Security Appliances Internals

Presented at TROOPERS18 (2018), March 14, 2018, 4 p.m. (Unknown duration)

Security Appliances are often viewed as secure devices and used for the very first line of defense. Although those devices are mostly unix servers they benefit from a big trust and can contain sensitive information or credentials.

After looking several years consecutively at security appliance it´s about time to wrap up some internal insights and encountered problems. Starting with the past we will talk about the internals of previously reviewed systems. Further, we will talk about other security appliances (namely IDS/IPS) and how they were designed and what to consider at the acquisition and feature enabling of such appliances. Besides describing the internals we will introduce our newly discovered vulnerabilities which can lead to a full compromise of the system.


  • Birk Kauer
    Birk is a Security Researcher at ERNW and enjoys exploitation the most, especially in very tricky and complex situations. He often attends CTFs (Capture the Flags) to challenge himself with tricky exploits while keeping up with daily consulting and assessment work. He currently holds OSCP, OSCE and OSEE certificates from offsec (Offensive-Security).
  • Flo Grunow
    Florian Grunow is a security analyst at ERNW. He holds a Master of Science degree in computer science with a focus on software engineering. He leads a team performing security assessments at ERNW.


Similar Presentations: