Ofir Arkin Introducing X Playing Tricks with ICMP

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=waGNS-odPRk


Duration: 1:02:55
0 views
0

"...it is no longer necessary to have a separate network for voice..."

Voice over IP (VoIP) is the next generation of telecommunications. It is combined from singling protocols (which establish, modify, and tear-down sessions), media transfer protocols (which carry the voice samples), and supporting protocols (which support the other two protocols with services they need such as routing, DNS, etc).

Security issues with VoIP based protocols are less highlighted than the hype about the technology. This talk will be focusing on the Security issues with the Session Initiation Protocol (SIP), a signaling protocol that is the crown contender of H.323, and with the Real-Time Transport Protocol (RTP) which is the most common vessel for carrying voice samples.

The presentation will highlight ways to take advantage of the design of these protocols. The talk will also examine ways to bypass any element in a VoIP architecture based on the Session Initiation Protocol. Among the issues we will be examining are free phone calls, call hijacks, call tracking, manipulation of conversations, fraud (and detection) and other gizmos.

Ofir Arkin has worked as a consultant for several European finance institutes where he played the rule of Senior Security Analyst, and Chief Security Architect in major projects. His experience includes working for a leading European Swiss bank architecting the security of the bank's E-banking project.

Prior to joining @stake Ofir acted as chief security architect for a 4th generation telecom company, were he designed the overall security scheme for the company. Ofir has published several papers as well as articles and advisories. Most known are the "ICMP Usage in Scanning", and "Trace-Back" research papers. Some of his research was mentioned in professional computer security magazines. He is an active member with the Honeynet project and participated in writing the Honeynet's team book, "Know Your Enemy" published by Addison-Wesley.

Ofir Arkin is also the Founder of the Sys-Security Group, a web site dedicated to computer security research.

Black Hat - USA - 2002 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2021-12-29VC Panel Security Business Strategies During a Recession Panel
2021-12-29Veiled A Browser Based Darknet Billy Hoffman, Matt Wood
2021-12-29Stoned Bootkit Peter Kleissner Black Hat - USA - 2009
2021-12-29Using Guided Missiles in Drive Bys Automatic Browser Fingerprinting Egypt
2021-12-29Your Mind Legal Status, Rights and Securing Yourself Tiffany Rad & James Arlen
2021-12-29Worst of the Best of the Best Kevin Stadmeyer Black Hat - USA - 2009
2021-12-29Unraveling Unicode Chris Weber Black Hat - USA - 2009
2021-12-29Reversing and Exploiting an Apple Firmware Update K Chen
2021-12-29State of the Art Post Exploitation in Hardened PHP Environments Stefan Esser
2021-12-29Post Exploitation Bliss Loading Meterpreter on a Factory iPhone Vincenzo Iozzo, Charlie Miller
2021-12-29Ofir Arkin Introducing X Playing Tricks with ICMP
2021-12-29Jeff Nathan and Kevin Depeugh Layer 2 Attacks
2021-12-29Job de Haas GSM WAP and SMS Security
2021-12-29JD Glaser JDs Toolbox Fire and Ice
2021-12-29Dan Veeneman Wireless Overview Protocols and Threat Models
2021-12-29Panel Vulnerability Disclosure What the Feds Think
2021-12-28Welcome and Introduction to Black Hat USA 2009 Jeff Moss Black Hat - USA - 2009
2021-12-28The Language of Trust: Exploiting Trust Relationships in Active Content Mark Dowd, Ryan Smith
2021-12-28Recoverable Advanced Metering Infrastructure Mike Davis Black Hat - USA - 2009
2021-12-28Attacking SMS Zane Lackey, Luis Miras Black Hat - USA - 2009
2021-12-28Deactivate the Rootkit Alfredo Ortega Black Hat - USA - 2009


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
crime
password
code
web
concept
thief
protection
network
scam
fraud
malware
secure
identity
criminal
phishing
software
access
safety
theft
system
firewall
communication
business
binary
account
spy
programmer
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Ofir Arkin