Network Security Issues, Part 1
|
|
- Paul Bishop
- 6 years ago
- Views:
Transcription
1 Network Security Issues, Part 1 EE Networking Prof. Vern Paxson November 18, 2013
2 Game Plan Two network security lectures Today: threats at different Internet layers Next Monday: building secure channels (TLS) Providing end-to-end security Huge landscape So we will leave a lot undiscussed (feel free to ask!) and omit numerous details Former CS161 students: You will be bored :-(. Feel free to check out. But: pls don't answer questions posed for the class
3 What We Won't Be Talking About Layer 7 / Applications presents enormous range of diverse threats Browser drive-by exploits, server vulnerabilities (buffer overflow, SQL injection, XSS, CSRF), spam, phishing, account theft, user tracking Internet also enables robust, diverse markets that fuel cybercrime Trade in credit cards, malware installs, stolen accounts, exploit toolkits, spam lists, money mules for cash-out, bulletproof hosting, CAPTCHA-solving And in general, rapid sharing of knowledge (vulnerablities, automated attacks)
4 General Communication Security Goals: CIA! Confidentiality: No one can read our data / communication unless we want them to Integrity No one can manipulate our data / processing / communication unless we want them to Availability We can access our data / conduct our processing / use our communication capabilities when we want to Also: no additional traffic other than ours 4
5 Layers 1 & 2: General Threats?! 7 4 Application Transport Framing and transmission of a collection of bits into individual messages sent across a single subnetwork (one physical technology) 3 (Inter)Network 2 1 Link Physical Encoding bits to send them over a single physical link e.g. patterns of voltage levels / photon intensities / RF modulation 5
6 Physical/Link-Layer Threats: Eavesdropping! Also termed sniffing For subnets using broadcast technologies (e.g., WiFi, older Ethernet), get it for free Each attached system's NIC can capture any communication on the subnet Some handy tools for doing so: o tcpdump / windump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols) 6
7 Physical/Link-Layer Threats: Eavesdropping! Also termed sniffing For subnets using broadcast technologies (e.g., WiFi, older Ethernet), get it for free Each attached system's NIC can capture any communication on the subnet Some handy tools for doing so: o tcpdump / windump (low-level ASCII printout) o Wireshark (GUI for displaying 800+ protocols) For any technology, routers (and switches) can look at / export traffic they forward You can also tap a link Insert a device to mirror physical signal Or: just steal it! 7
8 Stealing Photons! 8
9 Physical/Link-Layer Threats: Disruption! General term for disruption: denial-of-service (DoS) Given physical access to a subnetwork, attacker can: Overwhelm its signaling o E.g., jam WiFi's RF Send messages violating Layer-2 protocol's rules o E.g., send messages > maximum allowed size, disrupt timing synchronization, ignore fairness rules Routers & switches can simply drop traffic There's also the heavy-handed approach 9
10 10
11 Physical/Link-Layer Threats: Spoofing! With physical access to a subnetwork, attacker can create any message on it that they wish When with a bogus source address: spoofing When using a typical computer, may require root/administrator to have full freedom Particularly powerful when combined with eavesdropping Because attacker can understand exact state of victim's communication and craft their spoofed traffic to match it Spoofing w/o eavesdropping = blind spoofing o Attacks that work with blind spoofing are a huge threat because of low physical barrier to launching them 11
12 Spoofing Considerations! On path attackers can see victim's traffic spoofing is easy Off path attackers can't see victim's traffic They have to resort to blind spoofing how? Often must guess/infer header values to succeed o We then care about work factor: how hard is this 12
13 Spoofing Considerations! On path attackers can see victim's traffic spoofing is easy Off path attackers can't see victim's traffic They have to resort to blind spoofing how? Often must guess/infer header values to succeed o We then care about work factor: how hard is this But sometimes they can just brute force o E.g., 16-bit value: just try all 65,536 possibilities! 13
14 Spoofing Considerations! On path attackers can see victim's traffic spoofing is easy Off path attackers can't see victim's traffic They have to resort to blind spoofing how? Often must guess/infer header values to succeed o We then care about work factor: how hard is this But sometimes they can just brute force o E.g., 16-bit value: just try all 65,536 possibilities! When we say an attacker can spoof, we usually mean w/ reasonable chance of success 14
15 Dynamic Host Configuration Protocol! DHCP discover! (broadcast)! new client! DHCP offer! DHCP request! (broadcast)! DHCP server! offer message includes IP address, DNS server, gateway router, and how long client can have these ( lease time) DHCP ACK! 15
16 Dynamic Host Configuration Protocol! DHCP discover! (broadcast)! new client! Threats? DHCP offer! DHCP request! (broadcast)! DHCP ACK! DHCP server! offer message includes IP address, DNS server, gateway router, and how long client can have these ( lease time) 16
17 Dynamic Host Configuration Protocol! DHCP discover! (broadcast)! new client! Attacker on same subnet can hear new host's DHCP request DHCP offer! DHCP request! (broadcast)! DHCP ACK! DHCP server! offer message includes IP address, DNS server, gateway router, and how long client can have these ( lease time) 17
18 Dynamic Host Configuration Protocol! DHCP discover! (broadcast)! new client! DHCP offer! DHCP request! (broadcast)! DHCP server! offer message includes IP address, DNS server, gateway router, and how long client can have these ( lease time) DHCP ACK! Attacker can race the actual server; if they win, replace DNS server and/or gateway router 18
19 DHCP Threats! Substitute a fake DNS server Redirect any of a host's lookups to a machine of attacker's choice Substitute a fake gateway Intercept all of a host's off-subnet traffic o (even if not preceded by a DNS lookup) Relay contents back and forth between host and remote server o Modify however attacker chooses An invisible Man In The Middle (MITM) Victim host has no way of knowing it's happening How can we fix this? Hard - (Can't necessarily alarm on peculiarity of receiving multiple DHCP replies, since that can happen benignly) 19
20 Layer 3: General Threats?! Application Transport (Inter)Network Link Physical 4-bit Version Bridges multiple subnets to provide end-to-end internet connectivity between nodes 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Identification 16-bit Total Length (Bytes) 3-bit Flags 13-bit Fragment Offset 8-bit Time to Live (TTL) 8-bit Protocol 16-bit Header Checksum 32-bit Source IP Address 32-bit Destination IP Address IP = Internet Protocol Payload 20
21 (Some) Network-Layer Threats! Can set arbitrary source address Receiver has no idea who you are Could be blind, or could be coupled w/ sniffing Note: many attacks require two-way communication o So successful off-path/blind spoofing might not suffice Can set arbitrary destination address Enables scanning - brute force searching for hosts Can send like crazy (DoS flooding) IP has no general mechanism for tracking overuse IP has no general mechanism for tracking consent Very hard to tell where a spoofed flood comes from! If attacker can manipulate routing, can bring traffic to themselves for eavesdropping (viewed as hard)
22 Layer 4: Manipulation of TCP! Application Transport (Inter)Network Link Physical End-to-end communication between processes (TCP, UDP) Source port Sequence number Acknowledgment Destination port HdrLen 0 Flags Advertised window Checksum Urgent pointer Options (variable) Data 22
23 Layer 4: Manipulation of TCP! 7 4 Application Transport These plus IP addresses define a given connection 3 (Inter)Network 2 Link Source port Destination port 1 Physical Sequence number Acknowledgment HdrLen 0 Flags Advertised window Checksum Urgent pointer Options (variable) Data 23
24 Layer 4: Manipulation of TCP! Application Transport (Inter)Network Link Physical Defines where this segment fits within the sender's bytestream Source port Sequence number Acknowledgment Destination port HdrLen 0 Flags Advertised window Checksum Urgent pointer Options (variable) Data 24
25 TCP Conn. Setup & Data Exchange! Client (initiator) IP address , port 3344 Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, SYN, Seq = x Client picks an Initial Sequence Number (ISN) 25
26 TCP Conn. Setup & Data Exchange! Client (initiator) IP address , port 3344 Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, SYN, Seq = x SrcA= , SrcP=80, DstA= , DstP=3344, SYN+ACK, Seq = y, Ack = x+1 Server also picks an ISN (spec says to use local clock) and acknowledges the client s ISN 26
27 TCP Conn. Setup & Data Exchange! Client (initiator) IP address , port 3344 Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, SYN, Seq = x SrcA= , SrcP=80, DstA= , DstP=3344, SYN+ACK, Seq = y, Ack = x+1 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Ack = y+1 Client completes 3-way handshake by ack ing server s ISN 27
28 TCP Conn. Setup & Data Exchange! Client (initiator) IP address , port 3344 Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, SYN, Seq = x SrcA= , SrcP=80, DstA= , DstP=3344, SYN+ACK, Seq = y, Ack = x+1 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Ack = y+1 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Seq=x+1, Ack = y+1, Data= GET /login.html SrcA= , SrcP=80, DstA= , DstP=3344, ACK, Seq = y+1, Ack = x+16, Data= 200 OK <html> 28
29 TCP Abrupt Termination! B X SYN SYN ACK ACK Data ACK RST A time A sends a TCP packet with RESET (RST) flag to B E.g., because app. process on A crashed (Could instead be that B sends a RST to A) Assuming sequence numbers in RST packet fit with what B expects, That's It: B's user-level process receives: ECONNRESET No further communication on connection is possible So: attacker who knows ports & sequence numbers can disrupt any TCP connection 29
30 TCP Threat: RST Injection! Client (initiator) IP address , port Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Seq=x+1, Ack = y+1, Data= GET /login.html Attacker IP address , port N/A SrcA= , SrcP=80, DstA= , DstP=3344, RST, Seq = y+1, Ack = x+16 Client dutifully removes connection 30
31 TCP Threat: RST Injection! Client (initiator) IP address , port Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Seq=x+1, Ack = y+1, Data= GET /login.html Attacker IP address , port N/A SrcA= , SrcP=80, DstA= , DstP=3344, RST, Seq = y+1, Ack = x+16 Client rejects since no active connection X SrcA= , SrcP=80, DstA= , DstP=3344, ACK, Seq = y+1, Ack = x+16, Data= 200 OK <html> 31
32 TCP Threat: Data Injection! B SYN SYN ACK ACK Data ACK Nasty Data Nasty Data2 A time What about inserting data rather than disrupting a connection? Again, all that's required is attacker knows correct ports, seq. numbers Receiver B is none the wiser! Termed TCP connection hijacking (or session hijacking ) A general way to take over an already-established connection! We are toast if an attacker can see our TCP traffic! Because then they immediately know the port & sequence numbers 32
33 TCP Data Injection! Client (initiator) IP address , port Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Seq=x+1, Ack = y+1, Data= GET /login.html Client dutifully processes as server's response Attacker IP address , port N/A SrcA= , SrcP=80, DstA= , DstP=3344, ACK, Seq = y+1, Ack = x+16 Data= 200 OK <poison> 33
34 TCP Data Injection! Client (initiator) IP address , port Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, ACK, Seq=x+1, Ack = y+1, Data= GET /login.html Client ignores since already processed that part of bytestream Attacker IP address , port N/A SrcA= , SrcP=80, DstA= , DstP=3344, ACK, Seq = y+1, Ack = x+16 Data= 200 OK <poison> SrcA= , SrcP=80, DstA= , DstP=3344, ACK, Seq = y+1, Ack = x+16, Data= 200 OK <html> 34
35 TCP Threat: Blind Spoofing! Is it possible for an attacker to inject into a TCP connection even if they can't see our traffic? YES: if somehow they can guess the port and sequence numbers Let's look at related attack where goal of attacker is to create a fake connection, rather than inject into a real one Why? To leverage server's trust of authenticating clients by their IP addresses (since fixed!) 35
36 Spoofing an Entire TCP Connection! Alleged Client (not actual) IP address , port N/A Server IP address , port 80 Blind Attacker SrcA= , SrcP=5566, DstA= , DstP=80, SYN, Seq = z SrcA= , SrcP=80, DstA= , DstP=5566, SYN+ACK, Seq = y, Ack = z+1 Attacker's goal: SrcA= , SrcP=5566, DstA= , DstP=80, ACK, Seq = z+1, ACK = y+1 SrcA= , SrcP=5566, DstA= , DstP=80, ACK, Seq = z+1, ACK = y+1, Data = GET /transfer-money.html 36
37 Spoofing an Entire TCP Connection! Alleged Client (not actual) IP address , port N/A Server IP address , port 80 Blind Attacker SrcA= , SrcP=5566, DstA= , DstP=80, SYN, Seq = z SrcA= , SrcP=80, DstA= , DstP=5566, SYN+ACK, Seq = y, Ack = x+1 Small Note #1: if real client receives this, will be confused send a RST back to server So attacker may need to hurry! 37
38 Spoofing an Entire TCP Connection! Alleged Client (not actual) IP address , port N/A Server IP address , port 80 Blind Attacker SrcA= , SrcP=5566, DstA= , DstP=80, SYN, Seq = z SrcA= , SrcP=80, DstA= , DstP=5566, SYN+ACK, Seq = y, Ack = z+1 Big Note #2: attacker doesn't get to see this packet! 38
39 Spoofing an Entire TCP Connection! Alleged Client (not actual) IP address , port N/A Server IP address , port 80 Blind Attacker SrcA= , SrcP=5566, DstA= , DstP=80, SYN, Seq = z SrcA= , SrcP=80, DstA= , DstP=5566, SYN+ACK, Seq = y, Ack = z+1 SrcA= , SrcP=5566, DstA= , DstP=80, ACK, Seq = z+1, ACK = y+1 So how can the attacker figure out what value of y to use for their ACK? SrcA= , SrcP=5566, DstA= , DstP=80, ACK, Seq = z+1, ACK = y+1, Data = POST /transfer-money.html 39
40 TCP Conn. Setup & Data Exchange! Client (initiator) IP address , port 3344 Server IP address , port 80 SrcA= , SrcP=3344, DstA= , DstP=80, SYN, Seq = x SrcA= , SrcP=80, DstA= , DstP=3344, SYN+ACK, Seq = y, Ack = x+1 Server also picks an ISN (spec says to use local clock) How Do We Fix This? Hmm, any way for the attacker to know this? Use a (Pseudo)- Random ISN Make a non-spoofed connection first, and see what server used for ISN then! 40 40
41 TCP's Rate Management! Unless there's loss, TCP doubles data in flight every round-trip. All TCPs expected to obey ( fairness ). Mechanism: for each arriving ack for new data, increase allowed data by 1 maximum-sized packet Src D 0-99 A D A 200 A 300 D D D D 100 D A A A A Dest Time E.g., suppose maximum-sized packet = 100 bytes 41
42 Protocol Cheating! How can receiver get data to arrive faster than normally allowed? (say to juice their web surfing) ACK-Splitting: each ack, even if partial, increases allowed data by one maximum-sized packet Src D D D 0-99 A 25 A 50 D D D Dest A 75 A 100 Time How do we prevent this? Change rule to require full ack for all data sent in a packet 42
43 Protocol Cheating! How can the destination (receiver) still get data to come to them faster than normally allowed? Optimistic ack'ing: acknowledge data not yet seen! Src D D D 0-99 D D A 100 A 200 D Dest A 300 A 400 Time How do we prevent this? 43
44 Keeping Receivers Honest! Approach #1: if you receive an ack for data you haven't sent, kill the connection Works only if receiver acks too far ahead Approach #2: follow the round trip time (RTT) and if ack arrives too quickly, kill the connection Flaky: RTT can vary a lot, so you might kill innocent connections Approach #3: make the receiver prove they received the data Note: a protocol change Add a nonce ( random marker) & require receiver to include it in ack. Kill connections w/ incorrect nonces o (nonce could be function computed over payload, so sender doesn't explicitly transmit, only implicitly) 44
45 Summary of TCP Security Issues! An attacker who can observe your TCP connection can manipulate it: Forcefully terminate by forging a RST packet Inject (spoof) data into either direction by forging data packets Works because they can include in their spoofed traffic the correct sequence numbers (both directions) and TCP ports Remains a major threat today 45
46 Summary of TCP Security Issues! An attacker who can observe your TCP connection can manipulate it: Forcefully terminate by forging a RST packet Inject (spoof) data into either direction by forging data packets Works because they can include in their spoofed traffic the correct sequence numbers (both directions) and TCP ports Remains a major threat today An attacker who can predict the ISN chosen by a server can blind spoof a connection to the server Makes it appear that host ABC has connected, and has sent data of the attacker's choosing, when in fact it hasn't Undermines any security based on trusting ABC's IP address Allows attacker to frame ABC or otherwise avoid detection Fixed today by choosing random ISNs 46
47 TCP Security Issues, con't! TCP limits the rate at which senders transmit: TCP relies on endpoints behaving properly to achieve fairness Protocol lacks mechanism to prevent cheating Senders can cheat by just not abiding by the limits o Remains a significant vulnerability: essentially nothing today prevents Receivers can manipulate honest senders into sending too fast because senders trust that receivers are honest To a degree, sender can validate (e.g., partial acks) A nonce can force receiver to only act on data they've seen Such rate manipulation remains a vulnerability today General observation: tension between ease/power of protocols that assume everyone follows vs. violating Security problems persist due to difficulties of retrofitting coupled with investment in installed base 47
Network Attacks. CS Computer Security Profs. Vern Paxson & David Wagner
Network Attacks CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationNetwork Attacks. CS Computer Security. Once again thanks to Vern Paxson and David Wagner
Network Attacks CS 334 - Computer Security Once again thanks to Vern Paxson and David Wagner 1 Layers 1 & 2: General Threats? 7 4 3 2 1 Application Transport (Inter)Network Link Physical Framing and transmission
More informationCS 161 Computer Security
Raluca Ada Popa Spring 2018 CS 161 Computer Security Discussion 7 Week of March 5, 2018 Question 1 DHCP (5 min) Professor Raluca gets home after a tiring day writing papers and singing karaoke. She opens
More informationWeaver. Computer Science 161 Fall Network Security 3
Network Security 3 1 Spot the Zero Day: TPLink Miniature Wireless Router 2 Spot the Zero Day: TPLink Miniature Wireless Router 3 DNS Resource Records and RRSETs DNS records (Resource Records) can be one
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationInternet Protocol and Transmission Control Protocol
Internet Protocol and Transmission Control Protocol CMSC 414 November 13, 2017 Internet Protcol Recall: 4-bit version 4-bit hdr len 8-bit type of service 16-bit total length (bytes) 8-bit TTL 16-bit identification
More informationSecuring Internet Communication: TLS, cont d Network security. CS 161: Computer Security Prof. Raluca Ada Popa
Securing Internet Communication: TLS, cont d Network security CS 161: Computer Security Prof. Raluca Ada Popa Feb 27, 2018 Some slides credit David Wagner Announcements Midterm grades released Regrades:
More informationARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1
ARP, IP, TCP, UDP CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1 IP and MAC Addresses Devices on a local area network have IP addresses (network layer) MAC addresses (data
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More informationNetworking Overview. CS Computer Security Profs. Vern Paxson & David Wagner
Networking Overview CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationNetworking Overview. CS 161: Computer Security Prof. Vern Paxson. TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin
Networking Overview CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 5, 2013
More informationLecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015
Lecture 6 Internet Security: How the Internet works and some basic vulnerabilities Thursday 19/11/2015 Agenda Internet Infrastructure: Review Basic Security Problems Security Issues in Routing Internet
More informationCSC 574 Computer and Network Security. TCP/IP Security
CSC 574 Computer and Network Security TCP/IP Security Alexandros Kapravelos kapravelos@ncsu.edu (Derived from slides by Will Enck and Micah Sherr) Network Stack, yet again Application Transport Network
More informationNetwork Security. Evil ICMP, Careless TCP & Boring Security Analyses. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018
Network Security Evil ICMP, Careless TCP & Boring Security Analyses Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018 Part I Internet Control Message Protocol (ICMP) Why ICMP No method
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationInternetwork Expert s CCNA Security Bootcamp. Common Security Threats
Internetwork Expert s CCNA Security Bootcamp Common Security Threats http:// Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet
More informationELEC5616 COMPUTER & NETWORK SECURITY
ELEC5616 COMPUTER & NETWORK SECURITY Lecture 17: Network Protocols I IP The Internet Protocol (IP) is a stateless protocol that is used to send packets from one machine to another using 32- bit addresses
More informationOutline. What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack
