Black Hat Briefings, Las Vegas 2005 [audio] Presentations From The Security Conference

Himanshu Dwivedi's presentation will discuss the severe security issues that exist in the default implementations of iSCSI storage networks/products. The presentation will cover iSCSI storage as it pertains to the basic principals of security, including enumeration, authentication, authorization, and availability. The presentation will contain a short overview of iSCSI for security architects and basic security principals for storage administrators. The presentation will continue into a deep discussion of iSCSI attacks that are capable of compromising large volumes of data from iSCSI storage products/networks. The iSCSI attacks section will also show how simple attacks can make the storage network unavailable, creating a devastating problem for networks, servers, and applications. The presenter will also follow-up each discussion of iSCSI attacks with a demonstration of large data compromise. iSCSI attacks will show how a large volume of data can be compromised or simply made unavailable for long periods of