Software Defined Networking (SDN) transfers all forwarding decisions to a single controller and provides the network with the same degree of control and flexibility as the cloud. And, with all the major vendors onboard, it will soon be supporting networks everywhere. But, current implementations are full of weaknesses that could easily turn this utopian dream of the future into a nightmare and leave networks world-wide exposed.
With clear-text wire protocol implementations, little support for switch TLS, no authentication for nodes, poorly conceived rate-limiting features in the controllers, controller APIs that don't require authentication, and back-door netconf access, the leading platforms Floodlight and OpenDaylight, are ripe for attack.
And in this session, using a new toolkit that I developed, I'll demonstrate by showing you how to locate and identify these controllers, impersonate switches to DoS them, and engage their wide-open APIs and backdoors to map the network, locate targets, and control access to the network...even hide from sensors. But all is not lost, because I'll show how to protect them too. Because dream or nightmare, SDN can make a difference in the real world if we just protect it right.