Detail publikace

Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols

JÍLEK, T. ŽALUD, L.

Originální název

Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols

Anglický název

Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols

Jazyk

en

Originální abstrakt

This paper deals with proprietary communication protocols that are implemented in the MikroTik RouterOS operating system. These communication protocols are specially designed for remote management of embedded systems that run with this operating system. These protocols are closed and thus they have not a publicly accessible documentation. In this paper the principles of their functions that are identified on the basis of realized communication analyses are described. Security risks that are associated with the use of these communication protocols are also analyzed in the paper. Attack that uses conceptual bug in the design one of these communication protocols is demonstrated on a real example. Full and unlimited access to embedded system that runs with this operating system can be obtained with this attack.

Anglický abstrakt

This paper deals with proprietary communication protocols that are implemented in the MikroTik RouterOS operating system. These communication protocols are specially designed for remote management of embedded systems that run with this operating system. These protocols are closed and thus they have not a publicly accessible documentation. In this paper the principles of their functions that are identified on the basis of realized communication analyses are described. Security risks that are associated with the use of these communication protocols are also analyzed in the paper. Attack that uses conceptual bug in the design one of these communication protocols is demonstrated on a real example. Full and unlimited access to embedded system that runs with this operating system can be obtained with this attack.

Dokumenty

BibTex


@inproceedings{BUT92956,
  author="Tomáš {Jílek} and Luděk {Žalud}",
  title="Security of remote management of embedded systems running MikroTik RouterOS operating system using proprietary protocols",
  annote="This paper deals with proprietary communication protocols that are implemented in the MikroTik RouterOS operating system. These communication protocols are specially designed for remote management of embedded systems that run with this operating system. These protocols are closed and thus they have not a publicly accessible documentation. In this paper the principles of their functions that are identified on the basis of realized communication analyses are described. Security risks that are associated with the use of these communication protocols are also analyzed in the paper. Attack that uses conceptual bug in the design one of these communication protocols is demonstrated on a real example. Full and unlimited access to embedded system that runs with this operating system can be obtained with this attack.",
  address="IFAC-PapersOnLine / Elsevier",
  booktitle="Proceedings of 11th IFAC/IEEE International Conference on Programmable Devices and Embedded Systems",
  chapter="92956",
  edition="2012",
  howpublished="online",
  institution="IFAC-PapersOnLine / Elsevier",
  year="2012",
  month="may",
  pages="138--142",
  publisher="IFAC-PapersOnLine / Elsevier",
  type="conference paper"
}