摘要
首先介绍了路由交换设备面临的安全问题,并指出这些安全问题的主要原因是设备存在漏洞。然后介绍了漏洞挖掘的一般方法,并详细描述了模糊测试(fuzzing)技术。设计并实现了一个针对设备的fuzzer工具,并对路由交换设备进行了测试,发现了两个安全漏洞,该结果验证了模糊测试对于设备漏洞挖掘的有效性。最后对路由交换设备的漏洞挖掘技术的发展进行了展望。
This paper introduces the security problems of routing and switching devices, and points out the main reason is vulnerabilities in devices. Then it de- picts fuzzing technology, and develops a fuzzing test tool of devices. Two vulnerabilities were discovered by using the fuzzing test tool in some devices, the results show that fuzzing test is an effective way to discover vulnerabilities in routing and switching devices. At last, it introduces the future of the vulnerability discov- ery in devices.
出处
《现代电信科技》
2015年第5期41-45,共5页
Modern Science & Technology of Telecommunications
关键词
路由交换设备
漏洞挖掘
模糊测试
网络
安全
routing and switching devices, vulnerabil- ity discovery, fuzzing test, network security
