PIG: Finding Truffles Without Leaving A Trace

Presented at DEF CON 19 (2011), Aug. 7, 2011, 10 a.m. (50 minutes)

When we connect to a network we leak information. Whether obtaining an IP address, finding our default gateway, or using Dropbox there are packets that can be used to help identify more about our machine and network. This talk and series of demonstrations will help you learn to passively profile a network through a new Metasploit module by gathering broadcast and multicast traffic, processing it, and looking at how the bad guys will use it to own your network. Without sending a packet, many networks divulge significant information about the assets that are attached. These broadcast packets can be used to identify hosts, OS's, and other hardware that is attached. Any skill level can learn how to easily gather and use this information, how to protect your network, and talk about how to extend the framework for new protocols.

Presenters:

• Ryan Linn - Senior Security Consultant, Trustwave SpiderLabs
  Ryan Linn is a Senior Security Consultant with Trustwave's SpiderLabs who has a passion for making security knowledge accessible. In addition to being a columnist with the Ethical Hacker Network, Ryan has contributed to open source tools including Metasploit, Dradis and the Browser Exploitation Framework (BeEF). Twitter: @sussurro

Links:

• https://defcon.org/html/defcon-19/dc-19-speakers.html#Linn
• https://infocon.org/cons/DEF CON/DEF CON 19/DEF CON 19 video and slides/DEF CON 19 - Ryan Linn - PIG Finding Truffles Without Leaving A Trace - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=G0awnHBaFvs

Similar Presentations:

• DerbyCon 1.0 (2011) / Collecting Underpants To Win Your Network
• Notacon 8 (2011) / Collecting Underpants To Win Your Network
• DEF CON 19 (2011) / Port Scanning Without Sending Packets