With auto-configuration protocols now being added to operating systems and implemented by default in your network devices, hosts are now actively advertising their available attack surfaces to anyone listening on the network.
By collecting background traffic on the network, and analyzing it, we can perform a host discovery, a port scan, and a host profile which even includes configuration information; all without sending any packets. This means that threats both inside and outside your network can assess and target your network hosts silently without leaving a trail.
In this session, we'll start out by covering what makes this all possible, then examine typical network traffic to see what is made available to us, end up using several brand new tools that I have developed to utilize this information in an actual attack against a vulnerable network host, and finally finish our time discussing what you can as a network defender do about it.