Zone-h continues it's day to day coverage of the biggest hacking convention, held here in Las Vegas. Day 2  began with a presentation by Jared DeMott about the Evolving Art of Fuzzing, focusing on how fuzzing works and the different types of fuzzing programs and techniques. If you are not familiar with fuzzing, it is a technique for finding flaws in compiled software code. Fuzzing can be used against file parameters as well as client and server applications.

While no earth shattering revelations were covered, the presentation gave an all around view of fuzzing applications and the different types of uses fuzzing has. More information and a fuzzing tool, GPF or General Purpose Fuzzer, by DeMott can be found at http://www.appliedsec.com ... 

In DNS Amplification Attacks, Gaddi Evron from Beyondsecurity.com explained how to use DNS servers in a DDoS style of attack using spoofed UDP packets. Based on a forensics study of a past attack, Mr Evron presented how it was possible, by using one compromised DNS server, attackers were able to turn a simple DNS TXT request into a torrent of packets that could overwhelm nearly any network.

Like a ping flood attack, this "recursive name server reflection attack" not only was effective, but also covered the attackers real location by spoofing the DNS source address. By leveraging DNS servers that responded to unauthorized queries [ TXT records ], and providing the spoofed source IP was within the ISP's namespace, attackers were able to specify a large UDP payload DNS query [ type ANY ALL ] and fill the qeue from the first query with oversize requests. The default behavior in bind [ the DNS daemon ] is to reply to any queries from an outside source, not only the servers local domain, and this was what the attackers discovered, quite possibly by accident, in that some DNS servers would send replies when they were never queried in the first place!. They also had inserted fake records into one compromised servers DNS that would allow the requests to further propagate across the net. These faulty servers effectively allowed one request to become a torrent of replies of large records from many servers by using an army of bots to initiate the first requests. 

Other topics covered today were "Hollywood hackers" by Johnny Long, "Black ops" by Dan Kaminsky of IoActive and the "Legal Aspects of Computer Self-Defense and Agressive Self Defense" by Robert Clark. Being only one man at a three concurrent track event such as Defcon, this reporter could not be at 3 places at once and was difficult to choose which talk to see [ and several excellent topics were run concurrently and could not be covered]....as it was Saturday night the real parties began in full force... pictures may or not be available until after Sunday. 

One of the most classical thing at Defcon is the Wall of Sheep, a big wall displaying sniffed username and passwords from the Defcon attandees. For the sake of the victims, passwords are partially masked. Can you recognize your username over there?

Stay Tuned for Day 3!  

Comments Index (Total Messages: 1)

Wall of Sheep..Wow! Written by Guest on 2006-08-08 13:17:07

Powered by a Zone-H(ified) version of AkoComment 3.0!