Tag Archive for 'Security'

image_pdfimage_print

ANYCon 2017 Talk – VLAN Hopping, ARP Poisoning and Man-In-The-Middle Attacks in Virtualized Environments

ANYCon Invited Talk

I have been invited to give a talk on my research at the upcoming ANYcon InfoSec and Hacking conference which will be held in Albany, NY from June 16th – 18th. This is a new conference bursting into the InfoSec scene, and is shaping up to be similar in size and spirit to other family […]

DEF CON 24 Presentation: VLAN Hopping, ARP Poisoning, & Man-in-the-Middle Attacks in Virtualized Environments

DEF CON 24 Talk Resources – VLAN Hopping, ARP Poisoning and Man-in-the-Middle Attacks in Virtualized Environments

We are aware that our presentation slides and white paper somehow went missing from the DEF CON 24 CD. They have been submitted for inclusion on the Media Server, but until then you can find the talk information, white paper, and slides at the following links: Talk Abstract & Speaker Bios White Paper Presentation Slides […]

DEF CON 24 DEMO: Double Tagging VLAN Hopping Attack Against the Microsoft Server 2012 Hyper-V Cisco Nexus 1000v Virtual Network Using One Physical Switch

This post demonstrates the effects of using a double tagging VLAN hopping attack to send an ICMP packet to a virtual machine located on a separate VLAN than the physical attacking system. In this scenario the attacker is using a physical Kali 2.0 system connected to a native vlan access port on a Cisco 2950 […]

DEF CON 24 DEMO: Double Tagging VLAN Hopping Attack Between Two Virtual Networks With a Cisco 2950 Switch in the Middle

This post demonstrates the effects of using a double tagging vlan hopping attack to send an ICMP packet from a virtual machine located in one hypervisor environment to another virtual machine located in a separate hypervisor environment connected to the same physical switch. In this scenario the attacker is using a virtual Kali 2.0 system […]

DEF CON 24 DEMO: Double Tagging VLAN Hopping Attack Against the Proxmox Virtual Network Using Two Physical Switches

This post demonstrates the effects of running a Double Tagging VLAN Hopping attack against the ProxMox hypervisor environment. In this scenario there are two Cisco 2950 switches in between the attacker and the virtual network. The experiment was performed on seven different hypervisor/virtual network configurations in order to perform a systematic evaluation of the effects […]

DEF CON 24 DEMO: ARP Poisoning Attacks in Virtual Networks

This post includes demo videos which illustrate the effects of an ARP poisoning Man-in-the-Middle attack within a virtualized networking environment. The experiment was performed on seven different hypervisor/virtual network configurations in order to perform a systematic evaluation of the effects across all of the major enterprise level virtualization platforms. The following network diagram illustrates the […]

DefCon 23 Presentation: Exploring Layer 2 Network Security in Virtualized Environments

DefCon 23 Video Demo: Rogue DHCP/DNS server on Citrix XenServer 6.2 with Open vSwitch 1.4.6