IBM Networking Attacks-Or The Easiest Way To Own A Mainframe Without Getting The Removals Men In

Presented at DEF CON 14 (2006), Aug. 5, 2006, 1 p.m. (50 minutes).

Why would you want to attack IBM Networking? Isn't it old, unused and unimportant in today's modern business environments? The answer is why not attack it, after all it is still deployed in lots of high value environments. IBM Networking usually means Mainframes and therefore the potential to get to some cool financial or intelligence data. But what was that I heard you say? You can only route IP across the Internet! Maybe so, but if you have a poorly designed network I just might be able to get to your mainframe. Maybe even compromise it! So if you are a penetration tester, Security Manager or Network Architect you will gain insight into a number of areas of IBM Networking security. You will also learn about the tool which will be released to accompany the presentation. This presentation will introduce the basic concepts behind a number of IBM networking protocols and how they are currently used by companies. The talk will cover a number of areas including an overview of Systems Network Architecture (SNA) and Data Link Switching (DLSw). The manners through which these protocols can be abused to gain unauthorised access to systems will also be discussed. This presentation is not a criticism of IBM or their technologies but intends to lift the lid on an area of IT security that is not widely understood. The prentation will cover issues relating to software bugs, device configuration and architecture design. A number of recommendations are also made to ensure that vulnerable environments can be adequately secured against attack.

Presenters:

  • Martyn Ruks - Security Consultant
    Martyn Ruks is an information security professional working for mwr Infosecurity in the UK. Martyn has worked in the industry for 5 years and has principally been involved in security consultancy and penetration testing. This testing has covered a wide range of technologies and has been performed for Blue Chip companies. Very little of Martyn's previous security research has been published, however, this presentation is intended to form the first part of a detailed investigation into various IBM technologies.

Links:

Similar Presentations: