|
PRESENTATION:
|
Workshop: Switches get Stitches
|
|
PRESENTER(S):
|
Eireann Leverett, Senior Security Consultant for IOActive
|
|
CONFERENCE:
|
|
|
LOCATION:
|
Lord Ashcroft Building (LAB003), Anglia Ruskin University, Cambridge, UK
|
|
DATE & TIME:
|
October 21, 2014 at 17:30 PM
|
This mini workshop, based on Eireann’s successful 44Con workshop earlier this year, will introduce you to Industrial Ethernet Switches and their vulnerabilities. These switches are used in environments with industrial automation equipment, such as substations, factories, refineries, and ports; in other words, SCADA and ICS switches.
During this workshop, Eireann will discuss several vulnerabilities and share the methods he used to discover them as well as techniques for exploiting them. Eireann will teach you about bad session entropy, sidejacking, CSRF, brute forcing MD5, DoS in the context of industrial processes, and carving default private keys from firmware images. Essentially, he will tell you “how I found the bugs in my CVE list for 2013-2014” by breaking Industrial Ethernet Switches.
This is partially a hands-on workshop, with pcaps, network forensics, binary analysis, and web application vulnerabilities. You will become familiar with how these switches are used and do some light traffic analysis and firmware reverse engineering. So, bring along your laptop with Wireshark installed!
About Éireann Leverett
Eireann Leverett is a Senior Consultant at IOActive where he focuses on Smart Grid and SCADA systems. He studied Artificial Intelligence (AI) and Software Engineering at Edinburgh University and went on to get his Masters in Advanced Computer Science at Cambridge. He studied under Frank Stajano and Jon Crowcroft in Cambridge’s computer security group. In between, he worked for five years at GE Energy and did a six-month engagement with ABB in their corporate research department.
About OWASP
OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at www.owasp.org.
OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative and open way. The OWASP Foundation is a not-for-profit entity that ensures the project’s long-term success.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
-###-