100 likes | 115 Views
Learn about the critical security flaws discovered in Juki applications and recommendations to improve security measures, accountability, disaster recovery, and network design. Find out why IDS and Firewalls might not be the ultimate answer to vulnerabilities.
E N D
Inside Juki Net Ejovi Nuwere SecurityLab Technologies, Inc.
About Ejovi Nuwere • Who Am I • My Involvement in Testing • My Previous Opinion of Juki
Constraints • Media • Time • Physical environment
Our Findings • Technical findings • Windows based vulnerabilities • Findings limited to systems we could touch • Vulnerabilities found in JUKI application
Dangers • Lack of Accountability • Multiple Points of Abuse
Our Results • Several Critical Flaws • Flawed trust relationship • Previous test results • Good Defenses
Improving Juki Security • Accountability • Network design and trust relationship • Disaster recovery • IDS and Firewalls are not the answer • Code audit of applications • Consider Peer to Peer for local government communications