Attacking control, routing, and tunneling protocols

Presented at DEF CON 9 (2001), July 13, 2001, noon (50 minutes)

The protection of networked computers depends on the security and integrity of the underlying communication layers. In the last years, many people invested time to research bugs and exploits on the application level and less interest was on the network layers. We are going into the realms of protocols of ISO OSI layer 2 and 3. The audience will get a quick refresher on what Layer 2 and 3 are about and which general attack approaches exist. Layer 2 will be covered quickly and attacks using the well known ARP, CDP and some more will be explained. The primary part of the session will be focused on the abuse of ICMP and interior routing protocols (RIP & IGRP), how to scan for autonomous systems and for IP protocols other then TCP/UDP. Re-routing of packet streams for sniffing/interception will be covered as well. The finale will explain and show how to attack VPNs using GRE and how tunneling can enable you to circumvent NAT.

Presenters:

• Felix Lindner / FX - Phenoelit   as FX
  FX of Phenoelit is the leader of the german Phenoelit group. His and the groups primary interests are in security implementations and implications of standards or less-known protocols. FX currently works as field infosec engineer at Lucent Worldwide Services ESS where he is supported in doing the things he generally prefers to do.

Links:

• https://defcon.org/html/defcon-9/defcon-9-speakers.html#FX
• https://infocon.org/cons/DEF CON/DEF CON 9/DEF CON 9 video/DEF CON 9 - FX - Attacking Control Routing and Tunneling Protocols.mp4
• https://www.youtube.com/watch?v=-M37rdfDouo

Similar Presentations:

• Black Hat USA 2020 Virtual / Routopsy: Modern Routing Protocol Vulnerability Analysis and Exploitation
• DEF CON 10 (2002) / Layer 2, Routing Protocols, Router Security & Forensics
• DeepSec 2016 „Ten“ / Exploiting First Hop Protocols to Own the Network