w hy t he p arasite
play

W HY T HE P ARASITE ? Many organizations filter outgoing traffic - PowerPoint PPT Presentation

Dec 28, 2022 •359 likes •776 views

Introducing T HE P ARASITE Coming Soon to a Network Near You! Tsagkarakis Nikos { ntsag at census-labs.com } Census, Inc. Athcon 2011, Athens I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC . O VERVIEW I NTRODUCTION C ONSTRUCTION P

  1. Introducing T HE P ARASITE Coming Soon to a Network Near You! Tsagkarakis Nikos { ntsag at census-labs.com } Census, Inc. Athcon 2011, Athens I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  2. O VERVIEW I NTRODUCTION C ONSTRUCTION P LAYING WITH P ARASITE F UTURE OF P ARASITE C ONCLUSIONS I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  3. I NTRODUCTION I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  4. W HY T HE P ARASITE ? ◮ Many organizations ◮ filter outgoing traffic ◮ host networks that are not connected to the internet ◮ Need for a simple way to gain and retain access in the above situations I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  5. W HY T HE P ARASITE ? ◮ An attack vector of low profile and high risk ◮ “We have strong physical security” ◮ “We will arrest a person using the plug next to a printer” ◮ “What if I construct a device, plug it into the target infrastructure and then go home?” I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  6. R ELATED W ORK ◮ NeoPwn ◮ Weaponizing N900 ◮ Plug Computers for penetration testing ◮ All of the above connect back through the target infrastructure ◮ Ineffective when there is no connection to the Internet I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  7. P ROTOTYPE I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  8. P ROTOTYPE ◮ The idea is to produce a small device that can easilly be hidden in the target infrastructure ◮ A device that can be built by anyone I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  9. I T IS AN OLD STORY ◮ Bugs ◮ Microcameras ◮ Q’s gadgets I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  10. W HAT ALLOWS FOR THE USE OF P ARASITE ? ◮ Really messy datacenters ◮ The huge amount of cabling in a building ◮ The administrators are usually too busy to notice (or understaffed) ◮ Noone pays attention to small changes in the inventory of a datacenter or infrastructure I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  11. C ONSTRUCTION I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  12. C ONCEPT I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  13. C HALLENGE Build a device that is ◮ Small ◮ of Low Energy Consumption ◮ Autonomous I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  14. M ATERIALS FOR PROTOTYPE ◮ N900 ◮ USB Ethernet Device ◮ Cables ◮ Batteries I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  15. C OST ◮ N900 - 400 euro ◮ USB Ethernet Device - 15-30 euro ◮ Cables - 5 euro ◮ Batteries - 20-10000 euro ◮ 3G Connection Cost - 1 euro/day I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  16. N ETWORK I NTERFACES ◮ GSM Interface ◮ Ethernet ◮ Wifi I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  17. C ONNECT B ACK ◮ OpenVPN ◮ SSH I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  18. B ATTERY ◮ Extra battery ◮ Power over ethernet I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  19. P O E I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  20. P O E I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  21. T IME TO LIVE ◮ Simple Nokia battery 40 hours ◮ Enchanced Nokia Battery PoE 60-70 hours ◮ Enchanced Nokia Battery 80 hours I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  22. S ELF - DESTRUCT M ECHANISM ◮ Magnesium ◮ Thermistors ◮ Electric Ignitor ◮ On memory card I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  23. S ELF - DESTRUCT M ECHANISM I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  24. P LAYING WITH P ARASITE I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  25. U SES OF P ARASITE ◮ Security Testing ◮ Penetration Testing ◮ Physical Security Testing ◮ Spying I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  26. S OCIAL E NGINEERS I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  27. S OCIAL E NGINEERS I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  28. S OCIAL E NGINEERS I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  29. M ANY WAYS TO PLANT THE P ARASITE I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  30. M ANY WAYS TO PLANT THE P ARASITE I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  31. M ANY WAYS TO PLANT THE P ARASITE I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  32. S OME USES OF P ARASITE nmap I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  33. S OME USES OF P ARASITE sniffing I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  34. S OME USES OF P ARASITE metasploit I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  35. F UTURE OF P ARASITE I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  36. M INI C OMPUTERS ◮ Use of mini computers to build Parasites ◮ An independent build of such a device I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  37. M INI C OMPUTERS I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  38. O PEN BTS ◮ Use of OpenBTS for connecting back through an alternate GSM network I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  39. C ONCLUSIONS A small device that can be planted everywhere and work for some time I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  40. C AN WE BE PROTECTED ? ◮ Yes, but it requires a fair amount of effort! ◮ Employ physical security measures ◮ Monitor any changes in the inventory of an infrastructure (however small) ◮ Monitor the security of internal networks even if they are not connected to the Internet I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

  41. Q UESTIONS ? I NTRODUCING THE P ARASITE :: A THCON 2011 :: C ENSUS , I NC .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container migration with Podman on RHEL https://www.redhat.com/en/blog/container-migration-podman-rhel 2 FOSDEM 2020 Definition: Container Live Migration 3

789 views • 47 slides
Double stranded helicates metal binding domain bridge substitution pattern Double helicates

Double stranded helicates metal binding domain bridge substitution pattern Double helicates

Double stranded helicates metal binding domain bridge substitution pattern Double helicates Triple stranded helicates - Ni(II) : octahedral geometry - one ligand can not wrap around one Ni(II) cation : trimerization - other metals: Co(II),

979 views • 78 slides
MOL2NET Phytochemical profile of leaves extract of Azadirachta indica A. Juss and toxicity against

MOL2NET Phytochemical profile of leaves extract of Azadirachta indica A. Juss and toxicity against

MOL2NET , 2018 , 2(14), pages 1- x 1 http://sciforum.net/conference/mol2net-02/wrsamc SciForum MOL2NET Phytochemical profile of leaves extract of Azadirachta indica A. Juss and toxicity against Drosophila melanogaster Drcio Luiz de Sousa

494 views • 6 slides
Evaluation of A New TwinJet Nozzle for Weed Control in Peanut Eric P. Prostko 1 , Brock A. Ward 1

Evaluation of A New TwinJet Nozzle for Weed Control in Peanut Eric P. Prostko 1 , Brock A. Ward 1

Evaluation of A New TwinJet Nozzle for Weed Control in Peanut Eric P. Prostko 1 , Brock A. Ward 1 , Glenn C. Rains 3 ,O. Wen Carter 2 1 Department of Crop & Soil Sciences 2 Miller County Extension Agent 3 Department of Entomology Peanut and

670 views • 25 slides
Doing Cophylogenetics Fast Michael Charleston et al. University of Sydney Phylomania, November

Doing Cophylogenetics Fast Michael Charleston et al. University of Sydney Phylomania, November

Doing Cophylogenetics Fast Michael Charleston et al. University of Sydney Phylomania, November 2013 Abstract Cophylogeny Mapping 101 Coevolution Mapping Whats Recoverable A practical integer linear program solution Integer Linear

439 views • 42 slides
Estimation of Drag Coefficient Prof. Rajkumar S. Pant Aerospace Engineering Department IIT

Estimation of Drag Coefficient Prof. Rajkumar S. Pant Aerospace Engineering Department IIT

Estimation of Drag Coefficient Prof. Rajkumar S. Pant Aerospace Engineering Department IIT Bombay AE-332M / 714 Aircraft Design Capsule-03 Mostly applicable to Transport Aircraft SUBSONIC PARASITE DRAG COEFFICIENT ESTIMATION AE-332M / 714

175 views • 16 slides
LArLite Introduction & Use Case Kazuhiro Terao @ Nevis, Columbia 1 About LArLite 2 What Is

LArLite Introduction & Use Case Kazuhiro Terao @ Nevis, Columbia 1 About LArLite 2 What Is

LArLite Introduction & Use Case Kazuhiro Terao @ Nevis, Columbia 1 About LArLite 2 What Is LArLite? C++ code development toolkit - Goal = easy & simple C++ code development - Supports Darwin & Linux - Dependency: ROOT,

798 views • 22 slides
Branching within branching: a general model for host-parasite co-evolution Gerold Alsmeyer (joint

Branching within branching: a general model for host-parasite co-evolution Gerold Alsmeyer (joint

Model The ABPRE Extinction results Survival case Branching within branching: a general model for host-parasite co-evolution Gerold Alsmeyer (joint work with S oren Gr ottrup) May 15, 2017 Gerold Alsmeyer Host-parasite co-evolution 1

538 views • 26 slides
Pa Parasites of the mind How cultural representations can subvert human interests Maarten Boudry

Pa Parasites of the mind How cultural representations can subvert human interests Maarten Boudry

Pa Parasites of the mind How cultural representations can subvert human interests Maarten Boudry & Steije Hofhuis An irresistible idea Are there any such things as mind parasites ? By analogy with biological parasites harmful to

545 views • 18 slides
PARASITIC COMPUTING Seminar by Rubia Jasmin H.N, Roll No. 54, S7 CSE, MACE CONTENTS

PARASITIC COMPUTING Seminar by Rubia Jasmin H.N, Roll No. 54, S7 CSE, MACE CONTENTS

PARASITIC COMPUTING Seminar by Rubia Jasmin H.N, Roll No. 54, S7 CSE, MACE CONTENTS Introduction Implementation Basic of parasite computing features and advantages Solving problems with Challenges and parasite computers

487 views • 31 slides
THE BLACK ART OF BINARY HIJACKING HIJACKING Agenda Agenda Agenda Agenda 2 2 Overview of

THE BLACK ART OF BINARY HIJACKING HIJACKING Agenda Agenda Agenda Agenda 2 2 Overview of

Principal Consultant Nick Harbour nick.harbour@mandiant.com ick.harbour@mandiant.com @ THE BLACK ART OF BINARY HIJACKING HIJACKING Agenda Agenda Agenda Agenda 2 2 Overview of Persistence Techniques Overview of Persistence

153 views • 14 slides
ASIC Physical Design Post-Layout Verification ASIC Physical Design (Standard Cell) (can also do

ASIC Physical Design Post-Layout Verification ASIC Physical Design (Standard Cell) (can also do

ASIC Physical Design Post-Layout Verification ASIC Physical Design (Standard Cell) (can also do full custom layout) Component-Level Netlist (Verilog) Std. Cell Cadence: Floorplan Layouts Encounter Chip/Block (std cells) Libraries

1.13k views • 33 slides
Introduction to Digital VLSI Design

Introduction to Digital VLSI Design

Introduction to Digital VLSI Design VLSI Extraction Lecturer: Gil Rahav Semester B , EE Dept. BGU. Freescale Semiconductors Israel Introduction to Digital VLSI Slide 1

540 views • 19 slides
Parasitic effects Snubbers and clamps Turn on and turn off effects Turn on - diode

Parasitic effects Snubbers and clamps Turn on and turn off effects Turn on - diode

Mor M. Peretz, Switch-Mode Power Supplies [5-1] Parasitic effects Snubbers and clamps Turn on and turn off effects Turn on - diode reverse recovery Turn off dI/dT effect on transistor Turn off diode forward recovery

367 views • 12 slides
Switched-Capacitor Circuits Jrgen Andreas Michaelsen Spring 2014 Outline Introduction (why

Switched-Capacitor Circuits Jrgen Andreas Michaelsen Spring 2014 Outline Introduction (why

INF4420 Switched-Capacitor Circuits Jrgen Andreas Michaelsen Spring 2014 Outline Introduction (why and how) Integrators and filters Gain circuits Noise and charge injection Spring 2014 Switched-Capacitor Circuits 2

1.1k views • 42 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (5/3/07) I E S R C E O V U

UMBC A B M A L T F O U M B C I M Y O R T 1 (5/3/07) I E S R C E O V U

Digital Systems Connectors I CMPE 650 Connectors High speed connectors are expensive. The DIN connector (good to few tens of MHz) costs 100 times less than hand-assembled SMA hard line connectors (good to 25 GHz). The performance altering

932 views • 17 slides
Eliminating Sidewards Movement Gregory M. Kobele Humboldt-Universitt zu Berlin The Main Idea

Eliminating Sidewards Movement Gregory M. Kobele Humboldt-Universitt zu Berlin The Main Idea

Eliminating Sidewards Movement Gregory M. Kobele Humboldt-Universitt zu Berlin The Main Idea What are the structures and operations underlying natural language syntax? A case study: Nunes (1995) sidewards movement analysis of

823 views • 38 slides
Perspectives on cavity field control Olof Troeng, Dept. of Automatic Control, Lund Univeristy

Perspectives on cavity field control Olof Troeng, Dept. of Automatic Control, Lund Univeristy

Perspectives on cavity field control Olof Troeng, Dept. of Automatic Control, Lund Univeristy Low-Level RF Workshop, 2019-10-03 1 Outline Thoughts from an automatic-control (and linac) perspective 1. Complex-coefficient LTI systems 2.

766 views • 54 slides
Summary Summary I Iterative flow Iterative flow vs vs. stepwise refinement . stepwise

Summary Summary I Iterative flow Iterative flow vs vs. stepwise refinement . stepwise

Gain Gain-based synthesis based synthesis enabler for correct enabler for correct-by by-construction design construction design Patrick Patrick Groeneveld Groeneveld (patrick patrick@magma @magma-da da.com) .com) Magma

1.06k views • 46 slides
Neural Networks Hopfield Nets and Auto Associators Spring 2019 1 Story so far Neural

Neural Networks Hopfield Nets and Auto Associators Spring 2019 1 Story so far Neural

Neural Networks Hopfield Nets and Auto Associators Spring 2019 1 Story so far Neural networks for computation All feedforward structures But what about.. 2 Consider this loopy network The output of a neuron affects the input to

1.38k views • 96 slides
Estimating Delays Would be nice to have a back of the envelope method for sizing gates

Estimating Delays Would be nice to have a back of the envelope method for sizing gates

Logical Effort Sizing Transistors for Speed Estimating Delays Would be nice to have a back of the envelope method for sizing gates for speed Logical Effort Book by Sutherland, Sproull, Harris Chapter 1 is on our web page

755 views • 26 slides
Design of Parasitic Antenna Arrays & Experimentation at AIT's B-WiSE Lab Constantinos B.

Design of Parasitic Antenna Arrays & Experimentation at AIT's B-WiSE Lab Constantinos B.

Design of Parasitic Antenna Arrays & Experimentation at AIT's B-WiSE Lab Constantinos B. Papadias George C. Alexandropoulos Vlasis I. Barousis Eleftherios I. Roumpakias AIT & B-WiSE Lab AIT is a self-sustained, non-profit,

523 views • 21 slides
Enabling Realistic Fine-Grain Voltage Scaling with Reconfigurable Power Distribution Networks

Enabling Realistic Fine-Grain Voltage Scaling with Reconfigurable Power Distribution Networks

Enabling Realistic Fine-Grain Voltage Scaling with Reconfigurable Power Distribution Networks Waclaw Godycki, Christopher Torng, Ivan Bukreyev Alyssa Apsel, Christopher Batten School of Electrical and Computer Engineering Cornell University

1.11k views • 75 slides
hybrid antenna arrays and precoding techniques Constantinos B. Papadias Dimitrios Ntaikos, Kostas

hybrid antenna arrays and precoding techniques Constantinos B. Papadias Dimitrios Ntaikos, Kostas

Terrestrial communication in the X/ K bands aided by hybrid antenna arrays and precoding techniques Constantinos B. Papadias Dimitrios Ntaikos, Kostas Ntougias, George Papageorgiou, Bobby Gizas {cpap,dint,kontou,gepa,bogi}@ait.gr Broadband

631 views • 26 slides

More recommend