[Plug] Παρουσίαση "Abusing Network Protocols" 10 Nov @ PLUG

[ithilgore]

Η επόμενη παρουσίαση PLUG θα γίνει την Τετάρτη, 10 Νοεμβρίου στις 19:00
στον ΑΣΤΟ (http://patras-lug.gr/node/2), με θέμα "Abusing Network
Protocols". To presentation αυτό έγινε originally στο Athcon
(http://www.athcon.org) και περιγράφεται ως εξής:

"This presentation will focus on the area of exploiting inherent protocol
flaws. By inherent we mean that the vulnerabilities are mostly independent
of specific implementations and thus ubiquitous, since the design of the
protocol itself is flawed. As a result, network protocol flaws affect a
multitude of systems and are not as easily fixed as simple implementation
bugs. The talk will mainly revolve around the relatively new XMPP
(Extensible Messaging and Presence Protocol) that has gained quite some
large popularity lately. Cisco has acquired Jabber Inc (creators of first
commercial XMPP product), Google Talk is based on it, Facebook Chat
provides an interface to it and a lot of IM clients now support it. Being
an emerging and most-promising technology, makes it important to address
some of the security issues that are implied by its widesperad use. Our
talk will also analyse how other network protocols that interact with each
other and XMPP, can be used as attacking vectors resulting in some
chain-reaction form of exploitation."

To paper που αναλύει τα exploitation techniques βρίσκεται εδώ:
http://sock-raw.org/papers/abusing_network_protocols

Regards,
ithilgore

-- 
http://sock-raw.org
https://twitter.com/ithilgore