Bold Statements
Real men used to wear pink pagers, but that’s the past and recently it was time for Troopers 16. Meaning: Real Troopers wear awesome Badges! And, from the feedback we got, they did!
Troopers might be over, but the era of the TR16 Badge is seemingly just beginning. As such, here’s a quick insight into the badge!
Continue reading “Troopers 16 – Taking the Badge to yet Another Level!”
Continue readingHello Troopers!
only a few seconds left! As a short reminder, there is a GSM network running on Troopers 2016. It should be available in the whole building. To attend the network you need to
That’s it!
You can always dial *#100# to get your phone number. All further information (and a phonebook) you’ll find on gsm.troopers.de, but here again a brief summary:
Please note, against to our announcement, there is not Internet (GPRS) yet. Due to questions and problems, please contact Kevin Redon or Hendrik Schmidt. Have fun!
Continue readingOnly a few days left until Troopers! I’d like to use this chance to publish the final agenda of TelcoSecDay 2016. We will start around 8:30am and will finish at about 6:15pm. After this, we will have a shared dinner in the historic center of Heidelberg. The exact location will be announced during the TSD.
Continue reading “TelcoSecDay 2016 – Final Agenda and more”
Dear readers,
today we want to examine the behavior of Cisco devices when they receive spoofed IPv6 Neighbor Advertisement packets from an untrusted system pretending to be the default router for the local segment. We start with a quick refresher how Cisco devices behave in the legacy (IPv4) world when they receive a spoofed broadcast ARP packet containing the IP address of the device but with a different MAC address, followed by a discussion of the corresponding behavior in the IPv6 world. Continue reading “Multicast Based IPv6 Neighbor Spoofing / Response Behavior on Cisco Devices”
Continue readingDear Readers,
It’s me again with another teaser for an upcoming workshop at the IPv6 Security Summit. This one is a classic! If you happen to deploy IPv6 in your environment in the near future, but didn’t had the time to think about the security implications, this workshop is the right place to start. Continue reading “#TR16 IPv6 Security Summit Teaser: Basic IPv6 Attacks & Defenses Workshop”
Continue readingDear Readers,
today I want to talk about OSPFv3. I won’t cover the glory details of OSPFv3, there are smarter guys than me out there who did that already 😉 and there are great resources to familiarize yourself with the protocol. However, it should be noted that OSPFv3 is not only OSPF for IPv6, OSPFv3 brought some major enhancements compared to OSPFv2. Wouldn’t it be cool to benefit from the enhancements in the IPv4 world as well? Continue reading “Multiple Address Family OSPFv3”
Continue readingHello Everybody,
Today I want to give you a little teaser about my upcoming talk at the IPv6 Security Summit about First-Hop-Security on HP devices. In the past I presented on about First-Hop-Security in the Cisco realm and in virtualized environments. Until recently, Cisco was mostly the only vendor who had a sufficient implementation of various IPv6 security features on their access-layer switches, but HP closed the gap considerably and it’s time to have an in-depth look at their implementation of those features.
Continue reading “#TR16 IPv6 Security Summit Teaser: First-Hop-Security on HP Network Devices”
Continue readingHi everyone,
some of you may have seen my last blog post about the preparation of the Troopers network. Today I want to give you a little teaser on what to expect for the talk I will present during the IPv6 Security Summit. As the title implies, it’s not only about building a secure IPv6 WiFi, but also a reliable one. One might think that there aren’t many differences in comparison to IPv4, but the heavy reliance on multicast of IPv6 does have implications for Wi-Fi networks in general. Continue reading “#TR16 IPv6 Security Summit Teaser: Building a Reliable and Secure IPv6 WiFi Network”
Continue readingI am very happy to announce the second round of talks for the TelcoSecDay 2016. As mentioned in my previous post it will take place on March 15th. All invitations should be out by now; if you think you can contribute to the group and you are willing to join us – please let me know (hschmidt@ernw.de).
Still, not all talks are confirmed but the newly published talks will provide an idea about TSD 2016 and its discussions.
Continue reading “TelcoSecDay 2016 – Second Round of Talks”
In this year’s MSF training we will guide you through the typical steps of the pentest cycle: information gathering, attacking and looting your targets. For each step, demos and exercises will help you deepen and test your newly acquired knowledge. In addition to the typical penetration-test scenarios you will also learn several advanced aspects of the framework such as: how writing your own metasploit modules works, how to export payloads and make them undetected. With a final exercise each day you can finally challenge yourself and apply what you have learned!
Be prepared with a Virtualbox installation and a notebook. If you prefer, you can install MSF on your laptop beforehand and make yourself familiar with it. As a special bonus, MSF is typically one of the tools always summoned during the infamous PacketWars!
See you there!
Benedikt