Explore the vulnerabilities in Software Defined Networks and learn how to protect against persistent firmware-level malware in this 45-minute Black Hat conference talk. Dive into the weaknesses of the Open Network Install Environment (ONIE) and various Network Operating Systems, including Switch Light, Cumulus Linux, and Mellanox-OS. Witness a live demonstration of a drive-by web attack that pivots through a Windows management station to infect an ONIE-based switch with persistent malware. Gain insights into the implications of these vulnerabilities, including keylogging, pivoting, and command injection. Discover compensatory measures to safeguard your network against such threats, and receive source code to understand the ease of exploitation. Learn about potential solutions like Hardware Trusted Platform Modules and improved isolation techniques to enhance network security in the era of commodity and WhiteBox Ethernet switches.
Overview
Syllabus
Staying Persistent In Software Defined Networks
Introduction
Overview
Whitebox
Oni
Oni Installer
What does this mean
Ways to compromise
Network covering systems
Network operating systems
OpenSwitch
Kos Linux
Mellanox
Agents
Default Accounts
Unauthorised Access
Keyloggers
Screenshots
Password
Command Injection
Command Line Tools
Live Switches
MTD Devices
Implications
Keylogging
Pivot
Demo
Hardware Trusted Platform Module
Install Environment
Recovering System
Isolation
Racing Ahead
Impact on Security
Make a Difference
Security
Taught by
Black Hat
