BlackHat资料us-14-Spring-Abuse-Of-CPE-Devices-And-Recommended-Fixes-WP.pdfVIP

White Report Abuse of Customer Premise Equipment and Recommended Actions July 2013 United States Computer Emergency Readiness Team National Cybersecurity and Communications Integration Center 1 US-CERT UNITED STATES COMPUTER EMERGENCY READINESS TEAM Abuse of Consumer Premise Equipment and Recommended Actions ABOUT US-CERT 3 SUMMARY 3 1. INTRO 4 1.1. CUSTOMER PREMISE EQUIPMENT (CPE) BACKGROUND 4 1.2. ABUSE EXAMPLES 4 2. SCOPE OF THE PROBLEM 5 2.1. STATISTICS ON CPE DEVICES SOLD 6 2.2. VULNERABILITY DATABASE INFORMATION ON CPE DEVICES 6 2.3. MEASUREMENT OF OPEN DNS RESOLVERS 6 2.4. DDOS ATTACKS USING OPEN RESOLVERS 9 3. RECOMMENDATIONS 10 3.1. DEVICE MANUFACTURERS NEED A PATH FOR CONTINUOUS UPGRADES 10 3.2. IMPLEMENT SOURCE ADDRESS VALIDATION 10 3.3. RESPONSIBILITY 11 4. CONCLUSION 11 APPENDIX A – NEUSTAR CONNECTION TYPES AND DESCRIPTIONS 12 APPENDIX B – STATISTICAL TESTS 13 FURTHER INFORMATION 14 2 About US-CERT The United States Computer Emergency Readiness Team (US-CERT) is a 24x7 opera