usage by Households and Individuals Database,Household with fixed broadband Internet access at h

5、omehttps:/oe.cd/dx/ict-access-usage#BHEU BlackHatEventsInformation Classification:GeneralTXOne Networks|Keep the Operation RunningQ:How many Residential Gateways(RGs)on Earth?Answer:Could be at least 153 million(*)(*)Based on“Broadcom SDK Un-stealthy Stealth Mode”.Not accurate depiction.#BHEU BlackH

6、atEventsInformation Classification:GeneralTXOne Networks|Keep the Operation RunningPast cases of finding bugs against ISP management/RGsShahar Tal,44CON(2014)ISP-side remote management takeover from exposed infrastructurePeter Geissler&Steven Ketelaar,HITB AMS(2013)Buffer overflow leading to RCE on