logo
Dates

Author


Conferences

Tags

Sort by:  

Conference:  Defcon 31
Authors: Ricky Lawshae
2023-08-01

Beneath the mundane world of TCP/IP exists the magical and mysterious realm of ethernet. There are many different types of ethernet protocols in use today, known as ‘ethertypes’, that run the gamut from the boutique to the ubiquitous. In this talk, we will delve into some of the more interesting and obscure ethertypes that exist. We will discuss the network protocols themselves, where they can be found in the wild, what you can do with them, and how they could be abused in the wrong hands. We will explore wide-ranges of networking environments including industrial/facilities, transportation, and medical, and will include several live demos. Attendees will leave this talk with a greater understanding and appreciation for the unseen networking world that exists all around them.
Conference:  Defcon 31
Authors: Patrick Wardle Objective-See Foundation
2023-08-01

As the majority of malware contains networking capabilities, it is well understood that detecting unauthorized network access is a powerful detection heuristic. However, while the concepts of network traffic analysis and monitoring to detect malicious code are well established and widely implemented on platforms such as Windows, there remains a dearth of such capabilities on macOS. This talk aims to remedy this situation by delving deeply into a myriad of programmatic approaches capable of enumerating network state, statistics, and traffic, directly on a macOS host. We will showcase open-source implementations of relatively overlooked low-level APIs, private frameworks, and user-mode extensions that provide insight into all networking activity. And, by leveraging these techniques, you will learn how to efficiently and generically detect both known and unknown threats targeting macOS!
Authors: Antonio Ojea Garcia, Surya Seetharaman, Shane Utt
2023-04-21

This talk will provide a high level overview of Kubernetes networking and share updates on some of the latest SIG-Network projects. These projects include Admin Network Policy, Topology Aware Routing, Multi Network, and more.
Authors: Alexander Constantinescu
2023-04-21

tldr - powered by Generative AI

Improving the reliability of Kubernetes load balancers
  • Kubernetes load balancers are critical for application ingress
  • Current load balancer configuration is simplistic and introduces serious failure modes
  • The proposed solution involves refactoring support to better uphold application SLA
  • The talk covers the background, problem, solution, and future work
Authors: Thomas Graf
2023-04-21

tldr - powered by Generative AI

The presentation discusses the importance of monitoring infrastructure using the Golden Signal Dashboard and Kubernetes Service Implementation.
  • The Golden Signal Dashboard is a standard way of monitoring infrastructure for publicly available services.
  • The four golden signals that matter are latency, traffic or throughput, errors, and saturation.
  • Kubernetes Service Implementation allows for multiple pod replicas to be exposed via a single IP and DNS name.
  • Network policies can cause problems that are hard to detect without proper observability tools.
  • Hubble UI and Hubble Observe CLI are useful tools for troubleshooting network issues.
Authors: Goutam Verma
2023-04-20

tldr - powered by Generative AI

An overview of popular networking options in Kubernetes
  • The presentation discusses the various networking options available in Kubernetes, such as Calico, Flannel, and Weave
  • Attendees will gain a comprehensive understanding of the features and use cases of each option and how they compare to each other
  • The talk covers the advantages and disadvantages of each option, including their scalability, security, and ease of use
  • Real-world use cases and scenarios are presented to help attendees make informed decisions when choosing a networking solution for their Kubernetes environment
Authors: Raymond de Jong
2023-04-19

tldr - powered by Generative AI

The presentation discusses how to achieve network security and observability using Celium and eBPF features.
  • Use Celium and eBPF features to achieve network security and observability
  • Prioritize on the number of servers exposed through Ingress or Gateway API
  • Focus on services reachable within the cluster across namespaces and services with access to external resources such as egress
  • Start with an initial namespace policy and use global policies across the platform or even across clusters using cluster-wide network policies to define the guardrails
  • Transition from per-namespace security with global policies as guardrails to more fine-grained policies
  • Use CI/CD pipeline tools like Argo Flux and Github pipelines to manage network policies at scale
  • Automatically check for CIDR blocks which are not approved to be allowed to access using a policy
  • Unlock features in networking security and observability using eBPF
Authors: Jason Skrzypek, Marino Wijay
2023-04-19

tldr - powered by Generative AI

The conference presentation is about a workshop on network foundations for cloud-native ecosystems, with a focus on Kubernetes and related technologies.
  • Understanding how data moves between applications is critical for performance, security, and efficiency
  • CoreDNS, Envoy, Istio, CNI, and Cilium are important cloud-native networking tools
  • The workshop covers topics such as packet flow, network communication tracking, DNS, service mesh, and container networking
  • The OSI model is used to understand how data moves around a network
  • The workshop consists of seven modules covering different aspects of networking
  • The presenters provide a sandbox environment for participants to follow along with the workshop
Authors: Sponsor: Apiiro
2022-11-17

You are invited to join us for our Global AppSec San Francisco Networking Reception in the Exhibitor Hall.Mingle with your peers in a relaxed, laid-back environment. Visit our exhibitor booths to learn about their newest products and services and get your "Passport" stamped for a chance to win some great prizes at the conclusion of the conference.Past hors-d'oeuvres and beverages will be provided.
Authors: Bowei Du, Surya Seetharaman, Andrew Stoycos, Rob Scott
2022-10-28

tldr - powered by Generative AI

The SIG-Network is a special interest group focused on networking and projects related to traffic and protocols. The group was formed to help offload the technical oversight committee and to clarify and inform, collaborate and interrelate with any number of open source projects that are within the CNCF and outside the CNCF. The group's focus is on service meshes, but it also covers other networking technologies.
  • SIG-Network is a special interest group focused on networking and projects related to traffic and protocols
  • The group was formed to help offload the technical oversight committee and to clarify and inform, collaborate and interrelate with any number of open source projects that are within the CNCF and outside the CNCF
  • The group's focus is on service meshes, but it also covers other networking technologies