Slides from our talk on ZeroNights 2018 about scaning Internet for the SD-WAN solutions. It answers how many SD-WAN nodes are in the Internet and how can you find it and not to lost yourself.
This document summarizes a presentation on SD-WAN security given by Denis Kolegov and Oleg Broslavsky. It discusses the results of an SD-WAN internet census that found thousands of exposed SD-WAN devices, many with known vulnerabilities. Common vulnerabilities found in SD-WAN products include XSS, CSRF, insecure authentication, and the use of hardcoded cryptographic keys. Exploits are demonstrated against several commercial SD-WAN products to highlight real-world risks. The presenters advocate for improving SD-WAN security and responsible vulnerability disclosure.
White-Box HMAC. Make your cipher secure to white-box attacks.yalegko
Some slides from my talk on Positive Hack Days VI about white box implementation of HMAC algorithm.
It contains brief explanation of attack context, common use cases for white box cryptography, idea of white box AES implementation and details of white box HMAC implementation.
Some overview of "box" paradigms, such as black, gray and white boxes. Notes about white-box cryptography and its use cases. Simpliest white-box AES implementation sketch.
This document provides instructions for various tasks related to networking and system administration on Linux systems, including:
1) Configuring network interfaces using dhclient or manually assigning an IP address and route.
2) Installing and configuring OpenSSH for remote access and using SSH, SCP for secure file transfers.
3) Using common Linux commands like tcpdump, tshark, ps, kill, service to monitor network traffic, view processes, kill processes, and control services.
4) Additional instructions are provided for using shell commands like head, tail, awk, sed, grep to view logs and parse output from other commands. Guidance is given for capturing network traffic to PCAP files using tcp
Covert timing channels using HTTP cache headersyalegko
This document discusses using HTTP cache headers to create covert timing channels. It describes how information can be encoded in the Last-Modified and ETag response headers and decoded using the If-Modified-Since, If-Unmodified-Since, If-Match, and If-None-Match request headers. The document outlines an implementation of these covert channels using C that achieves transmission speeds of 1-2 bits per second with over 99% accuracy. Issues in synchronization, timing, and CPU load are also addressed.
Covert timing channels using HTTP cache headersyalegko
This document discusses using HTTP cache headers to create covert timing channels for transmitting information between hosts without detection. It provides examples of encoding data in the Accept-Language header and describes how headers like Last-Modified and ETag can be used to transmit bits by checking if the page has changed. Issues in implementation are addressed, like needing synchronization. Evaluation shows channels can transmit over 1 bit/second over local networks and around 5 bits/second over the internet. Browser-based channels in JavaScript are also proposed.
Slides from our talk on ZeroNights 2018 about scaning Internet for the SD-WAN solutions. It answers how many SD-WAN nodes are in the Internet and how can you find it and not to lost yourself.
This document summarizes a presentation on SD-WAN security given by Denis Kolegov and Oleg Broslavsky. It discusses the results of an SD-WAN internet census that found thousands of exposed SD-WAN devices, many with known vulnerabilities. Common vulnerabilities found in SD-WAN products include XSS, CSRF, insecure authentication, and the use of hardcoded cryptographic keys. Exploits are demonstrated against several commercial SD-WAN products to highlight real-world risks. The presenters advocate for improving SD-WAN security and responsible vulnerability disclosure.
White-Box HMAC. Make your cipher secure to white-box attacks.yalegko
Some slides from my talk on Positive Hack Days VI about white box implementation of HMAC algorithm.
It contains brief explanation of attack context, common use cases for white box cryptography, idea of white box AES implementation and details of white box HMAC implementation.
Some overview of "box" paradigms, such as black, gray and white boxes. Notes about white-box cryptography and its use cases. Simpliest white-box AES implementation sketch.
This document provides instructions for various tasks related to networking and system administration on Linux systems, including:
1) Configuring network interfaces using dhclient or manually assigning an IP address and route.
2) Installing and configuring OpenSSH for remote access and using SSH, SCP for secure file transfers.
3) Using common Linux commands like tcpdump, tshark, ps, kill, service to monitor network traffic, view processes, kill processes, and control services.
4) Additional instructions are provided for using shell commands like head, tail, awk, sed, grep to view logs and parse output from other commands. Guidance is given for capturing network traffic to PCAP files using tcp
Covert timing channels using HTTP cache headersyalegko
This document discusses using HTTP cache headers to create covert timing channels. It describes how information can be encoded in the Last-Modified and ETag response headers and decoded using the If-Modified-Since, If-Unmodified-Since, If-Match, and If-None-Match request headers. The document outlines an implementation of these covert channels using C that achieves transmission speeds of 1-2 bits per second with over 99% accuracy. Issues in synchronization, timing, and CPU load are also addressed.
Covert timing channels using HTTP cache headersyalegko
This document discusses using HTTP cache headers to create covert timing channels for transmitting information between hosts without detection. It provides examples of encoding data in the Accept-Language header and describes how headers like Last-Modified and ETag can be used to transmit bits by checking if the page has changed. Issues in implementation are addressed, like needing synchronization. Evaluation shows channels can transmit over 1 bit/second over local networks and around 5 bits/second over the internet. Browser-based channels in JavaScript are also proposed.