RSS feed logo header graphic

Black Hat USA 2008 Training

Caesars Palace Las Vegas • August 2-7

Infrastructure Attacktecs™ & Defentecs™:

Stephen Dugan, 101Labs & Rodney Thayer

registration button

Attacktecs™ Attack Techniques used to exploit network infrastructure, servers, databases and other services with the intent of stealing or destroying intellectual property and/or to deny users and clients legitimate access.

Defentecs – Defense Techniques and implementation methods used to defend against the latest Attacktecs.


This class will cover a wide variety of the publicly-available exploit tools and how they can be used specifically against a Cisco infrastructure. A majority of the class time will be spent in practical labs. Therefore, a certain level of Cisco expertise will be expected. The training will also cover the possible defenses against these attacks.

Students will be using 2600 series routers, and 2950T switches for their labs. The lab core will consist of 3750s, 2800s, and servers of various flavors. Students will be required to bring their own laptops to attach to the labs (with appropriate caution). Students must have a working serial port and terminal emulator. This class will focus on internal infrastructure vulnerabilities and will not be covering firewalls, VPN concentrators, or IPS tools.

Here is a list of some of the topics that will be covered:

  • Exploiting Cisco Defaults
  • Breaking Password nabbing
  • Attacking LAN Switches
  • VLAN hopping and 802.1Q issues
  • Root bridge takeovers
  • HSRP, VRRP, and GLBP attacks
  • Routing Protocol manipulation
  • Advanced tunneling attacks
  • Forensics and Anti-Forensics
  • Going above and beyond best practices


Stephen Dugan is currently an independent contract instructor and network engineer. He has been teaching Cisco networking for the last several years focusing on Router and Switch configuration, Voice/Data integration, and Network Security. His students come mostly from Fortune 500 companies, government/military and service providers. He also teaches private internal classes to Cisco Employees. As a Network Engineer he has worked on the design and implementation of large enterprise, government, and service provider networks. He is also working on a unique security book covering the aspects of hacking VoIP networks. Although the book has been delayed, it should be out in 2006.

registration button







1997-2009 Black Hat ™