Eddi Blenkers
For over 20 years, Eddi has been looking at network protocols to find (or rule out) network problems, vulnerabilities, ongoing hacking attacks or just for fun.
Working for the Swiss train company BLS as IT security analyst, he is reviewing the configuration of a multitude of systems to improve the overall security of the domain. Wireshark is one of the tools to verify the outcome of a configuration change.
Shameless promotion: Visit https://www.bls.ch/en/freizeit-und-ferien/ausflug to find some of the best destinations in Switzerland.
Sessions
Kerberos is the bread and butter protocol used for authentication and authorization in a Windows domain.
Like many Windows components, it works fine in the default configuration and offers several options to strengthen its security. This includes the search for old encryption algorithms and the introduction of Kerberos Armoring, a.k.a Kerberos FAST.
This hands-on workshop will take you into the inner workings of Kerberos. We will use Wireshark to identify faulty configurations, misleading messages in event logs and decrypt whatever Windows wants to hide from plain view.
Trace files included: Bring your own laptop!
in this short presentation we transfer a file and record the event with a tap and the Cisco ACI engine
Intuitively, we might configure a SPAN port because it's cheap and fast.
This presentation will explore the situation when the infrastructure or the virtual capture points are overloaded