Presented at
ShmooCon I (2005),
Feb. 5, 2005, 10 a.m.
(60 minutes).
DNS is a routing, caching, globally deployed overlay network on top of the Internet. Last year's Black Ops of DNS discussed rudimentary mechanisms for manipulating that network to achieve low bandwidth but insidiously firewall-penetrating connectivity anywhere and everywhere. This year, we expand this research to show how extensive, bandwidth amplifying routes can be deployed across the two million DNS servers out there -- and demonstrate an aggressively loss tolerant protocol that can extract high speed connectivity from what's usually considered to be the lowest capacity protocol on the Internet.
Presenters:
-
Dan Kaminsky
- Avaya
Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems. He is best known for his work on the ultra-fast port scanner scanrand, part of the "Paketto Keiretsu", a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. He authored the Spoofing and Tunneling chapters for "Hack Proofing Your Network: Second Edition", was a co-author of "Stealing The Network: How To Own The Box", and has delivered presentations at several major industry conferences, including Linuxworld, DefCon, and past Black Hat Briefings. Dan was responsible for the Dynamic Forwarding patch to OpenSSH, integrating the majority of VPN-style functionality into the widely deployed cryptographic toolkit. Finally, he founded the cross-disciplinary DoxPara Research in 1997, seeking to integrate psychological and technological theory to create more effective systems for non-ideal but very real environments in the field. Dan is based in Silicon Valley.
Links:
Similar Presentations: