Netscreen Of The Dead: Developing A Trojaned Screenos For Juniper Netscreen Appliances presented at TROOPERS 2010

by Greg Hoglund (HBGary), Graeme Neilson (Aura Software Security),

Summary : Core network security appliances are often considered to be more secure than traditional systems because the operating systems they run are supplied as obfuscated, undocumented binary firmware. Juniper Inc supplies a complete range of security appliances that all run a closed source operating system called ScreenOS which they supply as firmware.

This presentation will detail how the Juniper Netscreen platform can be completely subverted by installation of attacker modified firmware. This firmware is effectively an embedded rootkit.

Graeme Neilson: Graeme Neilson is a Senior Security Researcher and Consultant at Aura Software Security based in Wellington, New Zealand. Originally from Scotland he has 10 years of security experience with specialities in critical network infrastructure and reverse engineering. Graeme has previously presented at security conferences in New Zealand, Australia and the US including Black Hat.