Tools

Blackhat Europe 2009 Toolbox

MPLS & BGP-related tools inside

This toolbox was released in line with the presentation of ERNW's talk on backbone security at Black Hat Europe 2009 Briefings. Content of archive: bgp_cli, bgp_md5crack, ldp_cli, mpls_redirect, mpls_tun

SHA2-256 Checksum: 0c67d956787d20b2b6d3d265c2acc030eb783c8b3e58ca65200664f6f8293fc3

bh09_all_your_packets_tools.tar.bz2

Newsletter 19 / September 2007

Metrics based patch with CVSS 2.0 - concept with methodology
ERNW_Newsletter_19_CVSS_de.pdf (637KB) You can get here the ERNW CVSS calculator which is referenced in the newsletter.
ernw-cvsscalc.zip (198KB)

Dror-John Röcher & Patrice Auffret:

Routing Protocol Security

Dror-John Röcher: ERNW Bulk Switch Config Auditor Tool

A part of the readme:
"The ERNW Bulk Switch Config Auditor Tool (bcsa.pl) is an offline switch/router config analyzer utilising syntax-tests against a specified test-spec file to audit. It does not do online testing, it does not pull the configs off the switchtes. It is a "work-in-progress and does not have many tests enabled yet....

Michael Thumann: Too many secrets

Michael Thumann: DNSDigger


TROOPERS11 - March 2011
TROOPERS11 takes place from 14-18. March 2011 at Heidelberg. Mark your calendars now and sign up for the official TROOPERS newsletter to stay up-to-date. [More]
Security Testing
Testing IT security is one of the core competences of ERNW. Many of our customers get their IT infrastructure and (Web) applications checked on a regular basis. This may either be done on a very technical level in terms of penetration testing or in a more formal way in terms of general security audits, during which we verify the IT Security Compliance of your company compared to best practices according to ISO17799/ISO27001 ... [More]
Research & Technology-Evaluation
Research is the foundation of our Know-How leadership. The objections of this work is to unveil security flaws and vulnerabilities in protocols, technologies and products. Some findings derive from design-flaws, some from poor implementation on a technical level.... [More]