"rucki zucki" scanning tool

March 15, 2016 (at 12:30 p.m.) in The "Telco Security Day" (TSD) is an additional event to Troopers. It takes place on Tuesday the 15th. As the event aims to bring together only researchers, vendors and practitioners from the telecommunication / mobile security field, it is an invitation only event. The event is intended to be a discussion round for current topics accompanied by talks covering various subjects from different domains (e.g. practical security research or hacking, 3GPP standardization, Telco security operations). The TSD is a closed event and no filming will be allowed or recording will take place. It will be held in English. The agenda is publicly available and will be published here soon. Please note there is also a Shared Dinner at 19:30 for TSD Speakers and Attendees. For questions, talk submissions or invitation requests, please contact hschmidt@ernw.de.

The assessment of new vulnerabilities and weaknesses are a constant issue for Cyber Emergency Response Teams (CERTs). In order to be able to quickly assess how many affected devices are affected by a arising issue DT CERT has developed a simple yet generic tool for scanning a large number of IP addresses. Heartbleed, Shellshock, open $SERVICE resolver, House-of-Keys, Juniper telnet/ssh backdoor (CVE-2015-7755) are examples of recent problems which demanded the capability of scanning a large number of IP addresses for those weaknesses, so that the situation can be assessed quickly and handled accordingly. The developed tool has basically two main components, one responsible for the management of parallel tasks, the other being weakness-specific part. With this tool, DT CERT was able to scan its main AS (AS3320) for $PROBLEM within $TIME.

Joao Collier de Mendonca

João is an Incident Handler/Security Analyst at Deutsche Telekom Cyber Defense Center since 2010. He is mainly focused on network-based incident detection and build-up of incident handling know-how across Deutsche Telekom Group.

Andreas Petker

Andreas is an Security Analyst at Deutsche Telekom Cyber Defense Center since 2009. He is mainly focused on Vulnerability and Advisory Management and rapid prototyping of incident detection and response tools.