Black Hat Briefings, Japan 2005 [audio] Presentations From The Security Conference

"Our networks are growing. Is our understanding of them? This talk will focus on the monitoring and defense of very large scale networks, describing mechanisms for actively probing them and systems that may evade our most detailed probes. We will analyze these techniques in the context of how IPv6 affects, or fails to affect them. A number of technologies will be discussed, including: * A temporal attack against IP fragmentation, using variance in fragment reassembly timers to evade Network Intrustion Detection Systems * A high speed DNS tunneling mechanism, capable of streaming video over a firewall-penetrating set of DNS queries * DNS poisoning attacks against networks that implement automated defensive network shunning, and other unexpected design constraints developers and deployers of security equipment should be aware of * Mechanisms for very high speed reconstruction of IPv4 and IPv6 network topologies, complete with visual representation of those topologies implemented in OpenGL.