Enno Rey – Page 7 – Insinuator.net

March 10, 2015 by Enno Rey

Final Agenda of Troopers15 TelcoSecDay

Admitted, we’re a bit late this time, but here we go with the agenda of this year’s TelcoSecDay.

Given the high number of quality contributions overall there’s more talks than in the previous years and we’ll hence start more early (and finish later 🙂 ), so please plan accordingly.
This is the agenda, details for the invididual talks can be found in the respective links:

8:30-9:00 Opening & Intro
9:00-9:45 Luca Bruno: Through the Looking-Glass, and What Eve Found There
9:45-10:30 Dieter Spaar: How to Assess M2M Communication from an Attacker’s Perspective
Break
11:00-11:45 Tobias Engel: Securing the SS7 Interconnect
11:45-12:30 Ravishankar Borgaonkar: TelcoSecurity Mirage: 1G to 5G
12:30-13:00 Hendrik Schmidt: Security Aspects of VoLTE
Lunch
14:00-14:45 Rob Kuiters: On her majesty’s secret service – GRX and a Spy Agency
14:45-15:30 “Watching the Watchers”
Break
16:00-16:45 Markus Vervier: Borrowing Mobile Network Identities – Just Because We Can
16:45-17:15 Shahar Tal: I hunt TR-069 admins – CWMP Insecurity
Refreshment
17:30-18:00 Sébastien Roche (Orange): tba

19:30 Dinner (it will be hosted by us, location & details will be provided during workshop and from @WEareTROOPERS).

See you all there, have a safe trip everybody

Enno

Building

March 9, 2015 by Enno Rey

IPv6 Router Advertisement Flags, RDNSS and DHCPv6 Conflicting Configurations

We’ve just released a whitepaper discussing the behavior of different operating systems once they receive IPv6 configuration parameters from different sources. For that purpose a number of lab tests were conducted. Continue reading “IPv6 Router Advertisement Flags, RDNSS and DHCPv6 Conflicting Configurations”

Building

March 6, 2015 by Enno Rey

An MLD Testing Methodology

Based on recent research in the ERNW IPv6 lab and with our MLD talk looming we’ve put together a (as we think) comprehensive document discussing how to thoroughly test MLD implementations in various components (network devices or servers/clients). We hope it can contribute to a better understanding of the protocol and that it can serve as either a checklist for your own environment or as a source of inspiration for researchers looking at MLD themselves.

Continue reading “An MLD Testing Methodology”

Events

March 4, 2015 by Enno Rey

A Chiron Workshop at the IPv6 Security Summit of Troopers 15

This is a guest post from Antonios Atlasis.

Last year, during the IPv6 Security Summit of Troopers 14 I had the pleasure to present publicly, for first time, my IPv6 Penetration Testing / Security Assessment framework called Chiron, while later, it was also presented at Brucon 14 as part of the 5×5 project. This year, I am returning back to the place where it all started, to the beautiful city of Heidelberg to give another workshop about Chiron at the IPv6 Security Summit of Troopers 15. But, is it just another workshop with the known Chiron features or has something changed?
I would say a lot :). The most significant enhancements are described below.

Continue reading “A Chiron Workshop at the IPv6 Security Summit of Troopers 15”

Breaking

March 3, 2015 by Enno Rey

Bug Hunting for the Man on the Street

This is a guest post from Vladimir Wolstencroft, to provide some details of his upcoming #TR15 talk.

What do you get when you combine a security appliance vendor, a bug bounty program, readily available virtualised machines, a lack of understanding of best security practices and broken crypto?
Ownage, a good story and maybe even that bounty…

Continue reading “Bug Hunting for the Man on the Street”

Building

March 3, 2015 by Enno Rey

What to Do Today if You Want to Deploy IPv6 Tomorrow

Today I gave a talk with said title in a private setting. Assuming the content might be of interest for some of you, we published the slides here.

As always we’re happy to receive comments or feedback.
Cheers

Enno

Events

February 14, 2015 by Enno Rey

Another Talk Added to Troopers15 TelcoSecDay

We have pretty much finalized the agenda for the Troopers TelcoSecDay and here’s another cool talk (the others can be found here, here and here):

Continue reading “Another Talk Added to Troopers15 TelcoSecDay”

Events

February 12, 2015 by Enno Rey

Troopers TelcoSecDay – Next Talks (II)

Hi,

in addition to those recently announced and these, we’ve identified three more suitable talks for the TelcoSecDay .

Continue reading “Troopers TelcoSecDay – Next Talks (II)”

Events

February 10, 2015 by Enno Rey

Troopers TelcoSecDay – Next Talks

Hi,

in addition to those recently announced we’ve identified two more suitable talks for the TelcoSecDay 😉
Continue reading “Troopers TelcoSecDay – Next Talks”

Building

February 8, 2015 by Enno Rey

IPv6-related Requirements for Security Devices

This is the sequel to the similar post on “IPv6-related Requirements for the Internet Uplink or MPLS Networks“. As mentioned there these requirements were created in the course of an RfP for network security services. The goal of this document was to provide a check list of IPv6-related requirements that security devices being part of the individual providers’ offerings have to fulfill in order to fully support the future IPv6 network. Continue reading “IPv6-related Requirements for Security Devices”