{"title":"OSV: OSPF vulnerability checking tool","authors":"Poonyavee Kasemsuwan, V. Visoottiviseth","doi":"10.1109/JCSSE.2017.8025919","DOIUrl":null,"url":null,"abstract":"OSPF is one of a widely deployed intra-domain routing protocol in enterprise network operation around the world. As the protocol itself was introduced about two decades ago, it contains many known attacks which some of them can be patched by a newer version of the router firmware. Nevertheless, a reckless or a poor practice of network operator could jeopardize the system by forgetting to enable the OSPF authentication or use a password that can be easily guessed. Moreover, a lot of routers that still in operating out there are running with the out-of-date firmware, which surely contains security holes. Attacks on routing protocol could lead to severe damage to the network. In this paper, we introduce OSV as a tool to detect the OSPF network vulnerability by checking password strength and performing ten penetration testing against the target OSPF network. OSV also generates a report to inform any vulnerability found to help the network operator detect their security issues. We confirm the validation and the performance of OSV tool by testing it with Quagga and Cisco routers.","PeriodicalId":6460,"journal":{"name":"2017 14th International Joint Conference on Computer Science and Software Engineering (JCSSE)","volume":"81 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 14th International Joint Conference on Computer Science and Software Engineering (JCSSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/JCSSE.2017.8025919","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
OSPF is one of a widely deployed intra-domain routing protocol in enterprise network operation around the world. As the protocol itself was introduced about two decades ago, it contains many known attacks which some of them can be patched by a newer version of the router firmware. Nevertheless, a reckless or a poor practice of network operator could jeopardize the system by forgetting to enable the OSPF authentication or use a password that can be easily guessed. Moreover, a lot of routers that still in operating out there are running with the out-of-date firmware, which surely contains security holes. Attacks on routing protocol could lead to severe damage to the network. In this paper, we introduce OSV as a tool to detect the OSPF network vulnerability by checking password strength and performing ten penetration testing against the target OSPF network. OSV also generates a report to inform any vulnerability found to help the network operator detect their security issues. We confirm the validation and the performance of OSV tool by testing it with Quagga and Cisco routers.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
