Dan Kaminsky: Black Ops Of TCP/IP 2005 (English) - a podcast by Jeff Moss

"Our networks are growing. Is our understanding of them? This talk will focus on the monitoring and defense of very large scale networks, describing mechanisms for actively probing them and systems that may evade our most detailed probes. We will analyze these techniques in the context of how IPv6 affects, or fails to affect them. A number of technologies will be discussed, including:

* A temporal attack against IP fragmentation, using variance in fragment reassembly timers to evade Network Intrustion Detection Systems* A high speed DNS tunneling mechanism, capable of streaming video over a firewall-penetrating set of DNS queries
* DNS poisoning attacks against networks that implement automated defensive network shunning, and other unexpected design constraints developers and deployers of security equipment should be aware of* Mechanisms for very high speed reconstruction of IPv4 and IPv6 network topologies, complete with visual representation of those topologies implemented in OpenGL.
* Analysis of the potential for using name servers as IPv4->IPv6 gateways.
* In addition, we'll briefly discuss the results of research against MD5, which allows two very different web pages to emit the same MD5 hash.

Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems.

He is best known for his work on the ultra-fast port scanner scanrand, part of the"Paketto Keiretsu", a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. He authored the Spoofing and Tunneling chapters for"Hack Proofing Your Network: Second Edition", was a co-author of"Stealing The Network: How To Own The Box", and has delivered presentations at several major industry conferences, including Linuxworld, DefCon, and past Black Hat Briefings.

Dan was responsible for the Dynamic Forwarding patch to OpenSSH, integrating the majority of VPN-style functionality into the widely deployed cryptographic toolkit. Finally, he founded the cross-disciplinary DoxPara Research in 1997, seeking to integrate psychological and technological theory to create more effective systems for non-ideal but very real environments in the field. Dan is based in Silicon Valley."

Further episodes of Black Hat Briefings, Japan 2005 [Audio] Presentations from the security conference

Further podcasts by Jeff Moss

Website of Jeff Moss