Slashdot Mirror

← Back to Stories (view on slashdot.org)

SDN Switches Not Hard To Compromise, Researcher Says

Posted by timothy on from the onie-contrary-as-they-say-in-bawlamer dept.

alphadogg writes: Software-defined switches hold a lot of promise for network operators, but new research due to be presented at Black Hat will show that security measures haven't quite caught up yet. Gregory Pickett, founder of the Chicago-based security firm Hellfire Security, has developed several attacks against network switches that use Onie, the Linux-based Open Network Install Environment that competes with OpenDaylight. Being able to exploit the vulnerability to put malware on SDN switches would have full visibility into all of the traffic running through the switch, enabling large-scale spying.

2 of 105 comments (clear)

  1. Onie =! OpenDayLigth by Anonymous Coward · · Score: 2, Interesting

    As far as I'm concerned, OpenDayLight is not a bare-metal OS installed on the network assets running the Data Plane... ODL is an SDN controller running on the Management Plane. "SDN Ready" switches in general are just regular switches compatible with OpenFlow... the article doesn't make much sense. Let see...

  2. Re:Not Supprising by WaffleMonster · · Score: 1, Interesting

    So long as "features" count for more than security, this will continue.

    So long as people waste their time and resources guarding wires rather than systems this will continue. Most of the need for SDN in the first place originates with fools continuing to pursuit castle defense during the space age.

    --
    "Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary."