Network Attacks for Red Teams and Blue Teams
2019-11-30, 16:15–16:45, Dachsaal

Security features for network functions are not commonly deployed on
typical installations. This allows attackers to freely move around in a
network once a single point was compromised. Weak network security
enables Lateral movement of an adversary and can also be exploited by
Red Teams.

The Talk starts with a brief discussion of network functions on Layer 2
and 3 and gives a brief history of famous malware families and campaigns
which were used in the past. Also we will define the goal of network
attacks.

Then we discuss several techniques like ARP/ND spoofing/poisoning, MAC
flooding, attacks on FHRP like VRRP or HSRP, UPNP, route injection and
IP source route and more. We will show how these attacks are conducted,
what we can achieve and also how to deploy countermeasures for mitigation.