Black Hat Digital Self Defense Europe 2005

Note: if the class is overfilled, then you will be wait-listed. You will be contacted should this occur.


Black Hat Europe Training 2005
Grand Hotel Krasnapolsky • 29-30 March 2005

Course Length: 2 days

Cost: 1500 EUR before 1 March 2005 or 1700 EUR after 1 March 2005. All course materials, lunch and two coffee breaks will be provided. NOTE: this is a two day course. A Black Hat Certificate of Completion will be offered. You must provide your own laptop.


Two Day Course
29-30 March 2005

Infrastructure Attacktecs™ & Defentecs™:
Cisco Voice Over IP (VoIP)

Co-authored by Stephen Dugan, 101Labs & Rodney Thayer

What to bring:
Your laptop with a
both a serial port and FastEthernet NIC. Operating systems on laptops can be either Windows or Linux.

You must provide your own laptop. No loaner laptops will be available.

Attacktecs™ Attack Techniques used to exploit network infrastructure, servers, databases and other services with the intent of stealing or destroying intellectual property and/or to deny users and clients legitimate access.

Defentecs – Defense Techniques and implementation methods used to defend against the latest Attacktecs.

This class will cover a wide variety of the publicly available exploit tools (and some we've created) and how they can be used specifically against Cisco VoIP (Voice over IP) Telephony systems. The training will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant class time will be devoted to both attack and defense techniques. This class is designed to be very hands on and lab intensive. Therefore, a certain level of VoIP experience will be expected, specifically in using Cisco Systems related products.

Students will be using a variety of VoIP gear, Cisco equipment, and open source tools. Students will be required to bring their own laptops (with appropriate caution) to attach to the lab network. Laptops will be used to run attacks against the network and to perform configuration. The labs will require all laptops to have both a serial port and Fast Ethernet NIC. Operating systems on laptops can be either Windows or Linux. The class CD will have tools for both OSs, however some of the tools are only available for certain operating systems.

Some of the topics that will be covered:

  • VoIP architectural vulnerabilities
  • VoIP Threat Models
  • Deployment mistakes and related vulnerabilities
  • Defense requirements for VoIP networks
  • Operational techniques for VoIP network defense
  • H.323 attacks
  • SIP attacks
  • VoIP implementation attacks
  • Designing VoIP security infrastructure
  • Requirements guidelines for secure VoIP products
  • Specific attacks against Cisco Phones and Call Manger

Course Length: 2 days

Cost: 1500 EUR before 1 March 2005 or 1700 EUR after 1 March 2005.
NOTE: this is a two day course. A Certificate of Completion will be offered.


Stephen Dugan is currently an independent contract instructor and network engineer.b He has been teaching Cisco networking for the last 3 years focusing on Router and Switch configuration, Voice/Data integration, and Network Security. His students come mostly from Fortune 500 companies and large service providers. He also teaches private internal classes to Cisco Employees. As a Sr. Network Engineer he has worked on the design and implementation of large enterprise, government contractor, and service provider networks. He is also working on a new series of security books entitled "Hacker Attacktecs." The first three planned books will cover Windows, Unix/Linux, and Cisco exploits and how to defend against them.
Black Hat Logo
(c) 1996-2007 Black Hat