Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SDN Final Report

Avatar for adr adr
June 21, 2019

SDN Final Report

Avatar for adr

adr

June 21, 2019
Tweet

More Decks by adr

Other Decks in Technology

Transcript

  1. >_SDN? Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table
  2. >_SDN Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv
  3. >_SDN? Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table External Network Controller Service Ctrl Srv
  4. >_Issue Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
  5. >_Issue Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
  6. >_Issue Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
  7. >_Issue Host A ... Switch A Service Flow Table Manager

    Host C Emploee Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc. $>/bin/sh Bingo! Get Shell.
  8. >_IDS Host A Switch Service Flow Table Host B Host

    C IDS Srv Packets Packets Packets Intrusion Detection System
  9. >_ Host A Switch Service Flow Table Host B Host

    C IDS Srv Packets Packets Packets IDS Intrusion Detection System Tcpdump
  10. >_IDS Host A Switch Service Flow Table Host B Host

    C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode
  11. >_IDS Host A Switch Service Flow Table Host B Host

    C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode Marked As Pwned Devices
  12. >_SDN Host A Switch A Service Flow Table Host B

    Hacked Controller Service Ctrl Srv IDS Srv Scouting Updating Flow
  13. >_SDN Host A Switch A Service Flow Table Host B

    Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
  14. >_SDN Host A Switch A Service Flow Table Host B

    Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
  15. >_SDN? Host A ... Switch A Service Flow Table Host

    B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv IDS Srv IDS Srv