Explore the critical issue of Consumer Premise Equipment (CPE) device vulnerabilities in this 27-minute Black Hat conference talk. Delve into the widespread problem of poorly managed home and small office routers/modems that mediate access between local devices and ISPs. Understand how outdated and vulnerable firmware creates an Internet-scale security risk, including the prevalence of open DNS resolvers on DSL connections. Learn about the potential for abuse in DDoS attacks and middleperson attacks against consumers. Examine quantitative data on the scope of the problem and discover recommended solutions for addressing this public-health-like issue affecting the broader Internet community.
Overview
Syllabus
Abuse of CPE Devices and Recommended Fixes
Taught by
Black Hat