Publication detail
Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols
JÍLEK, T. ŽALUD, L.
Original Title
Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols
English Title
Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols
Type
conference paper
Language
en
Original Abstract
This paper deals with proprietary communication protocols that are implemented in the MikroTik RouterOS operating system. These communication protocols are specially designed for remote management of embedded systems that run with this operating system. These protocols are closed and thus they have not a publicly accessible documentation. In this paper the principles of their functions that are identified on the basis of realized communication analyses are described. Security risks that are associated with the use of these communication protocols are also analyzed in the paper. Attack that uses conceptual bug in the design one of these communication protocols is demonstrated on a real example. Full and unlimited access to embedded system that runs with this operating system can be obtained with this attack.
English abstract
This paper deals with proprietary communication protocols that are implemented in the MikroTik RouterOS operating system. These communication protocols are specially designed for remote management of embedded systems that run with this operating system. These protocols are closed and thus they have not a publicly accessible documentation. In this paper the principles of their functions that are identified on the basis of realized communication analyses are described. Security risks that are associated with the use of these communication protocols are also analyzed in the paper. Attack that uses conceptual bug in the design one of these communication protocols is demonstrated on a real example. Full and unlimited access to embedded system that runs with this operating system can be obtained with this attack.
Keywords
security analysis, communication protocols, communication networks, remote management, operating systems, embedded systems
RIV year
2012
Released
23.05.2012
Publisher
IFAC-PapersOnLine / Elsevier
Location
10344 Virginia Lee Dr. Centerville, OH 45458, USA
ISBN
978-3-902823-21-2
Book
Proceedings of 11th IFAC/IEEE International Conference on Programmable Devices and Embedded Systems
Edition
2012
Pages from
138
Pages to
142
Pages count
5
Documents
BibTex
@inproceedings{BUT92956,
author="Tomáš {Jílek} and Luděk {Žalud}",
title="Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols",
annote="This paper deals with proprietary communication protocols that are implemented in the MikroTik RouterOS operating system. These communication protocols are specially designed for remote management of embedded systems that run with this operating system. These protocols are closed and thus they have not a publicly accessible documentation. In this paper the principles of their functions that are identified on the basis of realized communication analyses are described. Security risks that are associated with the use of these communication protocols are also analyzed in the paper. Attack that uses conceptual bug in the design one of these communication protocols is demonstrated on a real example. Full and unlimited access to embedded system that runs with this operating system can be obtained with this attack.",
address="IFAC-PapersOnLine / Elsevier",
booktitle="Proceedings of 11th IFAC/IEEE International Conference on Programmable Devices and Embedded Systems",
chapter="92956",
edition="2012",
howpublished="online",
institution="IFAC-PapersOnLine / Elsevier",
year="2012",
month="may",
pages="138--142",
publisher="IFAC-PapersOnLine / Elsevier",
type="conference paper"
}