Abusing Software Defined Networks

Presented at Black Hat Europe 2014, Oct. 17, 2014, 2:15 p.m. (60 minutes).

Software Defined Networking (SDN) transfers all forwarding decisions to a single controller and provides the network with the same degree of control and flexibility as the cloud. And, with all the major vendors onboard, it will soon be supporting networks everywhere. But, current implementations are full of weaknesses that could easily turn this utopian dream of the future into a nightmare and leave networks world-wide exposed.

With clear-text wire protocol implementations, little support for switch TLS, no authentication for nodes, poorly conceived rate-limiting features in the controllers, controller APIs that don't require authentication, and back-door netconf access, the leading platforms Floodlight and OpenDaylight, are ripe for attack.

And in this session, using a new toolkit that I developed, I'll demonstrate by showing you how to locate and identify these controllers, impersonate switches to DoS them, and engage their wide-open APIs and backdoors to map the network, locate targets, and control access to the network...even hide from sensors. But all is not lost, because I'll show how to protect them too. Because dream or nightmare, SDN can make a difference in the real world if we just protect it right.


Presenters:

  • Gregory Pickett - Hellfire Security
    Gregory Pickett CISSP, GCIA, GPEN has a background in intrusion analysis for Fortune 100 companies but now heads up Hellfire Security's Managed Security Services efforts and participates in their assessment practice as a network security subject matter expert. As a security professional, his primary area of focus and occasional research is networks with an interest in using network traffic to better understand, to better defend, and sometimes to better exploit the hosts that live on them.

Links:

Similar Presentations: