Re: Broadband CPE Vulnerability Tool?

From: Scott Davidson <scott@xxxxxxxxxx>
Date: Tue, 15 Aug 2006 08:52:51 -0500

Nicolas RUFF wrote:

Can anyone recommend a vulnerability scanner for broadband router CPE such as Netopia, Flowpoint, Siemens? It looks like none of the big names like Nessus do this..

IMHO there are too many firmware revisions, too many flaws and not
enough business for such a vulnerability scanner ...

For example, the Linksys WRT54G comes in 4 families with 10 hardware
revisions and numerous firmware sub-revisions ...
http://en.wikipedia.org/wiki/WRT54G

It would be just like tracking every XSS flaw :)

Regards,
- Nicolas RUFF

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@xxxxxxxxxx for details.
------------------------------------------------------------------------------

That's what is going to make Cisco's planned virtual processes so sweet to worms and script kiddies, predictable memory locations independent of hardware, firmware or IOS build. Fatal flaw in their thinking meant to be a work around for the pain of parallel development for each variation.

--
Scott Davidson, CISSP, SCSP, CCNA
scott@xxxxxxxxxx - dogtentx on Yahoo IM
MOB 214-632-6191
FAX 440-658-6191

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

References:
- Broadband CPE Vulnerability Tool?
  - From: rlemaste
- Re: Broadband CPE Vulnerability Tool?
  - From: Nicolas RUFF

Prev by Date: Re: xss....what next???
Next by Date: Re: Clueless firewall configuration ?
Previous by thread: Re: Broadband CPE Vulnerability Tool?
Next by thread: Paros 3.2.13 release
Index(es):
- Date
- Thread

Relevant Pages

SNMP vulnerability test?
... what's the best way to test for the SNMP ... I can test against similar hardware here in the offices, ... "friendly" way to determine vulnerability.) ... >>> For more information on this free incident handling, ...
(Incidents)
Re: The possibility of vms opening up?
... vulnerability they do not know about? ... When VMS was initially produced, the prime reason was to sell VAX computers. ... At that time the only reason computer companies produced software was to sell hardware. ... VMS produce profits for HP. ...
(comp.os.vms)
Re: [Full-disclosure] PC Firewall Choices
... > sure you already know that software is software regardless of the ... Likewise a vulnerability is still a ... Configuration on a hardware firewall is usually a pretty stable thing - ...
(Full-Disclosure)
Re: TCP/IP offload: security implications
... >vulnerability is found. ... But what do you do if the hardwired protocol ... firmware, not hardware, so patches can be downloaded to the cards. ...
(comp.security.misc)