Australian Information Security Management Conference

Document Type

Conference Proceeding

Publisher

SRI Security Research Institute, Edith Cowan University, Perth, Western Australia

Comments

This paper was originally presented at The Proceedings of [the] 13th Australian Information Security Management Conference, held from the 30 November – 2 December, 2015 (pp. 11-27), Edith Cowan University Joondalup Campus, Perth, Western Australia.

Abstract

Network routers are a core component of contemporary SoHo networks. The firmware within these devices provides routing, control and monitoring functionality coupled with mechanisms to ensure a secure and reliable network. End-users are typically reliant on manufacturers to provide timely firmware updates to mitigate known vulnerabilities. An investigation was undertaken to identify the underlying software components used in the firmware of currently available, SoHo network devices used in Australia. Firmware from 37 devices was deconstructed to identify potential security issues; in each instance, the firmware images were found to include vulnerabilities, obsolete software and out-of-date operating system components. 95% of the deconstructed firmware was based on Linux. The Linux kernels identified were typically discontinued and are no longer actively maintained. This paper demonstrates a method for undertaking the analysis and summaries the outcomes of the research.

DOI

10.4225/75/57b697e7d9388

Share

 
COinS