Black Ops 2005

Presented at DEF CON 13 (2005), July 29, 2005, 10 p.m. (50 minutes)

Another year, another batch of packet related stunts. A preview: A Temporal Attack against IP It is commonly said that IP is a stateless protocol. This is not entirely true. We will discuss a mechanism by which IP's limited stateful mechanisms can be exploited to fingerprint operating systems and to evade most intrusion detection systems. Application-layer attacks against MD5 We will show how web pages and other executable environments can be manipulated to emit arbitrarily different content with identical MD5 hashes. Realtime visualizations of large network scans Building on Cheswick's work, I will demonstrate tools for enhancing our comprehension of the torrential floods of data received during large scale network scans. By leveraging the 3D infrastructure made widely available for gaming purposes, we can display and animate tremendous amounts of data for administrator evaluation. A High Speed Arbitrary Tunneling Stack Expanding on last year's talk demonstrating live streaming audio over DNS, I will now demonstrate a reliable communication protocol capable of scaling up to streaming video over multiple, arbitrary, potentially asymmetric transports.

Presenters:

• Dan Kaminsky
  Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems. He is best known for his work on the ultra-fast port scanner scanrand, part of the "Paketto Keiretsu", a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. He authored the Spoofing and Tunneling chapters for "Hack Proofing Your Network: Second Edition", was a co-author of "Stealing The Network: How To Own The Box", and has delivered presentations at several major industry conferences, including Linuxworld, DefCon, and past Black Hat Briefings. Dan was responsible for the Dynamic Forwarding patch to OpenSSH, integrating the majority of VPN-style functionality into the widely deployed cryptographic toolkit. Finally, he founded the cross-disciplinary DoxPara Research in 1997, seeking to integrate psychological and technological theory to create more effective systems for non-ideal but very real environments in the field. Dan is based in Silicon Valley.

Links:

• https://defcon.org/html/defcon-13/dc13-speakers.html#kaminsky
• https://infocon.org/cons/DEF CON/DEF CON 13/DEF CON 13 video/DEF CON 13 Hacking Conference Presentation By Dan Kaminsky - Black Ops 2005 - Video.mp4