Attacking control, routing, and tunneling protocols

Presented at DEF CON 9 (2001), July 13, 2001, noon (50 minutes).

The protection of networked computers depends on the security and integrity of the underlying communication layers. In the last years, many people invested time to research bugs and exploits on the application level and less interest was on the network layers. We are going into the realms of protocols of ISO OSI layer 2 and 3. The audience will get a quick refresher on what Layer 2 and 3 are about and which general attack approaches exist. Layer 2 will be covered quickly and attacks using the well known ARP, CDP and some more will be explained. The primary part of the session will be focused on the abuse of ICMP and interior routing protocols (RIP & IGRP), how to scan for autonomous systems and for IP protocols other then TCP/UDP. Re-routing of packet streams for sniffing/interception will be covered as well. The finale will explain and show how to attack VPNs using GRE and how tunneling can enable you to circumvent NAT.

Presenters:

  • Felix Lindner / FX - Phenoelit   as FX
    FX of Phenoelit is the leader of the german Phenoelit group. His and the groups primary interests are in security implementations and implications of standards or less-known protocols. FX currently works as field infosec engineer at Lucent Worldwide Services ESS where he is supported in doing the things he generally prefers to do.

Links:

Similar Presentations: