Some outright rants from a bunch of infosec practitioners.



Troopers is (unfortunately) over. It was a blast (but I may be biased ;-))! After things have settled, I want to take the opportunity to reflect my thoughts and impressions on the IPv6-only WiFi we had deployed during the conference. To make sure that everybody is on the same page let’s start at the beginning.

In the last couple of years we had provided Dual-Stack connectivity on the main “Troopers” SSID but also had an additional IPv6-only SSID. This year we decided to spice things up and made the “Troopers“ SSID IPv6-only (with NAT64) while providing Dual-Stack connectivity on the “Legacy“ SSID. We wanted to get a feeling how many clients and applications can work properly in an IPv6-only environment. We intentionally didn’t announce it vastly beforehand, hoping that attendees would just connect to the main SSID without noticing anything. We were aware that some applications might expose issues but, as I said , we wanted to get a feeling to which degree problems actually occured. (more…)

, , , , | Post your comment here.

Dear readers,

today we want to examine the behavior of Cisco devices when they receive spoofed IPv6 Neighbor Advertisement packets from an untrusted system pretending to be the default router for the local segment. We start with a quick refresher how Cisco devices behave in the legacy (IPv4) world when they receive a spoofed broadcast ARP packet containing the IP address of the device but with a different MAC address, followed by a discussion of the corresponding behavior in the IPv6 world. (more…)

, , , | Post your comment here.

Dear Readers,

It’s me again with another teaser for an upcoming workshop at the IPv6 Security Summit. This one is a classic! If you happen to deploy IPv6 in your environment in the near future, but didn’t had the time to think about the security implications, this workshop is the right place to start. (more…)

, , , , , | Post your comment here.



Multiple Address Family OSPFv3

Dear Readers,

today I want to talk about OSPFv3. I won’t cover the glory details of OSPFv3, there are smarter guys than me out there who did that already 😉 and there are great resources to familiarize yourself with the protocol. However, it should be noted that OSPFv3 is not only OSPF for IPv6, OSPFv3 brought some major enhancements compared to OSPFv2. Wouldn’t it be cool to benefit from the enhancements in the IPv4 world as well? (more…)

, , , , | Post your comment here.

Hello Everybody,

Today I want to give you a little teaser about my upcoming talk at the IPv6 Security Summit about First-Hop-Security on HP devices. In the past I presented on about First-Hop-Security in the Cisco realm and in virtualized environments. Until recently, Cisco was mostly the only vendor who had a sufficient implementation of various IPv6 security features on their access-layer switches, but HP closed the gap considerably and it’s time to have an in-depth look at their implementation of those features.


, , , | Post your comment here.

Hi everyone,

some of you may have seen my last blog post about the preparation of the Troopers network. Today I want to give you a little teaser on what to expect for the talk I will present during the IPv6 Security Summit. As the title implies, it’s not only about building a secure IPv6 WiFi, but also a reliable one. One might think that there aren’t many differences in comparison to IPv4, but the heavy reliance on multicast of IPv6 does have implications for Wi-Fi networks in general. (more…)

, , , , | Post your comment here.



Troopers PacketWars 2015 – Write Up

Hello Hackers!



This year’s PacketWars contest at Troopers was a blast! Under the topic of “Connected Car” the teams faced several different challenges, which we will describe (as a debriefing) here.


, , , , , , , | Post your comment here.



Hackito Ergo Sum 2014

Greetings from Heidelberg to Paris,

and thanks for a great time at HES14! A nice venue (a museum), sweet talks and stacks of spirit carried us through the three day con. It all set off with a keynote byTROOPERs veteran Edmond ‘bigezy’ Rogers, who stuck to a quite simple principle: “People do stupid things” and I guess every single one of you has quite a few examples for that on offer. Next to every speaker referenced that statement at some point during her/his talk. Furthermore we presented an updated version of our talk LTE vs. Darwin, covering our research of security in LTE networks and potential upcoming problems.

For those who missed HES2014, we prepared a short summary of some of the talks that inspired us.


, , , , | Post your comment here.

On Friday we released our latest technical newsletter with the fancy title “Sell Your Own Device – A Field Study on Decommissioning of Mobile Devices”. It is the result of a field study on decommissioned mobile business devices bought on eBay and about how stored data may be extracted in different ways.

As always we love to share plenty of practical advise: At the end of the newsletter you will find the mitigating controls to securely handle mobile devices at the end of their life cycle process.

Find the newsletter here.
And a digitally signed version here.

Special thanks go to Sergej Schmidt for performing the field study.

Talking about our great team: Meet the whole ERNW crew at TROOPERS12, or even better: Dig deeper into mobile security together with Rene Graf during the mobile security workshop. There are a few slots left.

Enjoy the newsletter & hopefully see you soon in Heidelberg!

, , , , | Post your comment here.



ERNW at NinjaCon (fka PlumberCon)

Yesterday we made our way to Vienna to participate and contribute to NinjaCon (formerly known as PlumberCon, before Nintendo Inc. claimed their rights ;)).

After our arrival Oliver held a five hour workshop on Penetration Testing and did the finishing touches on his slides about ‘Attacking Cisco Enterprise WLANs‘, which he will deliver later today together with Daniel. And last but not least Daniel will be the Packet Master of PacketWars™ Vienna taking place in the evening.

As sponsor of this young and vibrant conference we’re proud to share our equipment and know-how to support the networks on site.

Talking about young and vibrant: Last week we held one of our beloved internal workshops at ERNW to discuss the latest in ITSec and teamwork – but also to chat with colleagues or listen to a rant on $some-broken-technology of Enno. When having dinner on Tuesday we went crazy on planning for TROOPERS11. I don’t like it too much to talk about ‘good energy in the room’, but there was something really enthusiastic and insanely creative about it – and whatever it was, we gonna use it to make it even more enjoyable, educating and unforgettable than this year.

As we’re progressing at Vienna I’m going to update this blog post. So stay tuned!
Cheers, Florian & the team

UPDATE: NinjaCon is over. Besides the usual small hiccups at such an event it was a really great conference for all of us. Excellent speakers, an exciting location and the overall perfect atmosphere to interact, chat and learn really made the deal here. Big applause to the host @astera and her team!

, , , , , | Post your comment here.


Mail | Twitter | Imprint

©2016 ERNW GmbH
To top