Are your devices user interfaces vulnerable to common attack vectors?

7 min read

Security in home networking devices, particular home Wi-Fi routers, has come to the forefront in the last few years. While many of the discovered vulnerabilities are zero-day (meaning they are new vulnerabilities that can be exploited before they are known), some of the more recent attacks including VPNFilter, are exploiting common weaknesses in consumer router design that have been well known for some time. Security requirements vs. best practices Keep reading

Testing tips

Testing ARP issues in CDRouter

11 min read

Earlier we posted about new issues we’ve discovered with ARP implementations in the areas of security and robustness. In CDRouter 10.5 we added new tests to handle these discoveries. Here’s how they work: Testing These Issues with CDRouter Basic Tests The first three tests in the new ARP module, arp_1, arp_2, and arp_3, are basic tests that are designed to verify that the Device Under Test (DUT) responds to different types of ARP requests from clients on the LAN. Keep reading


Revisiting ARP for security and robustness

3 min read

by Joe McEachern & Matt Langlois What is old is new again In today’s security-focused world, every protocol is a potential attack point, even a protocol as old and localized as ARP. ARP was originally defined in 1982 as RFC 826. Despite its age, Linux kernel code for ARP is still being actively developed. There have been more than 10 commits (11 as of October 2017) made to the net/ipv4/arp. Keep reading