Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? - - PowerPoint PPT Presentation

create your own exercise

Recreating the NSA's MITM Attack

Christoph Schmidt, Team 1

1

Why Should This Topic be Chosen?

• Goal 1: Understanding how the NSA uses its

access to the Backbone

• Goal 2: Understanding how MITM attacks can

be done in practice (and in large scale)

2

Learning Goals

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand how the NSA's MITM attack works X X X Understanding why the NSA uses this attack X X Understanding the relations between NSA and telcoms X X

create your own exercise

Evil Twins Wii SSID Spooing & More

Janosch Maier & Christoph Schmidt, T eam 1

1

Why Should This T

• pic be

Chosen?

Attacking Wiis can be so easy:

• Spoof SSIDs
• Create Evil T

wins

• Deliver Google yourself

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lectu re PreLa b Lab Get to know SSID spooing X X Understand how evil twins work X X Spoof requested SSIDs X X Create an evil twin X X Reroute web traic X X Develop counter measures X

Evil T win at work

4

Wii AP Evil T win Unsuspicious User

create your own exercise

MULTIPATH TCP

Kshitija Nagaraj (Team2)

1

Why Should This Topic be Chosen?

• Multipath TCP enables to use more than one

available path for a TCP/IP session.

• Get to understand how using multiple paths,

throughput increases and failure can be handled.

• We have been using TCP in lab,MPTCP is extension of

it.

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab An overview of Multipath TCP X X Create subflows for all available paths X X X Understand the transfer of data in Multipath TCP X X X Scenario if a subflow fails X X X Understanding the security concerns X X

Teaser Practical Part

4

create your own exercise

Traditional vs Software Deined Networking

T anmay Chaudhry – T eam 2

1

Why Should This T

• pic be

Chosen?

• Primarily about learning how Software Deined Networking

works

• Students will :

– T wo parallel topologies : One Traditional, One using an SDN enabled device. – Develop a simple SDN application. – Observe advantages on both sides (Possibly measure performance trade of).

• My background : Worked primarily with the Ryu SDN

Controller Framework in my IDP .

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the lab Lectu re PreLa b Lab Understand the Basic Diference X X X SDN introduction X X Creating a simple SDN application X X X Examine advantages and disadvantages X X Some performance measurement to compare X

T easer Practical Part

4 SDN T

• pology

SDN Controller T raditional T

• pology

VS

create your own exercise

RADIUS - One Service to rule them all

David Gaßmann, Marco Eggersmann || Team 3

1

Why Should This Topic be Chosen?

• Use same credentials for WLAN and VPN
• Use RADIUS for central authentication

management

• Setup OpenVPN, FreeRADIUS and hostapd
• Combine them

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand what RADIUS is used for X X Understand WPA2-Enterprise X X X Configure RADIUS on a PC X X Configure hostapd and OpenVPN to use RADIUS X X Examine security aspects X X X Configure a complex scenario X X

Bind them!

4

RADIUS-Server Access-Point VPN-Server VPN-Client WLAN-Client

create your own exercise

VLAN – Let your switch have fun with multiple partners!

Marco Eggersmann & David Gaßmann (T eam 3)

1

Choose this topic!!!

• Connect separated LANs to a single

switch

• Learn about diferent ways to achieve this
• Learn about things you normally wouldn't

care about because they don't sound as awesome as 'Evil Blackhat Network Hacking like NSA'

2

Learn a lot!!!!

3

The Following Learning Goals are Covered in the Lectu re PreLa b Lab Understand what VLANs are used for X X Conigure multiple VLANs on a single switch X X Understand diferent types of VLAN X X X Examine security aspects X X X Increase experience with switches X X X

Do something!!!

4

VLAN 1 VLAN 2 VLAN 3

create your own exercise

IPv6 Multicast or How to save bandwidth

Johannes Straßer, Team 4

1

Why Should Stundents Learn About IPv6 Multicast?

• Ipv6 is the future
• Ipv6 features are commonly not well known
• IPv6 Multicast saves bandwidth

– Is used by IPTV providers – Can also be used for private streaming, file transfer, bittorrent-like networks, ...

2

What Will Students Learn In This Lab?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand how IPv6 Multicast works X X Learn about PIM X X Configure PIM on the cisco routers X X Use sockets for subscribing / providing multicast streams X Test IPv6 Multicast in a probable secnario X Examine security aspects X X

Teaser Practical Part

4

Streaming Source Viewer Group 1 Viewer Group 2

create your own exercise

Build your own Content Delivery Network (CDN)!

