[ISN] Researchers To Unleash Backbone-Hacking Tools At Black Hat Europe

From: InfoSec News <alerts_at_private>
Date: Wed, 8 Apr 2009 01:00:50 -0500 (CDT)
http://www.darkreading.com/securityservices/services/data/showArticle.jhtml?articleID=216403220

By Kelly Jackson Higgins
DarkReading
April 07, 2009 

A pair of German researchers at next week's Black Hat Europe will 
release tools that hack backbone technologies used by service providers 
in some enterprise network service offerings.

More specifically, the tools -- built by Enno Rey and Daniel Mende, both 
with German security firm ERNW -- automate attacks on Multiprotocol 
Layer Switching (MPLS) and Ethernet backbone technologies. They exploit 
similar, inherent security weaknesses in the two networking technologies 
-- namely, in how they forward traffic.

The lack of security in MPLS and Ethernet is well-known, but until now 
the exploitation of these network technologies has been only 
theoretically possible, Rey says. "Our release of the tools closes that 
gap of these attacks being only theoretical to being practically 
exploitable now," he says. "These technologies do not provide any 
security themselves, but just rely on the assumption that the underlying 
network is secure."

Network infrastructure security has been in the limelight lately, with 
researchers uncovering big vulnerabilities in the Domain Name System 
(DNS), the Border Gateway Protocol (BGP), TCP, and in Cisco routers.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Tue Apr 07 2009 - 23:00:50 PDT

This archive was generated by hypermail 2.2.0 : Tue Apr 07 2009 - 23:09:23 PDT