Presented at
DEF CON 10 (2002),
Aug. 4, 2002, 11 a.m.
(50 minutes).
The presentation will describe the inner workings of the Trojan "Setiri". Setiri leads a new wave of Trojan Horse technology that defeats most conventional security devices including personal firewalls, NAT, statefull inspection firewalls, IDS, proxy type firewalls and content level checking. The presentation will focus on the setting up of a bi-directional communication stream in non-conducive environments, rather than describing the features of the Trojan.
The presentation will include an online demonstration - a well-protected PC located inside a heavily protected environment will be Trojaned with Setiri. The computer will be taken over by a Controller that is situated outside of the network. At the same time network traffic will be manually inspected.
Presenters:
-
Roelof Temmingh
- Technical Director, Founding Member SensePost
Roelof Temmingh is the technical director and a founding member of SensePost. After obtaining his degree in electronic engineering in 1995, he helped to establish SensePost along with some of South Africa's leading IT security minds. He is currently involved in the coding of proof of concept code, and the practical realization of complex security concepts. Roelof has been a speaker at the 2001 Summercon conference and the 2002 Black Hat Windows conference.
-
Haroon Meer
- Technical Security Specialist SensePost
Haroon Meer joined SensePost as a Technical Security Specialist after over 7 years in the Networking/Security industry. He has a wide background in security & networking from writing code to administration of large Campus networks. He is currently heavily involved in the development of additional security tools and proof of concept code and has been a speaker at the recent Black Hat Windows Briefings in New Orleans.
Links:
Similar Presentations: