[announce] NYC*BUG this week
NYC*BUG Announcements
announce at lists.nycbug.org
Mon Sep 5 14:32:18 EDT 2011
September 07, 2011, Wednesday
Boris Kochergin on Two Networking Topics
6:45 PM, Suspenders Restaurant backroom
111 Broadway in Manhattan
http://www.suspendersbar.com/
Boris will be speaking on two networking topics.
RP Counterattack (will include a demo!):
Monitors traffic on any number of Ethernet interfaces and examines ARP
replies and gratuitous ARP requests. If it notices an ARP reply or
gratuitous ARP request that is in conflict with its notion of "correct"
Ethernet/IP address pairs, it logs the attack if logging is enabled,
and, if the Ethernet interface that the attack was seen on is configured
as being in aggressive mode, it sends out a gratuitous ARP request and a
gratuitous ARP reply with the "correct" Ethernet/IP address pair in an
attempt to reset the ARP tables of hosts on the local network segment.
The corrective gratuitous ARP request and corrective gratuitous ARP
reply can be sent from an Ethernet interface other than the one that the
attack was seen on.
http://acm.poly.edu/wiki/ARP_Counterattack
2. Net Sensor (will include a demo!):
Aims to be a general-purpose, modular network-analysis suite for use in
research, diagnostics, forensics, and statistics-gathering. It monitors
traffic on an Ethernet interface, performs some pre-processing on
it--such as figuring out where a packet`s payload begins--and passes it
along to any number of modules. A module is an ELF shared object which
may maintain state, write data out to disk using the Berkeley DB-backed
Writer library, or send e-mail using the SMTP library. In addition to
processing packets from the network, a module can also accept input from
any number of other modules. Current modules include an HTTP
session-keeping module, an HTTP session-logging module, and a
BitTorrent-detection module.
http://acm.poly.edu/wiki/Net_Sensor
Speaker Bio
Boris Kochergin is currently a system administrator and programmer at
New York Internet. He was a network and system administrator at
NYU-Poly`s business incubator at 160 Varick Street (consulting), network
and system administrator at EmPower Solar (consulting), network and
system administrator at Ecological, LLC (consulting), and programmer for
the Long Island Solar Energy Industries Association (consulting).
More information about the announce
mailing list