Security news doesn't always wait for conference season. That's the guiding principle behind the Black Hat Webcasts – a regular series of live web events focusing on what's hot in the infosec space all year long. The third Thursday of every month, we'll bring together Black Hat speakers, independent researchers and leading security experts from the government to the underground to answer your questions live.
All content for Black Hat Webcasts RSS Feed is the property of Black Hat Briefings and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Security news doesn't always wait for conference season. That's the guiding principle behind the Black Hat Webcasts – a regular series of live web events focusing on what's hot in the infosec space all year long. The third Thursday of every month, we'll bring together Black Hat speakers, independent researchers and leading security experts from the government to the underground to answer your questions live.
Black Hat Webcast 4: Trust Doesn't Scale: Practical Hijacking On the World's Largest Network
Black Hat Webcasts RSS Feed
1 hour 42 minutes 16 seconds
17 years ago
Black Hat Webcast 4: Trust Doesn't Scale: Practical Hijacking On the World's Largest Network
Our monthly free webcast series rolls on with another talk about a major vulnerability. This webcast is entitled "Trust Doesn't Scale: Practical Hijacking On the World's Largest Network." The webcast is based on a remarkable presentation by Tony Kapela and Alexander Pilosov at the DEFCON security conference this August. To illustrate their BGP-based traffic-hijacking techniques, they intercepted all traffic from the notoriously hostile conference network and ran it through their servers. The process was almost completely invisible to DEFCON attendees.
Their demonstration took advantage of a trust issue with Border Gateway Protocol (BGP), and it appears to be part of a larger security trend of major issues emerging in the bedrock protocols that support the Internet. Dan Kaminsky's DNS vulnerability relies on trust issues in DNS. In recent years major questions have been raised about SNMP and ICMP and at this writing there's word of a potentially major TCP exploit. Vulnerabilities like these raise significant questions about the business of security, the limits of patching, and the difficulties involved in securing a trust-based system.
Black Hat Webcasts RSS Feed
Security news doesn't always wait for conference season. That's the guiding principle behind the Black Hat Webcasts – a regular series of live web events focusing on what's hot in the infosec space all year long. The third Thursday of every month, we'll bring together Black Hat speakers, independent researchers and leading security experts from the government to the underground to answer your questions live.
