PIG: Finding Truffles Without Leaving A Trace

Presented at DEF CON 19 (2011), Aug. 7, 2011, 10 a.m. (50 minutes)

When we connect to a network we leak information. Whether obtaining an IP address, finding our default gateway, or using Dropbox there are packets that can be used to help identify more about our machine and network. This talk and series of demonstrations will help you learn to passively profile a network through a new Metasploit module by gathering broadcast and multicast traffic, processing it, and looking at how the bad guys will use it to own your network. Without sending a packet, many networks divulge significant information about the assets that are attached. These broadcast packets can be used to identify hosts, OS's, and other hardware that is attached. Any skill level can learn how to easily gather and use this information, how to protect your network, and talk about how to extend the framework for new protocols.

Presenters:

  • Ryan Linn - Senior Security Consultant, Trustwave SpiderLabs
    Ryan Linn is a Senior Security Consultant with Trustwave's SpiderLabs who has a passion for making security knowledge accessible. In addition to being a columnist with the Ethical Hacker Network, Ryan has contributed to open source tools including Metasploit, Dradis and the Browser Exploitation Framework (BeEF). Twitter: @sussurro

Links: