February 2016 – Page 2 – Insinuator.net

February 3, 2016 by Ahmad Abolhadid

Denial of Service attacks on VoLTE

Some weeks ago Hendrik explained in his blogpost Security Analysis of VoLTE, Part 1 some attack vectors for Voice over LTE (VoLTE). One attack vector introduced was Denial of Service (DoS), which I also discussed in my Masterthesis “Evaluation of IMS security and Developing penetration tests of IMS”.

In general, DoS attacks aim to prevent a system or a network from efficiently providing its service to legitimate users . The impact of such attacks can vary from a big degradation of quality to total blockage. DoS can occur on users level, where a user or a group of users cannot use the service. But the common conception of DoS is on the service level, where the whole service is broken, unstable or totally down. This blog post is about targeting DoS of the whole VoLTE service by attacking IMS.
Continue reading “Denial of Service attacks on VoLTE”

Events

February 3, 2016 by Hendrik Schmidt

TelcoSecDay 2016 – Second Round of Talks

I am very happy to announce the second round of talks for the TelcoSecDay 2016. As mentioned in my previous post it will take place on March 15th. All invitations should be out by now; if you think you can contribute to the group and you are willing to join us – please let me know (hschmidt@ernw.de).

Still, not all talks are confirmed but the newly published talks will provide an idea about TSD 2016 and its discussions.
Continue reading “TelcoSecDay 2016 – Second Round of Talks”

Events

February 2, 2016 by Niki Vonderwell

Pentesting with Metasploit #TR16 Training

In this year’s MSF training we will guide you through the typical steps of the pentest cycle: information gathering, attacking and looting your targets. For each step, demos and exercises will help you deepen and test your newly acquired knowledge. In addition to the typical penetration-test scenarios you will also learn several advanced aspects of the framework such as: how writing your own metasploit modules works, how to export payloads and make them undetected. With a final exercise each day you can finally challenge yourself and apply what you have learned!

Be prepared with a Virtualbox installation and a notebook. If you prefer, you can install MSF on your laptop beforehand and make yourself familiar with it. As a special bonus, MSF is typically one of the tools always summoned during the infamous PacketWars!

See you there!
Benedikt

Building

February 2, 2016 by Enno Rey

Developing an Enterprise IPv6 Security Strategy / Part 6: Controls on the Host Level

In this part of the series (for the other parts see [1], [2], [3], [4], [5]) we’ll discuss approaches to implement security measures suited to protect from IPv6-related threats on the host level.

Continue reading “Developing an Enterprise IPv6 Security Strategy / Part 6: Controls on the Host Level”