1: Collect Packets, 2: ???, 3: Win! These demos and presentation will help you learn to passively profile a network through a new Metasploit module by gathering broadcast and multicast traffic, processing it, and looking at how the bad guys will use it to own your network. Without sending a packet, many networks divulge significant information about the assets that are attached. These broadcast packets can be used to identify hosts, OS's, and other hardware that is attached. This presentation will show all skill levels how to easily gather and use this information, how to protect your underpants, and talk about how to extend the framework for new protocols.

Ryan Linn/ Mike Ryan

Ryan Linn is a Senior Consultant with Trustwave’s SpiderLabs – the advanced security team focused on penetration testing, incident response, and application security. Ryan is a penetration tester, an author, a developer, and an educator. He comes from a systems administration and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit and BeEF, the Browser Exploitation Framework.

Mike Ryan (justfalter) is a Lead Security Researcher at Trustwave. He is a member of Trustwave’s SpiderLabs – the advanced security team focused on penetration testing, incident response, and application security. He has over thirteen (14) years of information technology administration and engineering experience, with the last eight (9) years specializing in Information Security research and development. At Trustwave, Mike is responsible for the design of Trustwave’s vulnerability scanning engine, implementing network-protocols, and researching new vulnerabilities.
 

Back to Derbycon 2012 video list