3 Days Left to Get MacBook Air, $400 Amazon Gift Card, or Take $400 Off with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Juniper ScreenOS Backdoor: What do you need to know

  • Monday, December 21, 2015 at 3:00 PM EDT (2015-12-21 20:00:00 UTC)
  • Johannes Ullrich, PhD

You can now attend the webcast using your mobile device!



Juniper released an out of band update for ScreenOS late last week. The update fixes two distinct backdoor that were introduced into the ScreenOS code to provide remote access to the device, and to be able to decrypt VPN connections. As of Sunday evening, the hidden password has been released making exploitation of the flaw trivial. Also some details are now known about how the VPN encryption was weakened. In this brief webcast, we will provide a summary of what is known so far about this flaw, how to protect yourself and what this implies for devices from other manufacturers.

Speaker Bio

Johannes Ullrich, PhD

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.