Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] SSL private key and transient packet data security concerns with forced flowd core dump

0

0

Article ID: KB26166 KB Last Updated: 30 Oct 2012Version: 1.0
Summary:
This article provides information about certain security concerns regarding SSL private key and packets, when a flowd core dump is taken.
Symptoms:
An administrator may be asked by JTAC to take a forced core (via kill -6 [pid]) to provide it for troubleshooting an issue. Companies, such as financial institutions and so on, may have concerns about their sensitive data and SSL private keys.
Cause:
When a core dump is taken, it will contain the memory that is used by the process in question and provide the data pointed to by the memory pointers.
Solution:
This can vary, given the type of process that is providing the core; but a flowd core file will contain transient data packets that flow through the SRX device, when the core is taken. In the case of SSL decryption, it can show decrypted traffic as well. However, it will not contain the SSL private key file.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search