{"id":228045,"date":"2012-06-28T11:05:40","date_gmt":"2012-06-28T10:05:40","guid":{"rendered":"http:\/\/securite.intrinsec.com\/?p=554"},"modified":"2012-06-28T11:05:40","modified_gmt":"2012-06-28T10:05:40","slug":"sstic-2012-troisieme-journee","status":"publish","type":"post","link":"https:\/\/www.intrinsec.com\/en\/sstic-2012-troisieme-journee\/","title":{"rendered":"SSTIC 2012 \u2013 Day Three"},"content":{"rendered":"<p><strong>Source Address Validation Improvements (SAVI)<br \/>\nSpeaker: Jean-Michel Combes (Orange)<\/strong><\/p>\n<p>The third and final day of SSTIC began with a rather technical presentation on possible countermeasures to attacks based on IP address spoofing. Not necessarily easy to digest the day after a social event, but it&#039;s always possible to consult the... <a title=\"SAVI Resources\" href=\"https:\/\/www.sstic.org\/2012\/presentation\/source_address_validation_improvements_savi\/\">resources<\/a> <del>once the headache has passed<\/del>\u00a0with a clear head.<!--more--><\/p>\n<p>The conference opens with a presentation of the most widespread attacks, such as poisoning (ARP, DNS\u2026) or denial of service (TCP flood\u2026). It then describes the various countermeasure proposals published by the IETF, as well as their limitations.<br \/>\nThe body of the presentation focuses on the latest standard of this type (SAVI): its mode of operation, its current level of deployment and the limitations of the technique.<br \/>\nIn short, the protocol acts as a buffer at the switch level. It determines the legitimate owner of an address based on several elements (MAC address, switch port, etc.) and can establish trusted zones for traffic.<br \/>\nIt is notably deployed on a Chinese university network where it operates on one million devices.<br \/>\nIt can be noted that the limitations of the protocol go beyond the technical: by allowing the location of IP addresses, it enters into privacy issues, for example.<\/p>\n<p>THE <a title=\"Slides SAVI\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/source_address_validation_improvements_savi\/SSTIC2012-Slides-source_address_validation_improvements_savi-combes_laurent.pdf\">slides<\/a>\u00a0; L&#039;\u2019<a title=\"SAVI article\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/source_address_validation_improvements_savi\/SSTIC2012-Article-source_address_validation_improvements_savi-combes_laurent_1.pdf\">article<\/a>.<\/p>\n<p><strong>Malicious use of connection tracking<\/strong><br \/>\n<strong>Speaker: Eric Leblond (OISF)<\/strong><\/p>\n<p>The presentation starts with a brief reminder about the implementation of connection tracking with netfilter: the conntrack system, which works wonderfully to provide stateful filtering with &quot;simple&quot; protocols (those that pass all their data neatly between two ports; typically HTTP).<br \/>\nNext comes the turn of the less compliant protocols that tend to open connections somewhat arbitrarily (FTP, SIP, etc.). In these cases, netfilter relies on <em>helpers<\/em> : modules developed separately, which inspect the control channel of the protocols in question to manage the opening of flows.<br \/>\nThe question is simple: if these <em>helpers<\/em>\u00a0are poorly coded \u2013 meaning &quot;if they don&#039;t validate the legitimacy of requests on the control channels&quot; \u2013 doesn&#039;t the firewall become a giant open bar? (spoiler: yes, but it&#039;s not the end of the world either)<br \/>\nThe problem stems from the methods of controlling the\u00a0<em>helpers<\/em>. Beyond implementation flaws, we can find ourselves in situations where the very design of a protocol does not allow <strong>not<\/strong> to effectively validate the legitimacy of a request; such as, for example, the DCC of IRC.<br \/>\nIt is therefore indeed possible to exploit the <em>helpers<\/em>\u00a0to arbitrarily open data streams through a firewall. However, dreams of accessing a 3306 from the internet can be nipped in the bud. On the one hand, the <em>helpers<\/em>\u00a0Dangerous ones are disabled by default. On the other hand, it is generally necessary to be on the local network to be able to use them when they are active.<br \/>\nIn short, a very interesting topic, worth remembering. And testing it internally, since the speaker has published his tool and a script exists. <a href=\"http:\/\/seclists.org\/nmap-dev\/2012\/q2\/att-629\/firewall-bypass.nse\">nmap<\/a>\u00a0which allows testing the behavior of <em>helpers<\/em> FTP.<\/p>\n<p>THE <a title=\"Slides opensvp\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/utilisation_malveillante_des_suivis_de_connexions\/SSTIC2012-Slides-utilisation_malveillante_des_suivis_de_connexions-leblond.pdf\">slides<\/a> ; L&#039;\u2019<a title=\"OpensVP article\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/utilisation_malveillante_des_suivis_de_connexions\/SSTIC2012-Article-utilisation_malveillante_des_suivis_de_connexions-leblond_1.pdf\">article<\/a>.<\/p>\n<p><strong>Influence of best practices on BGP incidents<\/strong><br \/>\n<strong>Speakers: Sarah Nataf (Orange), Fran\u00e7ois Contat (ANSSI), Guillaume Valadon (ANSSI)<\/strong><\/p>\n<p>As an appetizer, the speakers humorously announced that this year there is ANSSTIC, and\u2026 ANSSTIC by Orange:<\/p>\n<p><a href=\"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2012\/06\/ansstic-par-orange.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-556\" src=\"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2012\/06\/ansstic-par-orange.jpg\" alt=\"ANSSTIC par Orange\" width=\"150\" height=\"136\" \/><\/a><\/p>\n<p>The presentation begins with a brief introduction to BGP: the prerequisites for implementing it (AS number, IP prefixes, the large pipeline that carries everything between operators) and the operation of the protocol itself (session openings between routers, prefix announcements).<br \/>\nThe following section describes potential exploits and best practices for protection. Examples illustrate the lack of default protection for prefix announcements\u2014thus creating the possibility of spoofing them or advertising routing tables containing a virtually unlimited number of prefixes. The case of Pakistan is cited, where, in an attempt to block YouTube within the country, prefixes were advertised that redirected to a &quot;black hole&quot;\u2014prefixes that were propagated to routers beyond its borders, temporarily redirecting global traffic intended for YouTube to Pakistan.<br \/>\nThe final section presents the operator&#039;s perspective and the measures implemented to monitor networks and respond to incidents.<br \/>\nIn conclusion, BGP is a robust protocol, but it relies on trust between operators; therefore, applying best practices is essential to ensure its proper functioning. Incidents are more often caused by unforeseen errors and side effects than by malicious acts.<\/p>\n<p>THE <a title=\"BGP Slides\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/influence_des_bonnes_pratiques_sur_les_incidents_b\/SSTIC2012-Slides-influence_des_bonnes_pratiques_sur_les_incidents_bgp-contat_valadon_nataf.pdf\">slides<\/a> ; L&#039;\u2019<a title=\"BGP article\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/influence_des_bonnes_pratiques_sur_les_incidents_b\/SSTIC2012-Article-influence_des_bonnes_pratiques_sur_les_incidents_bgp-contat_valadon_nataf_2.pdf\">article<\/a>.<\/p>\n<p>The morning continues with a series of <strong>short presentations<\/strong>.<\/p>\n<p><strong>Netusse<\/strong>, by <strong>Cl\u00e9ment Lecigne (Google)<\/strong><br \/>\nThe speaker presented a tool developed in his spare time: a socket fuzzer that works simply and effectively. Simple, because it only initializes sockets with valid operations to put them in a state conducive to fuzzing. Effective, because it finds exploitable bugs: the end of the presentation demonstrates the discovery of a bug in the FreeBSD kernel and its exploitation to achieve local privilege escalation\u2026 which was unpatched at the time of the conference.<br \/>\nThe speaker has published several of his tools on <a title=\"Repository Cl\u00e9ment Lecigne\" href=\"https:\/\/github.com\/clem1\/segvault\">github<\/a>.<\/p>\n<p><strong>Code verification by static typing<\/strong>, by <strong>Etienne Million (EADS Innovation Works)<br \/>\n<\/strong>Description of a static analysis method. The idea is to identify user-controlled pointers accessing kernel memory to detect dangerous constructs.<br \/>\n<a title=\"Penjili website\" href=\"http:\/\/penjili.org\">Website showcasing the tool<\/a> and related projects.<\/p>\n<p><strong>Blocking botnet C&amp;C channels by intercepting DNS queries<\/strong>, by <strong>Ronan Mouchoux (TELECOM Bretagne)<\/strong><br \/>\nThe idea of intercepting DNS queries comes from the observation that antivirus and other usual protections are ineffective in combating the opening of C&amp;C channels on an infected machine when malware uses pseudo-randomly generated domain names.