m-eth: man in the middle ethernet
Post on 10-May-2015
1.494 Views
Preview:
DESCRIPTION
TRANSCRIPT
M-ETH
Man in the middle - ETHernet
M-ETH
Man in the middle - ETHernet
Gabriel González García
LaCon 2009
Gabriel González García
LaCon 2009
High-level Functionality
Demo – Live!
Detailed Description
Ethernet – PCI Card
Custom Development
Transparent for the user
Analyzes the whole Host’s traffic (in/out)
All the packets go through the MCU
Allows to analyze/modify network traffic
Information forwarding
Content Filtering
IPS/IDS
Information Leaking Prevention
On-the-Fly File Modification
LIVE!!
Components
M-ETH Architecture
Firmware
Chip (MAC + PHY) & PCI : DP 83816EX
(MAC + PHY) & SPI: ENC28J60
MCU (Embedded MAC): AVR32UC3A
MAC
PHY
Ethernet Configuration
4-wire Comunication
FreeRTOS
Driver Integrated MAC
Ethernet Driver ENC28J60
Custom Micro TCP/IP Stack
Two task running in Parallel
◦ Ingress Traffic
◦ Outgress Traffic
1. Packet Read
2. Perform Action?
3. If modified, regenerate checksums
4. Send packet if not blocking
HOYGAN!! ¿HALGUNA PREGUNTAH?
top related