m-eth: man in the middle ethernet

M-ETH Man in the middle - ETHernet Gabriel González García LaCon 2009

Upload: wintercore

Post on 10-May-2015

1.494 views

Category:

Documents

2 download

Report

Download

Tags:

Embed Size (px):

DESCRIPTION

Slides from the M-ETH presention at LaCon'09More information at Wintercore Labs' blog: http://blog.wintercore.com

TRANSCRIPT

M-ETH

Man in the middle - ETHernet

M-ETH

Man in the middle - ETHernet

Gabriel González García

LaCon 2009

Gabriel González García

LaCon 2009

Page 2: M-ETH: Man in the Middle Ethernet

High-level Functionality

Demo – Live!

Detailed Description

Page 3: M-ETH: Man in the Middle Ethernet

Ethernet – PCI Card

Custom Development

Transparent for the user

Page 4: M-ETH: Man in the Middle Ethernet

Analyzes the whole Host’s traffic (in/out)

All the packets go through the MCU

Allows to analyze/modify network traffic

Page 5: M-ETH: Man in the Middle Ethernet

Information forwarding

Content Filtering

IPS/IDS

Information Leaking Prevention

On-the-Fly File Modification

Page 6: M-ETH: Man in the Middle Ethernet

LIVE!!

Page 7: M-ETH: Man in the Middle Ethernet

Components

M-ETH Architecture

Firmware

Page 8: M-ETH: Man in the Middle Ethernet

Chip (MAC + PHY) & PCI : DP 83816EX

(MAC + PHY) & SPI: ENC28J60

MCU (Embedded MAC): AVR32UC3A

Page 9: M-ETH: Man in the Middle Ethernet

MAC

PHY

Page 10: M-ETH: Man in the Middle Ethernet

Ethernet Configuration

Page 11: M-ETH: Man in the Middle Ethernet

4-wire Comunication

Page 12: M-ETH: Man in the Middle Ethernet

Page 13: M-ETH: Man in the Middle Ethernet

FreeRTOS

Driver Integrated MAC

Ethernet Driver ENC28J60

Custom Micro TCP/IP Stack

Page 14: M-ETH: Man in the Middle Ethernet

Two task running in Parallel

◦ Ingress Traffic

◦ Outgress Traffic

Page 15: M-ETH: Man in the Middle Ethernet

1. Packet Read

2. Perform Action?

3. If modified, regenerate checksums

4. Send packet if not blocking

Page 16: M-ETH: Man in the Middle Ethernet

HOYGAN!! ¿HALGUNA PREGUNTAH?

IEEE ComSoc SCV :SCV : Ethernet’s Next Evolution – 40GbE ... · – Next Rate of Ethernet T h i l F ibilit 100,000 40 Gi bit Eth t 100 Gigabit Ethernet}Technical Feasibility –

USING THE XPERT2 / 9210B ON A TCP/IP NETWORK · 2. CONNECTION TO A NETWORK Connect the Xpert to a TCP/IP network using an Ethernet cable. The Ethernet cable plugs into the “ETH”

Ethernet Surge Protector ETH-SP Quick Start Guide

Using ICC ETH-1000 EtherNet/IP Interface with eth1000 ... · Using ICC ETH-1000 EtherNet/IP Interface with Mitsubishi Motion Controllers . i ... ControlLogix PLC, an ICC ETH-1000

cypressintegration.com/wp-content/uploads/SPX-7200_MAN_181206O.pdf SPX-7200 MAN 181206 - Cypress Integration1 SPX-7200_MAN_181206 Suprex® Ethernet SPX-7200 Ethernet Reader-Extender

Our Customer Terms Ethernet MAN section · This Ethernet MAN section was last changed on 1 August 2019. 2 Ethernet MAN What is Ethernet MAN? 2.1 Ethernet MAN is an Ethernet over fibre

R&S®SITLine ETH Ethernet Encryptor - ZSIS > Naslovnica · 2015-03-18 · R&S®SITLine ETH, the security requirements can be repre-sented fully independently of the existing or planned

ETH Ethernet MAC - Infineon Technologies

MultiFlex ETH 1000 Series User's Manual · MultiFlex ETH 1000 Series User's Manual 5 Introduction The MultiFlex ETH 1000 Series are programmable Ethernet-based motion controllers

PXM1000 dual-port ethernet accessory module...1 1. Introduction to Ethernet PXM1000 – Dual-Port Eth Ern t acc ssory MoDul PXM1K-EthMult MN150013EN July 2020 1. Introduction to Ethernet

Ulive Systemsulivesystems.com/wp-content/uploads/2017/10/Ulive_Ethernet_RS42… · Olive systems Providing Technology Access to Everyone ernet toRS422 Converter UC-ETH-RS422 Ethernet

