Home > Security > Domo Arigato, Mr. Paketto

Domo Arigato, Mr. Paketto

On networks, as in most things, there is that which is possible, and
there is that which is impossible. There is a line between the two, built
on assumptions, thoughts, and precious few truths.

It’s reasonable to argue that the definition of progress is in moving that
line…by whatever cracked-out means happen to be available, as the case
may be. Recently, I wrote significant portions of a book:
Hack Proofing Your Network: Second Edition, from Syngress Press. Beyond finally
documenting the massive hackery I’ve always been known to pull with
OpenSSH, Syngress gave me the opportunity to research useful implications
of spoofing techniques.

The result: On Saturday, August 3rd, 2002, I am delivering the following talk
at Defcon X, in Las Vegas:

Black Ops of TCP/IP: Work NAT, Work. Good NAT. Woof 

Communication under TCP/IP networks has become extraordinarily popular;
still, there remains significant problems that as of yet have remained
unsolved within its layered rules. So, lets break the rules, elegance
(and possibly security) be damned. Signficant new techniques and code
will be unveiled to answer the following questions:

A) Instant Portscan

  • Is it possible to discover instantaneously what network services have
    been made available, even on massive networks?

    B) Guerrila Multicast 

  • Is it possible to send a single packet to multiple recipients, using today.s
    multicast-free Internet?.

    C) “NATless NAT” 

  • Is it possible to share a globally addressable IP address without
    translating private IP ranges a la NAT? 
  • Is it possible to allow
    incoming connections to an IP multiplexed in this manner?

    D) NAT Deadlock Resolution 

  • Is it possible to establish a TCP connection between two hosts, both
    behind NATs? 

    Various interesting uses of these new packet-level primitives should be
    discussed, and OpenSSH will trotted out as the method of bringing some
    degree of security unto the resulting chaos.

  • This talk (actually, an extended variant of it) was just delivered at
    the Black Hat Briefings USA 2002. In response to many requests for the
    actual code used to answer those questions(hint: the answer, in every case, is

    I hereby announce the impending release of the Paketto Keiretsu, a
    flotilla of interesting tools and cross-linked techniques for achieving
    new and useful functionality from existing IPV4 networks. Public
    release will take place August 3rd, at 6PM, during the Defcon talk.

    Slides will be made available immediately as well, along with papers.
    What, you want details? Come to Black Hat next time 🙂


    Categories: Security
    1. No comments yet.
    1. No trackbacks yet.

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out /  Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out /  Change )

    Connecting to %s

    %d bloggers like this: