[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: hitb cinema :: lock picking village :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Conference Materials: http://conference.hitb.org/hitbsecconf2007kl/materials/

Official Photos: http://photos.hitb.org

Dror-John Roecher (Senior Security Consultant, ERNW GmbH)

Filed under: Main Page — Administrator @ 9:40 pm

Presentation Title: Attacking Cisco Network Admission Control – NAC@ACK
Presentation Details:

The last two years have seen a big new marketing-buzz named “Admission Control” or “Endpoint Compliance Enforcement” and most major network and security players have developed a product-suite to secure their share of the cake. While the market is still evolving one framework has been getting a lot of market-attentiont: “Cisco Network Admission Control”. NAC is a pivotal part of Cisco’s “Self Defending Network” strategy and supported on the complete range of Cisco network- and security-products. From a security point of view “NAC” is a very interesting emerging technology which deservers some scrutiny. The Cisco NAC solution contains two major design-flaws which enable us to hack (at least) two of the three different variants using some kind of “posture spoofing attack”. We will demonstate code & tool for posture spoofing in Cisco NAC secured networks.

About Dror

Dror has enjoyed working with Cisco stuff for more than eight years and is usually busy assessing the security of enterprise networks and data-centers. He works as a senior security consultant for germany-based ERNW GmbH all over Europe and has published multiple whitepapers on security-related topics. He is a seasoned speaker and enjoys sharing his experience with his audience. The last two years have seen him develop additional points of interests including Mobile Security [he simply loves to play around with all the newest funky gadgets] and Endpoint Security - but at the heart he still is a networker.

** Presenting with Michael Thumann



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors


Microsoft Corporation

Gold Sponsors


SCANIT ME LLC

Official Airline Partner


Internet Bandwidth Sponsor


Global Transit

CTF Sponsor


Scan Associates

CTF Prize Sponsor


Scan Associates

Sponsor for Zone-H/HITB Hacking Challenge


Ascendsys

HITB Cinema Sponsor


Avenuz Sdn. Bhd.

Official Creation Station


The Womb.com

Our Speakers are Supported By


F-Secure Corporation


Arbor Networks


Mediaservice.net


Bellua Asia Pacific


ERNW GmbH


Mozilla Corporation


Mu Security

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


Chaos Computer Club


ISECOM - Insititue for Security and Open Methodologies


ISACA


IT Underground


X-Focus China

Zone-H Defacement Mirror


Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore


Syscan