Learn, hack!

URL

https://media.blackhat.com/bh-us-12/Briefings/Ritter/BH_US_12_Ritter_Stamos_Myth_of_Twelve_More_Bytes_Slides.pdf

File name

BH_US_12_Ritter_Stamos_Myth_of_Twelve_More_Bytes_Slides.pdf

File size

12.1 MB

MD5

4454eb4cc73f35cdbc5ebb6d8833ceb7

SHA1

4bfc29da88199426ccb20a6d21e028709139a56f

In what may be the greatest technical shift the Internet has seen, three of the network's major foundations are being overhauled simultaneously: IPv6, DNSSEC and the creation of hundreds of new top-level domains. Two of these technologies are direct responses to the artificial scarcity of names and addresses on the Internet, and one is meant to address the lack of trust we have in the Internet's fundamental architecture. Unfortunately the unexpected secondary effects of these changes have not been appropriately explored, and enterprise IT and risk teams need to come to grips with the fact that the products and processes they have honed over the last decade will not serve them well in the next. This talk will provide a quick background of these technologies and the direct security impacts faced by network administrators today, even if you're "not using that yet". (Hint: You probably are, you just don't know it.) A great deal of modern fraud, spam and brand abuse infrastructure is based upon assumptions from the IPv4/old gTLD world, and we will explore which of these protections are completely useless and which can be retrofitted to provide some value. We will then explore the indirect impacts on monitoring, compliance, intrusion detection and prevention, and the future of enterprise architecture and defense.