Phlashing is more than theoretical: it's been demonstrated at conferences, like London's EUSecWest security conference...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
in May 2008. You're correct to point out that there hasn't been a widespread outbreak in the wild. Nevertheless, enterprises should fortify devices to protect against this type of attack.
The best advice I can give you is to never connect the management interface of a device to a public network. Doing so invites trouble by making it possible for an attacker to upload non-authentic firmware. Ideally, such devices belong on their own private control network, accessible only to administrators with a legitimate need to configure the devices.
Dig Deeper on Denial of Service (DoS) Attack Prevention-Detection and Analysis
Related Q&A from Mike Chapple
Vulnerability scanning tools are necessary to be fully compliant with PCI DSS, but the tools need to come from a PCI DSS Approved Scanning Vendor. ...continue reading
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you...continue reading
The FFIEC Cybersecurity Assessment Tool has faced harsh criticism since its 2015 release. Expert Mike Chapple reviews the tool and how it can be ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.