Bending and Twisting Networks presented at DeepSec 2014

by Paul Coggin,

Summary : Learn about network attack vectors that an adversary can use to control, and influence network traffic flows and exfiltrate data by exploiting network devices and protocols in the LAN, WAN and Cloud. Defensive methods and techniques for monitoring and protecting against the outlined attack vectors will be discussed. This presentation explores advanced methods and techniques that penetration testers, network engineers and security auditors need to understand about network infrastructure and protocols.
Strategies for attacking network infrastructure
Undocumented method for tunneling IPv6
Layer 3 LAN based MITM attack
Methods for exfiltrating data from the core network infrastructure including MPLS core network infrastructure
Router tricks that penetration testers need to know
Often over looked network trust relationships, integration, dependencies and interdependencies
Features hackers know about routers that need to be understood by auditors and network administrators.
Switch security the Achilles heel of networks everywhere and what to do about it.
Ensure that you know when someone is twisting and bending your network infrastructure to suit their purposes
Advanced service provider technologies that be utilized by an attacker to enable data exfiltration and WAN based
MITM attack vectors, manipulate and override routing paths