4 Days left to get a GIAC Certification Attempt Included with Online Training - Register Today!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Juniper ScreenOS Backdoor: What do you need to know

  • Monday, December 21st, 2015 at 3:00 PM EDT (20:00:00 UTC)
  • Johannes Ullrich
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

Juniper released an out of band update for ScreenOS late last week. The update fixes two distinct backdoor that were introduced into the ScreenOS code to provide remote access to the device, and to be able to decrypt VPN connections. As of Sunday evening, the hidden password has been released making exploitation of the flaw trivial. Also some details are now known about how the VPN encryption was weakened. In this brief webcast, we will provide a summary of what is known so far about this flaw, how to protect yourself and what this implies for devices from other manufacturers.

Speaker Bio

Johannes Ullrich, PhD

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.