Defending the Enterprise Against Network Infrastructure Threats presented at Troopers 2015

by Paul Coggin,

Summary : Learn about network attack vectors that an adversary can use to control, and influence network traffic flows and exfiltrate data by exploiting network devices and protocols in enterprise or service provider networks. Defensive methods and techniques for monitoring and protecting against the outlined attack vectors will be discussed. This presentation explores advanced methods and techniques that the CISO, network and security architects and security auditors need to understand about network infrastructure and protocols. Understand how routing infrastructure can be compromised to enable sophisticated pivoting and exfiltration of data. Know how to analyze often over looked network trust relationships, integration, dependencies and interdependencies in the enterprise and service provider network architecture. Review the architecture and operations for border gateway protocol (BGP) services with references to the recent BGP prefix hijacking attacks. The discussion will cover how Multi-protocol Label Switch (MPLS) networks may be attacked without the Enterprise being aware of the event. Strategies for monitoring and securing enterprise networks including BGP and MPLS against the threats vectors presented will be discussed.