Core network security appliances are often considered to be more secure than traditional systems because the operating systems they run are supplied as obfuscated, undocumented binary firmware. Juniper Inc supplies a complete range of security appliances that all run a closed source operating system called ScreenOS which they supply as firmware.
This presentation will detail how the Juniper Netscreen platform can be completely subverted by installation of attacker modified firmware. This firmware is effectively an embedded rootkit.
http://www.blackhat.com/html/bh-usa-09/bh-usa-09-speakers.html#Neilson
