Packet Spoofing as a service

Presented at ToorCamp 2016, June 11, 2016, 3 p.m. (30 minutes).

The talk will start with the design of SP^3 (https://github.com/willscott/sp3), a system that opens up the ability to spoof packets - to send traffic on the Internet that appears to come from a different source. From there, it will explore some of potential of this capability: You can use the ability to send data from arbitrary sources to design protocols that are much harder to surveil or learn active participants. You can also use them to make TCP connections between NAT'ed devices almost possible / practical, and to check routing policy of your network. Apart from these mechanisms, I'll talk about the concerns that have existing around spoofing, and how SP^3 was designed to make it more accessible while mitigating the potential for DDOS and malicious traffic using the mechanism.

Presenters:

• Will Scott   as willscott
  I am a fifth year graduate student in the networks lab at the University of Washington. I've also spent time over the last three years teaching computer science in Pyongyang. My research centers on how to make a more resilient web, through working with in-browser peer-to-peer and caching, and applying operating systems lessons to web frameworks. I'm a Seattle native, taught skiing for a few years, speak some Chinese, and enjoy playing with fire.

Similar Presentations:

• DEF CON 21 (2013) / Let's Screw with Nmap
• AppSec USA 2012 / The Magic of Symbiotic Security: Creating an Ecosystem of Security Systems
• BruCON 0x09 (2017) / XFLTReaT: a new dimension in tunnelling