Submit Search
Upload
44CON London 2015 - Inside Terracotta VPN
•
0 likes
•
7,956 views
44CON
Follow
Inside Terracotta VPN by Kent Backman at 44CON London 2015
Read less
Read more
Technology
Report
Share
Report
Share
1 of 29
Download now
Download to read offline
Recommended
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON
[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnie
Zoltan Balazs
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
North Texas Chapter of the ISSA
RPS/APS vulnerability in snom/yealink and others - slides
RPS/APS vulnerability in snom/yealink and others - slides
Cal Leeming
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CanSecWest
Nikita Abdullin - Reverse-engineering of embedded MIPS devices. Case Study - ...
Nikita Abdullin - Reverse-engineering of embedded MIPS devices. Case Study - ...
DefconRussia
Recommended
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON
[ENG] IPv6 shipworm + My little Windows domain pwnie
[ENG] IPv6 shipworm + My little Windows domain pwnie
Zoltan Balazs
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
North Texas Chapter of the ISSA
RPS/APS vulnerability in snom/yealink and others - slides
RPS/APS vulnerability in snom/yealink and others - slides
Cal Leeming
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CanSecWest
Nikita Abdullin - Reverse-engineering of embedded MIPS devices. Case Study - ...
Nikita Abdullin - Reverse-engineering of embedded MIPS devices. Case Study - ...
DefconRussia
MIPS-X
MIPS-X
Zoltan Balazs
PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot Securely
Niek Timmers
How to setup your linux server
How to setup your linux server
Marian Marinov
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
Rob Gillen
Uncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditions
HeadLightSecurity
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Zoltan Balazs
Breaking Smart Speakers: We are Listening to You.
Breaking Smart Speakers: We are Listening to You.
Priyanka Aash
Уязвимости программного обеспечения телекоммуникационного оборудования Yota
Уязвимости программного обеспечения телекоммуникационного оборудования Yota
HeadLightSecurity
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
APNIC
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Positive Hack Days
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
Positive Hack Days
Offence oriented Defence
Offence oriented Defence
SensePost
How to hack a telecom and stay alive
How to hack a telecom and stay alive
qqlan
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
Santhosh Kumar
Heartbleed Overview
Heartbleed Overview
SensePost
Hacking routers as Web Hacker
Hacking routers as Web Hacker
HeadLightSecurity
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
CanSecWest
Rat a-tat-tat
Rat a-tat-tat
SensePost
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
TGodfrey
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Lyon Yang
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON
More Related Content
What's hot
MIPS-X
MIPS-X
Zoltan Balazs
PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot Securely
Niek Timmers
How to setup your linux server
How to setup your linux server
Marian Marinov
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
Rob Gillen
Uncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditions
HeadLightSecurity
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Zoltan Balazs
Breaking Smart Speakers: We are Listening to You.
Breaking Smart Speakers: We are Listening to You.
Priyanka Aash
Уязвимости программного обеспечения телекоммуникационного оборудования Yota
Уязвимости программного обеспечения телекоммуникационного оборудования Yota
HeadLightSecurity
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
APNIC
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Positive Hack Days
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
Positive Hack Days
Offence oriented Defence
Offence oriented Defence
SensePost
How to hack a telecom and stay alive
How to hack a telecom and stay alive
qqlan
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
Santhosh Kumar
Heartbleed Overview
Heartbleed Overview
SensePost
Hacking routers as Web Hacker
Hacking routers as Web Hacker
HeadLightSecurity
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
CanSecWest
Rat a-tat-tat
Rat a-tat-tat
SensePost
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
TGodfrey
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Lyon Yang
What's hot
(20)
MIPS-X
MIPS-X
PEW PEW PEW: Designing Secure Boot Securely
PEW PEW PEW: Designing Secure Boot Securely
How to setup your linux server
How to setup your linux server
DevLink - WiFu: You think your wireless is secure?
