Artwork

Sisällön tarjoaa Black Hat / CMP and Jeff Moss. Black Hat / CMP and Jeff Moss tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
Player FM - Podcast-sovellus
Siirry offline-tilaan Player FM avulla!

Simple Nomad and MadHat Unspecific: SPA: Single Packet Authorization

19:27
 
Jaa
 

Manage episode 155121488 series 1146744
Sisällön tarjoaa Black Hat / CMP and Jeff Moss. Black Hat / CMP and Jeff Moss tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
We needed a protocol that allowed us to tell a server that we are who we say we are, have it work across NAT, use TCP, UDP, or ICMP as the transport mechanism, act as an extra layer of security, and be secure itself. Oh, and do so with a single packet. Sound crazy? It's actually very useful. We've come up with a Single Packet Authorization (SPA). This is a protocol for a remote user to send in a request to a server which I cannot be replayed and which uniquely identifies the user. The proof-of-concept code alone is worthy of a presentation itself, but SPA is so much more. This is not port-knowcking (although SPA can easily replace port-knocking with something much more secure). MadHat leads the DC214, Dallas Defcon Group and is a member of NMRC. His paying gig is as the Manager of Vernier Threat Labs. Before working at Vernier, MadHat was one of the core security team members for Yahoo and leat the vulnerability assessment and day-to-day security monitoring for Yahoo world-wide. He has written several open source security tools and has contributed to an upcoming book on NMap being written by Fyodor. Simple Nomad is the founder of the Nomad Mobile Research Centre (NMRC), an international group pf hackers that explore technology. By day he works as a Senior Security Analyst for BindView Corporation. He has spent several years developing and testing various computer systems for security strengths. He has authored numerous papers, developed a number of tools for testing the security and insecurity of computer systems, a frequently-sought lecturer at security conferences, and has been quoted in print and television media outlets regarding computer security and privacy.
  continue reading

61 jaksoa

Artwork
iconJaa
 
Manage episode 155121488 series 1146744
Sisällön tarjoaa Black Hat / CMP and Jeff Moss. Black Hat / CMP and Jeff Moss tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
We needed a protocol that allowed us to tell a server that we are who we say we are, have it work across NAT, use TCP, UDP, or ICMP as the transport mechanism, act as an extra layer of security, and be secure itself. Oh, and do so with a single packet. Sound crazy? It's actually very useful. We've come up with a Single Packet Authorization (SPA). This is a protocol for a remote user to send in a request to a server which I cannot be replayed and which uniquely identifies the user. The proof-of-concept code alone is worthy of a presentation itself, but SPA is so much more. This is not port-knowcking (although SPA can easily replace port-knocking with something much more secure). MadHat leads the DC214, Dallas Defcon Group and is a member of NMRC. His paying gig is as the Manager of Vernier Threat Labs. Before working at Vernier, MadHat was one of the core security team members for Yahoo and leat the vulnerability assessment and day-to-day security monitoring for Yahoo world-wide. He has written several open source security tools and has contributed to an upcoming book on NMap being written by Fyodor. Simple Nomad is the founder of the Nomad Mobile Research Centre (NMRC), an international group pf hackers that explore technology. By day he works as a Senior Security Analyst for BindView Corporation. He has spent several years developing and testing various computer systems for security strengths. He has authored numerous papers, developed a number of tools for testing the security and insecurity of computer systems, a frequently-sought lecturer at security conferences, and has been quoted in print and television media outlets regarding computer security and privacy.
  continue reading

61 jaksoa

Усі епізоди

×
 
Loading …

Tervetuloa Player FM:n!

Player FM skannaa verkkoa löytääkseen korkealaatuisia podcasteja, joista voit nauttia juuri nyt. Se on paras podcast-sovellus ja toimii Androidilla, iPhonela, ja verkossa. Rekisteröidy sykronoidaksesi tilaukset laitteiden välillä.

 

Pikakäyttöopas