New Custom vCORE VirtualBox Appliance With EMANE, Quagga OSPF-MANET, & NASA ION-DTN

I have put together a fully updated vCORE VirtualBox appliance based on Debian 9.6 that includes the latest versions of CORE, EMANE, Quagga OSPF-MANET, and NASA’s ION.

This version of the virtual appliance includes the following releases:

CORE 5.2 (git)
EMANE 1.2.3 (git)
NRL Quagga mr_0.99.21mr2.2 (source)
NASA ION-DTN 3.6.2 (sourceforge)

All dependencies were installed via apt-get including all packages required to build the above listed software from source. All source code for the above listed packages is located in /usr/src/ for end user customization and updates. The virtual machine was designed to be used for development purposes, and can be fully customized by the end user.

username: core
password: eroc

The ‘core’ user has sudo privileges, and core-daemon is set to run on startup. You may want to edit the VirtualBox network settings (ie. bridge, NAT, host-only) for the VM to suit your environment.

Download the new vCORE VirtualBox appliance here.
md5 hash: e5a80ee4dd5893ec3bfa63afa54b11b2 vCORE.ova




ANYCon 2017 Talk – VLAN Hopping, ARP Poisoning and Man-In-The-Middle Attacks in Virtualized Environments




ANYCon Invited Talk

I have been invited to give a talk on my research at the upcoming ANYcon InfoSec and Hacking conference which will be held in Albany, NY from June 16th – 18th. This is a new conference bursting into the InfoSec scene, and is shaping up to be similar in size and spirit to other family oriented mainstream InfoSec conferences like DerbyCon and BSides. The talk abstracts are starting to pop up on the Agenda page, and my talk is listed in the Offensive Track.

While your hanging in Albany that weekend you may also want to stay a few extra days and check out the Dead & Company concert that will be at SPAC on June 20th!




Upcoming Invited Talk: HackCon#12 – Oslo, Norway

I have recently been invited to give a presentation on my research in Layer 2 Network Security in Virtualized Environments at the upcoming HackCon#12 Norwegian Cyber Security Convention which will be held in Oslo, Norway from February 13th-16th. More information about the talk can be found here.




DEF CON 24 DEMO: ARP Poisoning Attacks in Virtual Networks

This post includes demo videos which illustrate the effects of an ARP poisoning Man-in-the-Middle attack within a virtualized networking environment. The experiment was performed on seven different hypervisor/virtual network configurations in order to perform a systematic evaluation of the effects across all of the major enterprise level virtualization platforms. The following network diagram illustrates the configuration used for each of the experiments:

arp_poison

The following videos walk through the attack and results under VMWare ESXi 6.0 using the standard ESXi virtual switch as well as Microsoft Server 2012 HyperV using the Cisco Nexus 1000v virtual switch.




DefCon 23 Presentation: Exploring Layer 2 Network Security in Virtualized Environments