Dominique d’Argent, Team 4

1

Why should you learn about CDNs?

• CDNs power high-profile web sites (Facebook, etc.)
• Variety of CDN providers (Akamai, CloudFlare, etc.)
• CDNs boost performance and save money
• distribute load
• save bandwidth
• reduce existing hosting costs

2

What will you learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand what CDNs are used for X X Get to know different CDN providers X X Understand how CDNs work X X X Learn about caching and request routing mechanisms X (X) Configure a complex scenario X X

Lab Setup

4

Webserver PoP 1 Client 1 Client 2 PoP 2

create your own exercise

AIRHOPPER : BRIDGING THE AIR-GAP

Alexander Güssow and François Blondel - Team 5

1

Why Should This Topic be Chosen?

• Leaking data out of isolated (or not) systems
• Use radio frequencies and simple hardware

– EM radio : FM/AM, etc. – Passive listening – Sound waves or Light waves

• Using common software and get aware of risks
• Our backgrounds : SDR

2

What will YOU learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Some physics: different physical channels and their ranges X X Learn the actual state of the art: what is already possible X X X Leaking data in a nonconventional way: audio transmission X X Protection : How to detect and prevent this ? X X

Teaser Practical Part

4

create your own exercise

CONFIGURATION MANAGEMENT SYSTEMS : MANAGE YOUR MACHINE HERD

Alexander Güssow and François Blondel - Team 5

1

Why Should This Topic be Chosen?

• Configuration management Tools
• Goal : easily manage lots of machines
• Puppet, SaltStack, Ansible
• Using configuration management tools and

understang why and when they are usable

• Use of Active Directory group policies

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand why it is needed and when X X Set up a CMS (puppet, SaltStack) server and clients X X Concrete use-case: scalable architecture and load-balancer X X X Security aspects: What if a server get compromised ? X X X Configure a complex scenario X X

Teaser Practical Part

4 Clients and load-balanced web servers load-balancer CMS repository Web Client

create your own exercise

REDUNDANT SERVERS

Christoph Hielscher ‐ Team 7

1

Why Should This Topic be Chosen?

• What is the topic about?

– 2 servers, 1 client – Client sends/receives messages from servers – Client does not know the IP‐addresses of the servers – Router should duplicate incoming packets and forward them to the servers

2

Why Should This Topic be Chosen?

• What content will your students learn?

– Concept of redundant systems – Configure the servers and the client – Configure a Cisco router

3

Why Should This Topic be Chosen?

• What is your background in the topic?

– Similar scenario in my company of light control – Therefore: Improve the used setup by working on a new setup

4

What Will Your Students Learn?

5

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand what the scenario is used for X X Configure the client & the servers on PCs X X Configure a Cisco router X X What happens if one server becomes inoperaQve X X

PracQcal Part

6

PC4 Remote Client PC6 Monitoring PC1 Server 1 PC2 Server 2 Cisco Router

create your own exercise

POISONING NETWORKS

Pranav Jagdish Team 7

1

Why Should This Topic be Chosen?

• What is the topic about?

– Poisoning a Network or Hosts for MITM, Session Hijacking and other attacks. – ARP, DNS and DHCP Poisoning

2

Why Should This Topic be Chosen?

• What content will your students learn?

– How to poison a network using ARP Spoofing – How to perform known attacks by spoofing to a host as a target system. – Redirecting user traffic to your system or routing it through you – Use of the efficient python based tool called ZARP – Securing against these attacks using various methods

3

Why Should This Topic be Chosen?

• What is your background in the topic?

– Have worked on poisoners before. – Carried out scenarios wherein had to poison networks in previous practicals and then secure them too – Currently analyzing efficiency of ZARP for a seminar

4

What Will Your Students Learn?

5

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand how ARP works and what is Poisoning X X Conduct ARP, DNS and DHCP Poisoning X X X Attempt MITM attacks after poisoning the network X X Use ZARP X X Deploy countermeasures and check for flaws if any X X

Teaser Practical Part

6

create your own exercise

A couchpotato's paradise - Networked home entertainment

Team 8: Markus Müller, Hugues Fafard

1

Why Should This Topic be Chosen?

• Everyone is lazy! Let's make our life easier!
• Set up a central media server
• Stream to every device in your house
• Stream to mobile devices on the go
• Be „cool“!