DevLink - WiFu: You think your wireless is secure?
Uncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditions
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Breaking Smart Speakers: We are Listening to You.
Breaking Smart Speakers: We are Listening to You.
Уязвимости программного обеспечения телекоммуникационного оборудования Yota
Уязвимости программного обеспечения телекоммуникационного оборудования Yota
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
Offence oriented Defence
Offence oriented Defence
How to hack a telecom and stay alive
How to hack a telecom and stay alive
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
Heartbleed Overview
Heartbleed Overview
Hacking routers as Web Hacker
Hacking routers as Web Hacker
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Csw2017 bazhaniuk exploring_yoursystemdeeper_updated
Rat a-tat-tat
Rat a-tat-tat
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Viewers also liked
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy
44CON
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON
Viewers also liked
(6)
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London - Attacking VxWorks: from Stone Age to Interstellar
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
44CON London 2015 - Old Dog, New Tricks: Forensics With PowerShell
Similar to 44CON London 2015 - Inside Terracotta VPN
OpenStackを利用したEnterprise Cloudを支える技術 - OpenStack最新情報セミナー 2016年5月
OpenStackを利用したEnterprise Cloudを支える技術 - OpenStack最新情報セミナー 2016年5月
VirtualTech Japan Inc.
Media processing with serverless architecture
Media processing with serverless architecture
Kensaku Komatsu
OpenStack Summit Tokyo - Know-how of Challlenging Deploy/Operation NTT DOCOMO...
OpenStack Summit Tokyo - Know-how of Challlenging Deploy/Operation NTT DOCOMO...
Masaaki Nakagawa
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Honeywell
NTTs Journey with Openstack-final
NTTs Journey with Openstack-final
shintaro mizuno
Effective IoT System on Openstack
Effective IoT System on Openstack
Takashi Kajinami
Distributed application usecase on docker
Distributed application usecase on docker
Hiroshi Miura
Oow con7393
Oow con7393
Ron Batra
Oracle Open World Preso on Cloud Economics
Oracle Open World Preso on Cloud Economics
Ron Batra
Edge Device Multi-unicasting for Video Streaming
Edge Device Multi-unicasting for Video Streaming
Tal Lavian Ph.D.
Oracle Cloud Networking And Security Exposed
Oracle Cloud Networking And Security Exposed
Riccardo Romani
LTE Testing
LTE Testing
Ixia
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld
Kirin User Story: Migrating Mission Critical Applications to OpenStack Privat...
Kirin User Story: Migrating Mission Critical Applications to OpenStack Privat...
Motoki Kakinuma
Phifer 3 30_04
Phifer 3 30_04
Ayano Midakso
VMworld 2015 San Francisco - INF5432 - Infrastructure as Code - Ban Snowflake...
VMworld 2015 San Francisco - INF5432 - Infrastructure as Code - Ban Snowflake...
Jonas Rosland
WebRTC
WebRTC
allanh0526
FieldServer for OEM Overview
FieldServer for OEM Overview
Sierra Monitor Corporation
Tap as a service: What you need to know now
Tap as a service: What you need to know now
Fawad Khaliq
4. Clearwater on rina
4. Clearwater on rina
ARCFIRE ICT
Similar to 44CON London 2015 - Inside Terracotta VPN
(20)
OpenStackを利用したEnterprise Cloudを支える技術 - OpenStack最新情報セミナー 2016年5月
OpenStackを利用したEnterprise Cloudを支える技術 - OpenStack最新情報セミナー 2016年5月
Media processing with serverless architecture
Media processing with serverless architecture
OpenStack Summit Tokyo - Know-how of Challlenging Deploy/Operation NTT DOCOMO...
