摘要
SOHO路由器作为现今家庭和中小型办公环境中普及度极高的网络接入设备,其安全性之重要不言而喻。加之目前国内外对网络设备,尤其是路由器的攻击越发流行,因此,本文对SOHO路由器脆弱性和相应攻击面的研究具有重要价值,是相关学术领域研究的大势所趋。主要研究分析和归纳总结了SOHO路由器脆弱性方面的相关技术和研究成果,包括远程侦测技术、漏洞利用技术和后门驻留技术等。首先是远程侦测技术,用来实现对路由器类型和版本的精准探测;其次是漏洞利用技术,用来获取路由器的管理权限甚至是系统权限;最后是后门驻留技术,用来在获取路由器权限的基础上实现长期的隐蔽控制。这里为今后在设计、改进SOHO路由器的安全防御技术和策略等方面提供基础支撑。
As a network access facility, the SOHO router is highly popular in family and office today, so it' s security is of great im- portance. Nowadays cyber attack aiming at network equipment, especially SOHO touters, is gradually popular at home and abroad, so it is necessary to research on vulnerabilities and attacking methods, and also it is represents the general trend in the related research fields. This paper focuses on researching and concluding both the technologies and results about the SOHO router' s vulnerabilities, in- cluding remote detection technology, exploit technology, and resident backdoor technology. Firstly, the remote detection technology, which is used to accurately detect router' s type and version, is studied. Then, exploit technology is researched to get administrator privileges, even get the system authority. Finally, resident backdoor technology is is used as controlling the router covertly in a long- term based on getting the administrator privilege. This paper may provide basis SOHO router' s support in the both design and improve- ment of security techniques and strategy in the future.
出处
《信息安全与通信保密》
2016年第8期95-100,共6页
Information Security and Communications Privacy
