malicious use of connection tracking in firewalls

Speaker(s) : Eric Leblond

  • Language : Français
  • Nature : Conference
  • Date : Tuesday 10 July 2012
  • Schedule : 14h00
  • Duration : 40 minutes
  • Place : Uni Mail R280

Abstract

This talk aims to present a series of attacks on networks using a firewall connections tracking system. Eric will describe the mechanisms for monitoring connections by focusing on the implementation done in netfilter. He will then describe attacks for certain protocols before presenting the countermeasures to implement in order to secure your firewalls.

Speaker

Eric Leblond is a Free Software and Security hacker. He has started as lead developer the NuFW project which objective was to establish a safer and stricter way to do identity based filtering on network firewall.

He’s also a long-term contributor to the Netfilter project where he has worked on kernel and userspace interaction. He is one of the main developer of ulogd2, the Netfilter’s userspace logging daemon. He has started working on the IDS/IPS Suricata in 2009 and he is currently working the OISF as developer. He is also consultant in free software and network security.

Attached documents

Slides conf
Slides conf (PDF - 684.9 kb)