Information Security News mailing list archives
Researchers To Unleash Backbone-Hacking Tools At Black Hat Europe
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 8 Apr 2009 01:00:50 -0500 (CDT)
http://www.darkreading.com/securityservices/services/data/showArticle.jhtml?articleID=216403220 By Kelly Jackson Higgins DarkReading April 07, 2009 A pair of German researchers at next week's Black Hat Europe will release tools that hack backbone technologies used by service providers in some enterprise network service offerings. More specifically, the tools -- built by Enno Rey and Daniel Mende, both with German security firm ERNW -- automate attacks on Multiprotocol Layer Switching (MPLS) and Ethernet backbone technologies. They exploit similar, inherent security weaknesses in the two networking technologies -- namely, in how they forward traffic. The lack of security in MPLS and Ethernet is well-known, but until now the exploitation of these network technologies has been only theoretically possible, Rey says. "Our release of the tools closes that gap of these attacks being only theoretical to being practically exploitable now," he says. "These technologies do not provide any security themselves, but just rely on the assumption that the underlying network is secure." Network infrastructure security has been in the limelight lately, with researchers uncovering big vulnerabilities in the Domain Name System (DNS), the Border Gateway Protocol (BGP), TCP, and in Cisco routers. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/
Current thread:
- Researchers To Unleash Backbone-Hacking Tools At Black Hat Europe InfoSec News (Apr 07)