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand the advantages/disadvantages NFS/SMB/AFP X X Configure NFS/SMB/AFP X Understand what DLNA is X X Understand how DLNA works X X X Configure MPD X X Configure audio sinks with PulseAudio and JACK X X Understand the difference between MPD and audio sinks X X X

Teaser Practical Part

4

Media Server „Windows“-Client Linux Client Remote Client (i.e. Cellphone) TV / MediaCenter Audio Sink

Switch

Your home router

create your own exercise

Virtual Private Networks with Tinc

Markus Mueller, Team 8

1

What is the topic about?

• Virtual private networks
• Tun/tap devices
• Key strength
• Masquerading
• Tinc

2

Some words on tinc

• Encryption, authentication and

compression

• Automatic full mesh routing
• Easily expand your VPN

3

Some words on tinc

• Ability to bridge ethernet segments
• Portable/Ipv6 support

4

5

What Will Your Students Learn?

6

The Following Learning Goals are Covered in the Lectu re PreLa b Lab Understand what VPNs are used for X X See what VPNs/tinc can be used for X X Configure Tinc X X Examine security aspects X X X Configure a complex scenario X X

Teaser Practical Part

7

Public server Monitor station Natted network Natted network

create your own exerci

Create your own DynDNS- service

Leonhard Kunz & Daniel Ocando, T eam 9

1

Why Should This Topic be Chosen?

• Useful
• Popular mechanics
• Interesting

2

What is this topic about?

• It is about running and configuring

your personal DynDNS-service and making it compliant to the Dyn.org- API

3

What is the content the students will learn?

• Building their own DynDNS service
• Using bind9
• Configuring a DNS server
• Setting up an arbitrary firewall

4

Background on the topic

• Dependent on (unreliable) solutions
• Personal interest

5

What Will Your Students Learn?

6

The Following Learning Goals are Covered in the Lectu re PreLa b Lab Understand how DynDNS works X X Configure bind9 to do DynDNS X Examine security aspects & attack prevention X X X Configure a complex scenario X X

Teaser Practical Part

7 DynDNS-Server Linux router with dynamic IP Home webserver Home PC Test client

create your own exercise

VoIP: ACHIEVING THE RIGHT QoS

Leonhard Kunz, Daniel Ocando TEAM 9

1

Why Should This Topic be Chosen?

• What is the topic about?
• VoIP calls can be very bad due to a large number of reasons. The problems of

jitter, latency and packet loss are explored. A possible solution is RSVP. 

• What content will your students learn?
• Some widespread VoIP protocols: H.323 and SIP.
• RSVP as a protocol tool to achieve a good QoS.
• Some security issues on VoIP networks.
• What is your background in the topic?
• Wanting to find ways to improve crappy experiences with VoIP.

2

Widespread technology nowadays: Skype, Gtalk, Facetime. Quick survey on job portals:

• 2,686 results in LinkedIn.
• 7820 results in Indeed

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand the main characteristics about two open standards for VoIP: H.323 and SIP X X X Understanding a protocol used to improve QoS in a VoIP network: RSVP. X X X Configure a VoIP Network X X Perform an interesting attack on VoIP network that affect QoS (Low-Rate TCP DoS, the Shrew attack) X X X

Taken from: http://icwdm.org/Images/shrew/Shrews_img_0.jpg

Teaser Practical Part

4

Taken from: http://www.symantec.com/connect/articles/two-attacks-against-voip

create your own exercise

TCPStealth ‐ Stopping port scans

Martin Riedel ‐ Team 10

1

2

Why Should This Topic be Chosen?

• Nmap, ZMap & HACIENDA
• Port scans and the 3‐way handshake
• Exploiting TCP (ISN)
• Comparison to port knocking
• MITM Attacks

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Principles of TCPStealth and port knocking X X Advantages of both systems in comparison X Setting up a TCPStealth Scenario (with NAT) X X Payload protection (MITM Attack) X X X Evaluating feasibility an security X X

Teaser Practical Part

4

Host Client Eavesdropper

10.0.1/24 10.0.1/24 10.0.2/30

create your own exercise

BANDWIDTH MANAGEMENT IN P2P FILE SHARING NETWORKS µTP V.S TCP

Ahmed Shafei – Team 10

1

µTP V.S TCP

• What is the BitTorrent protocol
• Major differences between µTP and TCP
• How does µTP enhance bandwidth utilization

2

What Will Your Students Learn?

3

The Following Learning Goals are Covered in the Lecture PreLab Lab Understand how does BitTorrent protocol work X X X Understand how does µTP protocol work X X X Examine performance differences between both X Examine congestion control mechanisms for both X

Practical Part

4

Gamer 1 Downloader Gamer 2 Game Server Seed 1 Seed 2