日本語版はこちら
Abstract
We are developing a vulnerability scanner Vuls (https://github.com/future-architect/vuls). There are several such software packages for servers that collect information about the target machine and compare it to the vulnerability information provided to detect vulnerabilities, but not many of them do this for network devices.
Therefore, we believe that it is necessary to automatically collect hardware and firmware information and detect vulnerabilities in network devices as well, and we have started an initiative to detect vulnerabilities in network devices with Vuls.
However, there are issues with the method and content of advisories provided by vendors and the identification of hardware and firmware of network devices. For example, advisories may only provide HTML pages, which are difficult to process mechanically, or even if the advisory is in a format that can be processed mechanically, the content may be insufficient and manual correction is required.
We also use SNMP to collect and identify information on network devices, but the small sample size and different behavior of router series from the same vendor make it difficult to consistently identify hardware and software.
In this presentation, we would like to share and discuss the challenges we are facing and receive feedback to make the automation of vulnerability detection in network devices more common.
Place
1F Conference Room 101
Date
Day3 Friday, July 7th, 2023/13:15~13:45(30Minutes)
Presenter
Norihiro NAKAOKA(Future Corporation)
Kei INOUE(Future Corporation)