packets

IDG Contributor Network: Barracuda protects industrial IoT with network-based firewall

By Deepak Puri

Many industrial IoT systems have open doors that create unintended vulnerabilities.

What information could be exposed by open communications protocols? How do hackers identify vulnerable systems? What security resources are available? How do IoT firewalls protect against such threats?

TCP Port 502 vulnerabilities

Many industrial systems use TCP Port 502, which allows two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered on port 502 in the same order in which they were sent. This creates the risk of remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. Scans from services such as Shodan identify systems that have an open TCP port 502 that could be vulnerable.

To read this article in full or to leave a comment, please click here

Read more here:: www.networkworld.com/category/lan-wan/index.rss

IPv6 router bug: Juniper spins out hotfix to thwart DDoS attacks

By Tom Mendelsohn

Juniper Networks has found and mostly patched a flaw in the way the firmware on its routers process IPv6 traffic, which allowed malicious users to simulate Direct Denial of Service attacks.

The vulnerability, which seems to be common to all devices processing IPv6 address, meant that purposely crafted neighbour discovery packets could be used to flood the routing engine from a remote or unauthenticated source, causing it to stop processing legitimate traffic, and leading to a DDoS condition.

According to Juniper’s advisory report:

Read 5 remaining paragraphs | Comments

Read more here:: feeds.arstechnica.com/arstechnica/index?format=xml

Cisco Issues Hight Alert on IPv6 Vulnerability, Says It Affects Both Cisco and Other Products

By CircleID Reporter

Cisco today released a high-level alert warning about a vulnerability in IPv6 packet processing functions of multiple Cisco products that could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.

Cisco states: “The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.”

The company has also pointed out that the vulnerability is not Cisco specific and any IPv6 processing unit not capable of dropping such packets early in the processing path or in hardware is affected by this vulnerability.

There are no workarounds that address this vulnerability as of yet and customers are advised to rely on external mitigation techniques.

Follow CircleID on Twitter

More under: Cyberattack, DDoS, Security

Read more here:: feeds.circleid.com/cid_sections/news?format=xml