By Deepak Puri
Many industrial IoT systems have open doors that create unintended vulnerabilities.
What information could be exposed by open communications protocols? How do hackers identify vulnerable systems? What security resources are available? How do IoT firewalls protect against such threats?
TCP Port 502 vulnerabilities
Many industrial systems use TCP Port 502, which allows two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered on port 502 in the same order in which they were sent. This creates the risk of remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. Scans from services such as Shodan identify systems that have an open TCP port 502 that could be vulnerable.
Read more here:: www.networkworld.com/category/lan-wan/index.rss
Red Hat delivered an update to Linux platforms that addresses how packets are transferred, container management, IoT devices, securing IT environment.
Read more here:: www.itbusinessedge.com/feeds
Juniper Networks has found and mostly patched a flaw in the way the firmware on its routers process IPv6 traffic, which allowed malicious users to simulate Direct Denial of Service attacks.
The vulnerability, which seems to be common to all devices processing IPv6 address, meant that purposely crafted neighbour discovery packets could be used to flood the routing engine from a remote or unauthenticated source, causing it to stop processing legitimate traffic, and leading to a DDoS condition.
According to Juniper’s advisory report:
Read more here:: feeds.arstechnica.com/arstechnica/index?format=xml
Cisco today released a high-level alert warning about a vulnerability in IPv6 packet processing functions of multiple Cisco products that could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.
Cisco states: “The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.”
The company has also pointed out that the vulnerability is not Cisco specific and any IPv6 processing unit not capable of dropping such packets early in the processing path or in hardware is affected by this vulnerability.
There are no workarounds that address this vulnerability as of yet and customers are advised to rely on external mitigation techniques.
Follow CircleID on Twitter
Read more here:: feeds.circleid.com/cid_sections/news?format=xml
By Geoff Huston
Geoff returns to the subject of IP packet fragmentation, this time looking at how IPv6 has changed the behaviour of packet fragmentation and discussing the concern of whether IPv6 can handle big packets.
Read more here:: blog.apnic.net/feed/