<br \/>\nThe project is still under development; the goal is to implement several algorithms for identifying suspicious domain names and to combine them in order to maximize the detection rate.<\/p>\n<p>The morning ends with a conference in English:\u00a0<strong>Successes (and limitations) of (static) binary analysis<\/strong><br \/>\n<strong>Speaker: Halvar Flake (Zynamics)<\/strong><\/p>\n<p>The speaker begins by summarizing his point: over the past ten years, enormous progress has been made in automated binary analysis and the adoption of this approach has probably helped to correct millions of bugs\u2026 but (there is always a \u00abbut\u00bb) there are a number of seemingly simple pieces of code that can contain bugs that are difficult to understand, correct, and are obviously undetectable by automated analysis tools.<br \/>\nThe presentation shows the example of a very simple function (no multithreading, no heap allocation, etc.), but one that has too many possible execution paths to be properly analyzed. In a different vein, web browsers are mentioned. They already represent hundreds of thousands of lines of very complex C++ code to analyze\u2026 and incorporate a JavaScript interpreter, which allows control over the code&#039;s execution path within the browser. This section concludes with a word on manually analyzing binaries: identifying relevant code snippets during an analysis is not always straightforward; delving into a binary is a non-trivial and highly time-consuming task.<br \/>\nUltimately, the best method remains \u2013 unsurprisingly \u2013 manual analysis aided by tools. It&#039;s also clear that in 2012, we should be able to produce clean, easily analyzeable code. But we&#039;re not. I&#039;ll leave it to Nicolas Ruff. <a title=\"Software development is a failure. \u00a9 newsoft\" href=\"http:\/\/twitter.com\/newsoft\/status\/211051142006849536\">to summarize the situation in his own way<\/a>.<\/p>\n<p><strong>Miasm: Reverse engineering framework<\/strong><br \/>\n<strong>Speaker: Fabrice Desclaux (CEA)<\/strong><\/p>\n<p>The afternoon started off strong, with forty slides presented in under thirty minutes and an average speaking rate of around six words per second. This conference was an experience that no report can truly capture. But we can still say what it was about.<br \/>\nMiasm&#039;s goal is to provide an abstraction layer alongside the assembler and offer a generic intermediate language. On the one hand, this avoids having to relearn a multitude of specific features when moving from one architecture to another. On the other hand, it allows algorithms (for example, vulnerability scanning) to be applied directly to this intermediate language.<br \/>\nThe framework integrates several features that can further facilitate analysis processes: application of simplification rules to eliminate the first layers of obfuscation, reconstruction of the execution flow, search for code that validates constraints to find sections suitable for ROP, etc.<\/p>\n<p>THE <a title=\"Slides Miasm\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/miasm_framework_de_reverse_engineering\/SSTIC2012-Slides-miasm_framework_de_reverse_engineering-desclaux_1.pdf\">slides<\/a> ; L&#039;\u2019<a title=\"Miasm article\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/miasm_framework_de_reverse_engineering\/SSTIC2012-Article-miasm_framework_de_reverse_engineering-desclaux_1.pdf\">article<\/a>. And the\u2019<a title=\"Google Code Miasm Repository\" href=\"http:\/\/code.google.com\/p\/miasm\/\">tool<\/a>\u00a0in question.<\/p>\n<p><strong>Reverse engineering and debugging a Qualcomm baseband<\/strong><br \/>\n<strong>Speaker: Guillaume Delugre (Sogeti ESEC)<\/strong><\/p>\n<p>A little background to begin: basebands are the chips integrated into phones that manage communications (GPRS, among others). They are completely separate from the phone&#039;s &quot;system&quot; processor. This makes for a difficult environment for reverse engineering: the industry is closed, specifications run to millions of pages, microcode is proprietary\u2026 generally speaking, analysis requires knowledge of the environment, while documentation is lacking. However, finding and exploiting vulnerabilities is facilitated by the nature of embedded environments, which do not benefit from standard protection techniques like ASLR.<br \/>\nThe exploitation techniques presented show that it is possible to send diagnostic commands to the baseband, which can generally benefit from arbitrary read\/write access to the entire memory.