Ever wanted to hijack a connection between machines on a LAN, deny
service between a host you're attacking and a log server or
intrusion
detection system, or maybe wanted to
sniff traffic on a switched network? Now you can! Er, wait... You
already could with the ARP attacks we all know and love.
While these network attacks are quite effective, they do have their
weaknesses, as well as security controls to help prevent
them. In this talk I will build on the previous research in
this field and
introduce new, more reliable attacks against the ARP protocol which
are much less identifiable and able to protect against.
Jesse 'x30n' D'Aguanno is a security researcher and software
engineer
who has been involved in the security industry and "underground" for
over 10 years.
As a software engineer he has contributed to numerous open
source and
commercial projects. As a researcher, he has written and published
many papers and proof of concept tools. His current research
interests are primarily focused on binary reverse engineering, anti-
forensics, exploit development and network attack. He is a frequent
presenter at different industry conferences
and events. By day he works as the Director of Professional Services
and Research for Praetorian Global, a security services company in
California. In his "spare" time, he is the team captain for
Digital Revelation, a security think tank most known as the two time
winners (And almost annual participants) of Defcon CTF.