Quick Note 53 - Digi Internationalftp1.digi.com/support/documentation/QN_53_WWAN_failover_logical… · Configuration - Network > Interfaces > Ethernet > ETH 0 > Advanced

ETH-01 UART (TTL) to Ethernet Adapter - H2TechnikCFG pin is pulled high, the configuration mode is exited. ETH-01 module serial port configuration command format:

OPC-G1-ETH Multiprotocol Ethernet Interface · OPC-G1-ETH Multiprotocol Ethernet Interface Thank you for purchasing the OPC-G1-ETH Multiprotocol Ethernet Interface. x This product

1Gb Ethernet Module Description 4 / 36 7.1.1 Test bench for TSE IP 26 7.1.2 Test bench for ETH module 27

CONV - TECSYSTEM · CONV. ETH 7 X Windows Vista, 7, 8. ETHERNET MODULE PARAMETER PROGRAMMING ETH CONNECTIONS Using an Ethernet cable, connect the RJ45 ETH of the CONV ETH to the ethernet

Ethernet Manual (Embedded) - electrocentr · Ethernet Manual (Embedded) ... 52 [Embedded Eth Com Interrupt]() ... Stop Commands

Using ICC ETH-1000 EtherNet/IP Interface with …...PLC using either EtherNet/IP Implicit or Explicit Messaging protocols. Both the built-in Ethernet port on an iQ CPU and an external

L322 Fast Ethernet Media Converter Users Manual - …product.canoga.com/media/manual/6912560E-MAN-L322.pdfL322 Fast Ethernet Media Converter Users Manual. i ... L322 Fast Ethernet

Power-Over-Ethernet Adapters Manualec1.images-amazon.com/media/i3d/01/A/man-migrate/MANUAL000011… · About Power Over Ethernet (POE) The DWL-P100 Power Over Ethernet ... Fellenoord

ESA Technology, Inc ESA Elettronica, S.p.A. ESAElektronik ... (2).pdf · PLC and other devices ... Allen Bradley AB Ethernet, Ethernet IP, Micrologix, DF1, SLC Delta DVP ... (ETH),

Folienmaster ETH Zürich - ETH Zürich - Homepage | ETH

dspace cover page - Research Collection40031/eth-40031-02.pdf · Esgibt Augenblicke imLeben, in denendie Frage, obmananders denkenkann, als man denkt, und anders sehen, als man sieht,

ETH BOARD - ETH-Rat

M-ETH: Man in the Middle Ethernet - LaCon'09

R&S®SITLine ETH: Powerful end-to-end encryption for Ethernet … · 2016. 11. 30. · Secure Communications Application Card | 01.01 Powerful end-to-end encryption for Ethernet private

Ultra-Low Latency 10G Ethernet IP Solution - PRWebww1.prweb.com/prfiles/2017/05/02/14299609/10G-Ethernet-Ultra-Low... · Ultra-Low Latency 10G Ethernet IP Solution Product Brief (HTK-ULL10G-ETH-32-FPGA)

Synchronous Ethernet ITSF 2007 - Chronos …As in SDH, a synchronous-Ethernet equipment has to split clock requirements between port and an equipment clock Eth and SDH/SONET ports

Eth vs. TP Slide 1 The Access Company Ethernet vs. MPLS-TP in Access Networks Presented by: Yaakov (J) Stein CTO

ETH =Love 2 - ETH Zürich - Homepage | ETH Zürich

Ethernet Module(EH-ETH) APPLICATION MANUAL ... › uploads › EH-ETH-P3a-E.pdfPreliminary Rev.03 Chapter 1 Introduction 1-3 The contents of this manual might be changed without notice

eNod4-B ETHERNET - Eliton Tartım - Ağırlık Tartımıelitontarti.com.tr/dokumanlar/nu-soft-enod4b-eth-e-0716_236709-c.pdf6/108 User manual SCAIME: NU-soft-eNod4B-ETH-E-0716_236709-C.doc

Ethernet Surge Protectordl.ubnt.com/datasheets/ETH-SP/Ethernet_Surge_Protector_DS.pdf · Ethernet Surge Protector Dimensions 91 x 61 x 32.5 mm (3.58 x 2.4 x 1.28") Weight 80 g (2.82

ETH by night - ETH Zürich - Homepage | ETH Zürich

STM32F4 Series safety manual - User manual - Home - … · STM32F4 Series safety manual ... (RTC) ... 3.6.26 Ethernet (ETH): media access control

m-eth: man in the middle ethernet

Documents

mac phy

ex mac

chip mac

ethernet configuration

enc28j60 mcu embedded

phy pci

eth man

network traffic