Network Attacks for Red Teams and Blue Teams
2019-11-30, 16:15–16:45 (Europe/Vienna), Dachsaal

Security features for network functions are not commonly deployed on
typical installations. This allows attackers to freely move around in a
network once a single point was compromised. Weak network security
enables Lateral movement of an adversary and can also be exploited by
Red Teams.

The Talk starts with a brief discussion of network functions on Layer 2
and 3 and gives a brief history of famous malware families and campaigns
which were used in the past. Also we will define the goal of network

Then we discuss several techniques like ARP/ND spoofing/poisoning, MAC
flooding, attacks on FHRP like VRRP or HSRP, UPNP, route injection and
IP source route and more. We will show how these attacks are conducted,
what we can achieve and also how to deploy countermeasures for mitigation.

Michael "MiKa" Kafka

MiKa started with networking in the mid 80ies, and in the early 90ies
he began to work with Firewalls and Encryption devices. Since 1997 he is
Certified Cisco Systems Instructor for Routing, Switching and Security
Topics. He is currently teaching network and security topics, working on
network projects and conducts network pentests ans audits.