Written by Petr Gotthard on Monday 4 January 2021 in the category Default.
Forescout Research Labs has recently published a report from a study called AMNESIA:33, which performed a security analysis of seven open-source embedded TCP/IP stacks. The study discovered 33 new vulnerabilities in four of the seven analyzed stacks. For more details see the White Paper.
Our routers use the Linux Kernel TCP/IP stack, which is not affected by the listed vulnerabilities. Should you have more questions, please contact your Regional Support.
Written by Petr Gotthard on Friday 17 July 2020 in the category Default.
We released a user module with NetFlow/IPFIX probe and collector. The module captures a source and a destination IP address of each observed network communication and the amount of data exchanged. This can be used by network monitors such as PRTG to identify unusual traffic flows caused by misconfigurations, security incidents or policy violations.
Detailed description of the module configuration and operation can be found in the NetFlow/IPFIX Application Note.
The User Modules can be downloaded here.
Written by Petr Gotthard on Wednesday 24 June 2020 in the category Default.
Our cellular routers are not affected by the Ripple20 vulnerabilities discovered in a TCP/IP software library of many IoT devices.
Written by Petr Gotthard on Thursday 27 February 2020 in the category Default.
Our cellular routers are not affected by the Kr00k vulnerability because the hardware is not based on Broadcom or Cypress Wi-Fi chips.
Written by Petr Gotthard on Thursday 16 January 2020 in the category Default.
Our cellular routers are not affected by the „Cable Haunt“ vulnerability, which was recently discovered in Broadcom-based cable modems across multiple vendors.
Written by Jan Otte on Thursday 20 June 2019 in the category Default.
This security advisory is a reaction on the recently discovered network vulnerabilities in Linux kernel (see below on particular names and links).
These vulnerabilities can, under certain circumstances, be used by an attacker against a range of our routers running current firmware (6.1.9) with the potential result of the router rebooting.
We have already prepared a patch which closes the vulnerabilities. The patch will be included in future firmware versions (6.1.10, 6.2.0) when these are released.
Until the new firmware versions are available, you may apply any of the recommended workaround. The easiest ...
Written by Jan Otte on Wednesday 17 October 2018 in the category Default.
This article main topic is about v2 factory settings and default use case, also discussing a few LAN attacks on high-level.
When you get a cellular router from Advantech CZ, the default settings fall into one of the three cases:
As for the first possibility - router pre-configured exactly to your needs: as described in the first article, there are several ways how ...
Written by Jan Otte on Monday 30 July 2018 in the category Default.
A very important topic to cover in this article series is something we call security model of the router.
Before getting to that, let's look at the user model. There are a few user models being used in the operating systems based on Linux. Please note that this definition is something to make our security model more understandable and help with further understanding of the securing process, it is not a formal definition as used in information science.
Written by Jan Otte on Wednesday 6 June 2018 in the category Default.
You are about to read the first article in the series of articles about securing our routers. The series is tailored to our router devices, teaching and showing some general and specific principles and also describing possibilities and use cases. While some of the knowledge here is usable also outside of the router devices, you should keep in mind that we are focusing on our cellular routers running Conel OS 6.x here.
This first article is a basic building block. We are going to describe the device and its basic characteristics and possibilities of accessing the device with an accent on security. Also, some basic use cases are to be touched here and the terminology used for the rest of the series established.
Written by Jan Otte on Tuesday 17 April 2018 in the category Default.
Some time ago there has been questions about impact of IoTroop/Reaper Malware on our devices. A week ago there has been another inquiry. As it seems to be an (unexpected) pattern, this short information announcement is given to public.