<br \/>\nUltimately, basebands are used to manage a large number of functionalities while security aspects are neglected. However, newer versions of embedded systems are beginning to integrate some anti-exploitation features (canaries, etc.).<\/p>\n<p>L&#039;\u2019<a title=\"Qualcomm article\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/rtroconception_et_dbogage_dun_baseband_qualcomm\/SSTIC2012-Article-rtroconception_et_dbogage_dun_baseband_qualcomm-delugre_1.pdf\">article<\/a>. And the\u2019<a title=\"Google Code Repository qcombbdbg\" href=\"http:\/\/code.google.com\/p\/qcombbdbg\/\">tool<\/a>.<\/p>\n<p><strong>Protecting and defending military cyberspace: the national approach<\/strong><br \/>\n<strong>Speaker: Arnaud Coustilli\u00e8re (Army General Staff)<\/strong><\/p>\n<p>This tenth edition of SSTIC concludes with a presentation of the doctrine followed by the army in the context of defensive cyber warfare.<br \/>\nState-level security needs can be summarized by two key points: the Ministry of Defense employs 295,000 people, and attacks are increasingly targeting individuals before attacking IT infrastructure, as seen with RSA and the Ministry of Finance. Malicious activity originating from users\u2014whether intentional or not\u2014is becoming the primary focus.<br \/>\nThe application of the doctrine is transversal to theaters of operations (land, sea, air, space) and concerns a multitude of environments: traditional infrastructures, on-board computing, SCADA systems of combat platforms, surveillance networks, etc.<br \/>\nThe operations (surveillance, protection, incident response, etc.) are carried out in collaboration between the Ministry of Defence and the SGDSN.<br \/>\nThe major challenge remains raising user awareness, because everyone is a source of risk but also a player in security.<\/p>\n<p>THE <a title=\"Cyberspace Slides\" href=\"https:\/\/www.sstic.org\/media\/SSTIC2012\/SSTIC-actes\/confinvit8\/SSTIC2012-Slides-confinvit8-coustilliere.pdf\">slides<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Source Address Validation Improvements (SAVI) Speaker: Jean-Michel Combes (Orange) The third and final day [\u2026]<\/p>","protected":false},"author":1,"featured_media":262,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[65],"class_list":["post-228045","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-veille-securite","tag-sstic"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>SSTIC 2012 - Troisi\u00e8me journ\u00e9e - INTRINSEC<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intrinsec.com\/en\/sstic-2012-troisieme-journee\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SSTIC 2012 - Troisi\u00e8me journ\u00e9e\" \/>\n<meta property=\"og:description\" content=\"Source Address Validation Improvements (SAVI) Conf\u00e9rencier : Jean-Michel Combes (Orange) Le troisi\u00e8me et dernier jour [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intrinsec.com\/en\/sstic-2012-troisieme-journee\/\" \/>\n<meta property=\"og:site_name\" content=\"INTRINSEC\" \/>\n<meta property=\"article:published_time\" content=\"2012-06-28T10:05:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/Logo_Isec.DPI_300.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1678\" \/>\n\t<meta property=\"og:image:height\" content=\"344\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Intrinsec\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Intrinsec\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/\"},\"author\":{\"name\":\"Intrinsec\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/person\\\/ade590fbc7ad6f413727bae7cd3fb799\"},\"headline\":\"SSTIC 2012 &#8211; Troisi\u00e8me journ\u00e9e\",\"datePublished\":\"2012-06-28T10:05:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/\"},\"wordCount\":2144,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.intrinsec.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Logo_Isec.DPI_300.png\",\"keywords\":[\"SSTIC\"],\"articleSection\":[\"Veille S\u00e9curit\u00e9\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/\",\"name\":\"SSTIC 2012 - Troisi\u00e8me journ\u00e9e - INTRINSEC\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.intrinsec.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Logo_Isec.DPI_300.png\",\"datePublished\":\"2012-06-28T10:05:40+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/person\\\/ade590fbc7ad6f413727bae7cd3fb799\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Logo_Isec.DPI_300.png\",\"contentUrl\":\"https:\\\/\\\/www.intrinsec.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/Logo_Isec.DPI_300.png\",\"width\":1678,\"height\":344},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/sstic-2012-troisieme-journee\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.intrinsec.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SSTIC 2012 &#8211; Troisi\u00e8me journ\u00e9e\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#website\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/\",\"name\":\"INTRINSEC\",\"description\":\"Notre m\u00e9tier , Prot\u00e9ger le v\u00f4tre\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.intrinsec.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/person\\\/ade590fbc7ad6f413727bae7cd3fb799\",\"name\":\"Intrinsec\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g\",\"caption\":\"Intrinsec\"},\"sameAs\":[\"https:\\\/\\\/www.intrinsec.com\"],\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/en\\\/author\\\/ufhtbqccsz\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SSTIC 2012 - Day Three - INTRINSEC","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intrinsec.com\/en\/sstic-2012-troisieme-journee\/","og_locale":"en_US","og_type":"article","og_title":"SSTIC 2012 - Troisi\u00e8me journ\u00e9e","og_description":"Source Address Validation Improvements (SAVI) Conf\u00e9rencier : Jean-Michel Combes (Orange) Le troisi\u00e8me et dernier jour [&hellip;]","og_url":"https:\/\/www.intrinsec.com\/en\/sstic-2012-troisieme-journee\/","og_site_name":"INTRINSEC","article_published_time":"2012-06-28T10:05:40+00:00","og_image":[{"width":1678,"height":344,"url":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/Logo_Isec.DPI_300.png","type":"image\/png"}],"author":"Intrinsec","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Intrinsec","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#article","isPartOf":{"@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/"},"author":{"name":"Intrinsec","@id":"https:\/\/www.intrinsec.com\/#\/schema\/person\/ade590fbc7ad6f413727bae7cd3fb799"},"headline":"SSTIC 2012 &#8211; Troisi\u00e8me journ\u00e9e","datePublished":"2012-06-28T10:05:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/"},"wordCount":2144,"commentCount":0,"image":{"@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/Logo_Isec.DPI_300.png","keywords":["SSTIC"],"articleSection":["Veille S\u00e9curit\u00e9"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/","url":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/","name":"SSTIC 2012 - Day Three - INTRINSEC","isPartOf":{"@id":"https:\/\/www.intrinsec.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#primaryimage"},"image":{"@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/Logo_Isec.DPI_300.png","datePublished":"2012-06-28T10:05:40+00:00","author":{"@id":"https:\/\/www.intrinsec.com\/#\/schema\/person\/ade590fbc7ad6f413727bae7cd3fb799"},"breadcrumb":{"@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#primaryimage","url":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/Logo_Isec.DPI_300.png","contentUrl":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/Logo_Isec.DPI_300.png","width":1678,"height":344},{"@type":"BreadcrumbList","@id":"https:\/\/www.intrinsec.com\/sstic-2012-troisieme-journee\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.intrinsec.com\/"},{"@type":"ListItem","position":2,"name":"SSTIC 2012 &#8211; Troisi\u00e8me journ\u00e9e"}]},{"@type":"WebSite","@id":"https:\/\/www.intrinsec.com\/#website","url":"https:\/\/www.intrinsec.com\/","name":"INTRINSEC","description":"Our job is to protect yours.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intrinsec.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intrinsec.com\/#\/schema\/person\/ade590fbc7ad6f413727bae7cd3fb799","name":"Intrinsic","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g","caption":"Intrinsec"},"sameAs":["https:\/\/www.intrinsec.com"],"url":"https:\/\/www.intrinsec.com\/en\/author\/ufhtbqccsz\/"}]}},"_links":{"self":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/posts\/228045","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/comments?post=228045"}],"version-history":[{"count":0,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/posts\/228045\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/media\/262"}],"wp:attachment":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/media?parent=228045"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/categories?post=228045"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/tags?post=228045"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}