Pen-testing the Backbone

Presented at DEF CON 13 (2005), July 30, 2005, 3 p.m. (50 minutes)

Despite its crucial importance, the network backbone is often ignored or exempted from security testing. This talk will cover how to sanely and effectively perform a pen-test against routers, switches, and similar network infrastructure equipment. Avenues of attack will range from the physical to the routing protocol-based, from the local to the remote, and suggested mitigation measures will also be discussed.

Presenters:

• Raven - NMRC
  Raven splits her time between network engineering and security testing, and often tries to fuse the two, to varying degrees of success. She is equally fond of building networks for ISPs and breaking them nicely. In her Copious Spare Time, she contributes to network security books, mangles for OSVDB, kicks other people's crypto implementations, and enjoys ill-advised adventures.

Links:

• https://defcon.org/html/defcon-13/dc13-speakers.html#Raven
• https://infocon.org/cons/DEF CON/DEF CON 13/DEF CON 13 video/DEF CON 13 Hacking Conference Presentation By Raven - Pen - Testing the Backbone - Video.mp4
• https://www.youtube.com/watch?v=wQRIgUuXlfw

Similar Presentations:

• DerbyCon 3.0 All in the Family (2013) / So you want to be a pentester?
• GrrCON 2014 / Application Pen Testing
• DeepSec 2015 „DeepSec No. 9“ / Have We Penetrated Yet??