OpenStack Summit Tokyo - Know-how of Challlenging Deploy/Operation NTT DOCOMO...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
NTTs Journey with Openstack-final
NTTs Journey with Openstack-final
Effective IoT System on Openstack
Effective IoT System on Openstack
Distributed application usecase on docker
Distributed application usecase on docker
Oow con7393
Oow con7393
Oracle Open World Preso on Cloud Economics
Oracle Open World Preso on Cloud Economics
Edge Device Multi-unicasting for Video Streaming
Edge Device Multi-unicasting for Video Streaming
Oracle Cloud Networking And Security Exposed
Oracle Cloud Networking And Security Exposed
LTE Testing
LTE Testing
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
VMworld 2013: Network Function Virtualization in the Cloud: Case for Enterpri...
Kirin User Story: Migrating Mission Critical Applications to OpenStack Privat...
Kirin User Story: Migrating Mission Critical Applications to OpenStack Privat...
Phifer 3 30_04
Phifer 3 30_04
VMworld 2015 San Francisco - INF5432 - Infrastructure as Code - Ban Snowflake...
VMworld 2015 San Francisco - INF5432 - Infrastructure as Code - Ban Snowflake...
WebRTC
WebRTC
FieldServer for OEM Overview
FieldServer for OEM Overview
Tap as a service: What you need to know now
Tap as a service: What you need to know now
4. Clearwater on rina
4. Clearwater on rina
More from 44CON
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
44CON
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
44CON
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
44CON
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
44CON
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
44CON
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
44CON
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
44CON
Pwning the 44CON Nerf Tank
Pwning the 44CON Nerf Tank
44CON
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
44CON
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?
44CON
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security
44CON
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON
44CON London 2015 - reverse reverse engineering
44CON London 2015 - reverse reverse engineering
44CON
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software
44CON
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON
More from 44CON
(20)
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Pwning the 44CON Nerf Tank
Pwning the 44CON Nerf Tank
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - reverse reverse engineering
44CON London 2015 - reverse reverse engineering
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Windows 10: 2 Steps Forward, 1 Step Back
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON London 2015 - Playing with Fire: Attacking the FireEye MPS
44CON 2014 - Breaking AV Software
44CON 2014 - Breaking AV Software
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe Fitz...
Recently uploaded
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
The Digital Insurer
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
Neo4j
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
jimielynbastida
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Deakin University
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Pixlogix Infotech
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Recently uploaded
(20)
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
44CON London 2015 - Inside Terracotta VPN
1.
1 © Copyright 2015
EMC Corporation. All rights reserved. Inside Terracotta VPN Enabler of Advanced Threat Anonymity
2.
2 © Copyright 2015
EMC Corporation. All rights reserved. About speaker Threat Intelligence Analyst RSA FirstWatch Prior: Decade plus all source, intrusion and CIRT threat analysis
3.
3 © Copyright 2015
EMC Corporation. All rights reserved. FirstWatch Global Footprint
4.
4 © Copyright 2015
EMC Corporation. All rights reserved. About this talk • What is Terracotta VPN? • Video • How Terracotta VPN was discovered • Two dozen+ • Month in the life of a node • How Terracotta works • Why the name? • Questions (anytime) and conclusions
5.
5 © Copyright 2015
EMC Corporation. All rights reserved. • VPN infrastructure/service marketed to mainland Chinese consumers – Multiple brands – Advertised use-cases • Game acceleration • “Over the [great fire] wall” • Appears to be operated from China – Source of node enlistment activity – User account authentication servers – Web site hosting What is Terracotta VPN? Saves you a Google search
6.
6 © Copyright 2015
EMC Corporation. All rights reserved. • Obtained most of their network of nodes throughout the world by hacking vulnerable servers • In addition to legitimate use-cases, Terracotta has been used by advanced threat actors (including Shell_Crew) for anonymizing and obscuring their attacks • There is no evidence that the Terracotta group is tied to the espionage-focused actors, but merely provides a service. What is Terracotta VPN? continued
7.
