Insinuator


Some outright rants from a bunch of infosec practitioners.

Jun/15

16

IPv6 Adress Planning / Some Notes

In the course of a customer project I recently documented some thoughts and general objectives of IPv6 address planning, expanding on stuff I wrote a while ago in the series on “Address Plan Considerations”. An excerpt of that (newer) document can be found here. Due to the context it originates from it’s in German, still I hope it’s useful for some readers.
If you’re interested in the topic it might be a good idea to listen to Tom Coffeen‘s talk at the upcoming IPv6 Business Conference, too.

Everybody have a great day

Enno

| Post your comment here.

Jun/15

12

An unpacker for Alcatel TiMOS images

Hi,

I wrote a small python script that extracts the content from Alcatel .tim firmware files. It took some time staring at hex values, as well as a fair amount of guess work to figure out the file format.
(more…)

, | Post your comment here.

Jun/15

10

TACACS+ module for loki

There has been, again, some development within the loki domain. Today I’m going to write about the latest module added to the suite, a module for decoding and cracking Cisco’s TACACS+.

(more…)

, , | Post your comment here.

Jun/15

9

ERNW @PHDays V in Moscow

Здравствуйте Insinuator Followers,

End of May eight ERNW members were travelling to Moscow (Russia) to visit the PHDays V conference. It was a very nice trip because we met a lot of gentle people, ate some great food and had quite some fun in this exciting and history-charged metropole, and we were able to get around using hands and feet (and Google translate ;-)).

The remainder of this post contains summaries of some of the most interesting talks at PHD V:

(more…)

, , | Post your comment here.

Hi,

I’m back from London where I gave a talk about security evaluation of proprietary network protocols. I had a great time at InfoSecurity Intelligent Defence and BSides London, many thanks for inviting me and giving me the opportunity to speak to so much nice people.

Find the abstract and the download link to the slides after the break.

(more…)

, | Post your comment here.

Jun/15

8

Is IPv6 more Secure than IPv4? Or Less?

Scott Hogg recently (in his post “Holding IPv6 Neighbor Discovery to a Higher Standard of Security“) gave the following answer:

“The security of IPv4 is roughly equivalent to IPv6. So why do we expect more from IPv6?”

While I highly value Scott’s IPv6 expertise – not least because I learned a lot about IPv6 security from the book on the topic he wrote together with Eric Vyncke – I strongly disagree with his statement, mainly with the first part. In this post I will lay out why I think that IPv6 is actually less secure than IPv4.

(more…)

| Post your comment here.

Jun/15

7

ERNW @Mudiator

Today the ERNW Team participated in the Mudiator mud race in Mannheim. This mud run features 25 obstacles over 8 km, you can do either one or two rounds. Participating for the first time, the ERNW team went for one round (the Legionnaire distance as opposed to the two round Hercules distance):

 

20150607_105045_small

(more…)

, | Post your comment here.

Troopers13_101     The final blog in our series “Beyond the Thunderdome: A Review of TROOPERS15” focuses Exploitation & Attacking. With the last of this series we hope we you are already fired up and inspired for what lays a head during our upcoming TROOPERS16 (March 14-18, 2016)! Can’t wait to see you there!

(more…)

, , | Post your comment here.

Jun/15

3

ERNW@HAXPO/HITB 2015

Last week we enjoyed quite a wonderful HAXPO exhibition and HITB conference in Amsterdam. A number of great talks could be heard at the main HITB conference such as “Bootkit via SMS: 4G Access Level Security Assessment” or “Stegosploit: Hacking with Pictures“. And not only that: there were also several engaging hands-on workshops.

Apart from the main conference, there was the HAXPO – a hacker exhibition. At this exhibition you could connect with people from different companies, get a lot of merchandise, and also listen to several briefings on security and its philosophy. Fortunately, we had the pleasure to present two of these briefings and maybe you tested your web application skills at the ERNW booth.

(more…)

, | Post your comment here.

Blog4

We hope you are enjoying the ride as we continue our journey through IPv6. Below we have a great mix of talks, slides, and videos in this area posted below. We look forward to hosting more IPv6 (March 14th & 15th) talks next year at TROOPERS16!

(more…)

, , , | Post your comment here.

<< Latest posts

Older posts >>

Contact


Mail | Twitter | Imprint

©2010-2013 ERNW GmbH
To top