Talks
Speakers
Events
Topics
Sign in
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
Packet -Fu with Ruby by: Tod Beardsley
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
The video titled "Packet-Fu with Ruby" features Tod Beardsley, a security researcher, who discusses mid-level packet manipulation using the Ruby programming language. The presentation took place at the LoneStarRuby Conf 2008 and introduces the concepts of crafting and manipulating network packets. Beardsley explains his motivation for working with Ruby to test network equipment, particularly security devices such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). **Key Points Discussed:** - **Introduction to Packet Manipulation:** Beardsley explains why one might want to manipulate packets instead of relying on standard OS stacks, highlighting scenarios such as testing device resilience against unusual packet sizes or compositions. - **The Need for a Ruby-based Solution:** He mentions the lack of packet manipulation libraries available in Ruby compared to Python's Scapy or Perl's Raw IP. This gap led him to create a Ruby library named Pakao, designed for packet manipulation, starting from his experience with Scrooby, a port of Scapy in Python. - **Tools and Libraries:** The presenter outlines various libraries he used, including PcapRub for leveraging libpcap functionality essential for working with network packets and BinData for creating structured binary data types in Ruby. - **Packet Structure and Types:** Beardsley discusses the types of packets that have been implemented within Pakao, such as TCP, UDP, ICMP, ARP, and IPv6, describing how packets are structured as Ruby objects and treated within the framework. - **Upcoming Innovations:** He shares his vision for future improvements in Pakao, including integration into the Metasploit framework, enhanced packet response capabilities, and the development of a Honeypot Demaster to deceive attackers. **Examples: A Demonstration of "Who Am I" Functionality:** - Beardsley gives a practical demonstration of the "Who Am I" utility, which sends out a packet to identify the present machine's network details. **Conclusions and Takeaways:** - The presentation emphasizes the importance and challenge of packet manipulation in Ruby, underscoring Beardsley's commitment to developing tools that facilitate network security research and testing. He encourages viewers to engage with his work, promising ongoing updates and improvements in Pakao.
Suggest modifications
Cancel
