Conference:  Defcon 31

Authors: Ricky Lawshae

2023-08-01

Beneath the mundane world of TCP/IP exists the magical and mysterious realm of ethernet. There are many different types of ethernet protocols in use today, known as ‘ethertypes’, that run the gamut from the boutique to the ubiquitous. In this talk, we will delve into some of the more interesting and obscure ethertypes that exist. We will discuss the network protocols themselves, where they can be found in the wild, what you can do with them, and how they could be abused in the wrong hands. We will explore wide-ranges of networking environments including industrial/facilities, transportation, and medical, and will include several live demos. Attendees will leave this talk with a greater understanding and appreciation for the unseen networking world that exists all around them.

Conference:  KubeCon + CloudNativeCon North America 2022

Authors: Doron Podoleanu, Daniel Rouhana, Emma Dickenson

2022-10-28

The presentation discusses the need for upgrading encryption systems in Cloud native production systems and proposes the formation of a technical advisory group to coordinate and govern community efforts to deliver the required changes.

• Major Cloud providers have already been working on upgrading their encryption systems for a few years
• Upgrading the entire stack of encryption systems in Cloud native production systems involves multiple dependencies and requires toll planning and execution
• A technical advisory group should be formed to coordinate and govern community efforts to deliver the required changes
• Istio provides critical East-West authentication and authorization via Mutual TLS
• The speaker demonstrates the use of Envoy and Istio in a live demonstration of a book info demo

Conference:  CloudOpen 2022

Authors: Chenxi Li

2022-06-21

HTTP(S) is one of the most popular application protocols. Many well-known applications, such as Kubernetes and TiDB, heavily rely on the HTTP(s) protocol. However, HTTP connections might fail due to various faults, such as network aborts, long delays, or even man-in-the-middle attacks, causing services unavailable to users. In such cases, simulating HTTP faults with a chaos engineering tool can be extremely beneficial to ensure the robustness and resilience of the application, particularly distributed ones. In this talk, Chenxi Li will show how to implement the HTTPChaos, a chaos engineering mechanism that injects faults into common HTTP applications without any configurations. The theory and rust implementation of a transparent proxy, the hijack solution of HTTPS services on Kubernetes, and the plugins used to inject the message body as custom requirements will also be covered.