7 © Copyright 2015
EMC Corporation. All rights reserved. • Paper from RSA Research released at Black Hat – 04 August, 2015 – https://blogs.rsa.com/terracotta-vpn-enabler-of-advanced-threat- anonymity • Release of paper (or reporting on paper) may have stimulated some Terracotta actor changes What is Terracotta VPN? “Enabler of Advanced Threat Anonymity”
8.
8 © Copyright 2015
EMC Corporation. All rights reserved. UNITED STATES 572 204 TAIWAN THAILAND HONG KONG 14 Terracotta VPN nodes are concentrated in China, South Korea and the United States © Copyright 2015 EMC Corporation. All rights reserved. 1,095 C H I N A SOUTH KOREA SINGAPORE7 JAPAN7 VIETNAM7 27 NETHERLANDS 4 RUSSIA 4 28 CANADA 3 MALAYSIA 3 POLAND 3 GERMANY 2 INDIA 2 INDONESIA2 LITHUANIA 2 UNITED KINGDOM 2 AUSTRALIA 1 1 FRANCE HUNGARY ROMANIA KENYA SOUTH AFRICA 1 BANGLADESH MACAU
9.
9 © Copyright 2015
EMC Corporation. All rights reserved. What is Terracotta? Demo video: using a Terracotta brand
10.
10 © Copyright 2015
EMC Corporation. All rights reserved.
11.
11 © Copyright 2015
EMC Corporation. All rights reserved. • Identified in ram dump: Shell_Crew/Axiom backdoor on sensitive target web server • Derusbi server loads a custom driver with firewall hooks, allowing it to listen on any port, and coexist with other network services on same port (like 80) How Terracotta was discovered A situation with Derusbi server backdoor Derusbi server traffic redirection image courtesy Novetta Threat Research Group
12.
12 © Copyright 2015
EMC Corporation. All rights reserved. – Remediate or… – ”intel-ate” Cost/benefit decision on target web server Watched actor(s) control backdoor from legitimate organizations (not in China) for several months
13.
13 © Copyright 2015
EMC Corporation. All rights reserved. What did those legit orgs have in common? Following the breadcrumbs • Compromised Windows servers • Windows RRAS feature installed, with network policy to authenticate against RADIUS servers in China • VPN accounts included VPN brand names…. • revealed Terracotta VPN brands… • allowing enumeration of nodes… • led to more victims…
14.
14 © Copyright 2015
EMC Corporation. All rights reserved. • Fortune 500 hotel chain • A department of transportation in a U.S. state • High tech manufacturer • Fortune 500 engineering firm • University in Taiwan • University in Japan • State university in the U.S. • County government of a U.S. state • Prize indemnity insurance company • Microsoft Windows enterprise management application developer • Boutique IT service provider • Charter school • Educational service provider • Law firm • U.S. university-affiliated company • Web design and SEO consultant • Physician’s office (x2) • Unified Communications as a Service (UCaaS) provider • Business-to-Consumer (B2C) applications developer • Public convention center in a U.S. city • Wireless test and measurement solutions provider • IT Value Added Reseller (VAR) and services provider • IT solutions provider/contractor for federal and local government organizations • Furniture company • Computer store • Cloud service provider • More to come…. Orgs with Terracotta- enlisted servers
15.
15 © Copyright 2015
EMC Corporation. All rights reserved. A month in the life of a Terracotta VPN node Unique successfully authenticated connections 118,948 Unique client IP addresses 9,053 Client IP Addresses in mainland PRC 8,903 (98%) Client IP addresses not in mainland PRC 150 (2%) Unique client account names 723 (most connections used trial accounts) Unique client host names 3,640
16.
16 © Copyright 2015
EMC Corporation. All rights reserved. • VPN logs show special Terracotta-universal accounts—Terracotta client unneeded • Wang Jia “testwj” account was one, always the first one and used exclusively to test victim server configuration immediately following successful compromise • Some other VIP accounts like “dgweikunping” revealed their original locations by occasionally connecting with same computer name from home base, but usually via “VPN chain” Terracotta VIPs Hook a bruddah up
17.
17 © Copyright 2015
EMC Corporation. All rights reserved. Terracotta VIPs VPN Chaining Actor VPN node 1 VPN node 2 target USA
18.
18 © Copyright 2015
EMC Corporation. All rights reserved. Terracotta VIP accounts Hook a bruddah up Charliewcs Shenzen Dgweikunping Dongguan Wang Jia (testwj) Dongguan TXshy Shanghai qqq.com Wuhan
19.
19 © Copyright 2015
EMC Corporation. All rights reserved. Terracotta node enlistment process Victims all had Internet-exposed Windows servers TCP port 135 and/or 3389 open Terracotta may target vulnerable Windows servers because this platform includes VPN services that can be configured in a matter of minutes Base host – WEI-270FBC26C38 3. RDP login 4. Install RAT(s) after disabling antivirus 5. Create new Windows account 6. Install Windows VPN services 1. “Administrator” brute force password attack 2. Disable Windows firewall “testwj” account authentication Reconnaissance host US organization Windows server [victim] 1.8800free.info points to PRC Radius Server(1) 2.8800free.info points to PRC Radius Server(2) Wang Jia (testwj) Dongguan
20.
20 © Copyright 2015
EMC Corporation. All rights reserved. How Terracotta VPN Works Internet Username •••••• Terracotta User User browses to Terracotta VPN website User downloads Client SW, Establishes account User logs into client Software / Authenticates Client Software updates list of Nodes User selects VPN node, retrieves encoded credentials from cloud, initiates connection VPN Node authenticates User Auth.xxxxx.com Alibaba Cloud 1.8800free.info points to PRC Radius Server(1) 2.8800free.info points to PRC Radius Server(2) (IAS) Terracotta VPN Node User can connect to public internet destination through Terracotta network Tunnel is established, Auth.xxxxx.com Alibaba Cloud 3.8800free.info points to PRC Radius Server(3) (04-Aug-15) two.x33.info one.x33.info
21.
21 © Copyright 2015
EMC Corporation. All rights reserved. China cracks down on VPN’s in ‘15 But not you, Terracotta…you’re good
22.
22 © Copyright 2015
EMC Corporation. All rights reserved. • Corporate enterprise VPNs not blocked • OpenVPN protocol is blocked • Windows built-in VPN protocols not generally blocked – PPTP: Point to Point Tunneling Protocol – L2TP: Layer 2 Tunneling Protocol – SSTP: Secure Socket Tunneling Protocol Are all VPN’s blocked in China? All VPN’s are not created equal
23.
23 © Copyright 2015
EMC Corporation. All rights reserved. News flash By default, all Windows VPN protocols use MS-CHAPv2 for authentication
24.
24 © Copyright 2015
EMC Corporation. All rights reserved. But it gets worse Potential eavesdroppers don’t need to crack anything for Terracotta 1.8800free.info 2.8800free.info Terracotta VPN Node 3.8800free.info U: 20xxx_14369884_37830673_xxxvpn P: xxxjsqcom RSA Research has confirmed that Terracotta nodes send user account credentials to China in the clear
25.
25 © Copyright 2015
EMC Corporation. All rights reserved. RADIUS creds in the clear We don’t need no stinking Chaprack to decrypt VPN traffic
26.
26 © Copyright 2015
EMC Corporation. All rights reserved.
27.
27 © Copyright 2015
EMC Corporation. All rights reserved. • Iron pots – don’t crack – water tight Why the name “Terracotta VPN” • Terracotta pots – Easily cracked – Porous
28.
28 © Copyright 2015
EMC Corporation. All rights reserved. Questions? Also, RTFP: https://blogs.rsa.com/terracotta-vpn-enabler-of-advanced-threat-anonymity Send me an email “Lots of Pots” CC by Jonathan Billinger
29.
EMC, RSA, the
EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.
Download now