Attacks on TCP Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack TCP Protocol Transmission Control Protocol (TCP) is a core protocol
More informationTCP Overview Revisited Computer Networking. Queuing Disciplines. Packet Drop Dimensions. Typical Internet Queuing. FIFO + Drop-tail Problems
TCP Overview Revisited TCP modern loss recovery 15-441 Computer Networking Other Transport Issues, Attacks and Security Threats, Firewalls TCP options TCP interactions TCP modeling Workload changes TCP
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More information20-CS Cyber Defense Overview Fall, Network Basics
20-CS-5155 6055 Cyber Defense Overview Fall, 2017 Network Basics Who Are The Attackers? Hackers: do it for fun or to alert a sysadmin Criminals: do it for monetary gain Malicious insiders: ignores perimeter
More informationCS457 Transport Protocols. CS 457 Fall 2014
CS457 Transport Protocols CS 457 Fall 2014 Topics Principles underlying transport-layer services Demultiplexing Detecting corruption Reliable delivery Flow control Transport-layer protocols User Datagram
More informationECE 435 Network Engineering Lecture 9
ECE 435 Network Engineering Lecture 9 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 2 October 2018 Announcements HW#4 was posted, due Thursday 1 HW#3 Review md5sum/encryption,
More informationECE4110 Internetwork Programming. Introduction and Overview
ECE4110 Internetwork Programming Introduction and Overview 1 EXAMPLE GENERAL NETWORK ALGORITHM Listen to wire Are signals detected Detect a preamble Yes Read Destination Address No data carrying or noise?
More informationSequence Number. Acknowledgment Number. Checksum. Urgent Pointer plus Sequence Number indicates end of some URGENT data in the packet
TCP Urgent Source Port Destination Port Sequence Number Acknowledgment Number HdrLen Reserved UA P RS F Checksum Window Size Urgent Pointer Urgent Pointer plus Sequence Number indicates end of some URGENT
More informationTCP Service Model. Today s Lecture. TCP Support for Reliable Delivery. EE 122:TCP, Connection Setup, Reliability
Today s Lecture How does TCP achieve correct operation? EE 122:TCP, Connection Setup, Reliability Ion Stoica TAs: Junda Liu, DK Moon, David Zats Reliability in the face of IP s best effort service 3-way
More informationComputer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition. Chapter 2 Investigating Network Traffic
Computer Forensics: Investigating Network Intrusions and Cybercrime, 2nd Edition Chapter 2 Investigating Network Traffic Objectives After completing this chapter, you should be able to: Understand network
More informationnetwork security s642 computer security adam everspaugh
network security s642 adam everspaugh ace@cs.wisc.edu computer security today Announcement: HW3 to be released WiFi IP, TCP DoS, DDoS, prevention 802.11 (wifi) STA = station AP = access point BSS = basic
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationCSCI 680: Computer & Network Security
CSCI 680: Computer & Network Security Lecture 15 Prof. Adwait Nadkarni Fall 2017 Derived from slides by William Enck and Micah Sherr 1 Grading Class Participat ion and Quizzes 10% Grade Breakdown Homewo
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Networking Transport Layer Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) TCP/IP Model 2 Transport Layer Problem solved:
More informationCSc 466/566. Computer Security. 18 : Network Security Introduction
1/81 CSc 466/566 Computer Security 18 : Network Security Introduction Version: 2012/05/03 13:57:28 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationAN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM
1 AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM 2 Introduction (1/2) TCP provides a full duplex reliable stream connection between two end points A connection is uniquely defined by the quadruple
More informationNetworking Overview: Everything you need to know, in 50 minutes. CS 161: Computer Security Prof. David Wagner
Networking Overview: Everything you need to know, in 50 minutes CS 161: Computer Security Prof. David Wagner February 26, 2013 Local-Area Networks! A C point-to-point shared How does computer A send a
More informationComputer Security Exam 3 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 2017 Exam 3 Review Paul Krzyzanowski Rutgers University Spring 2017 April 18, 2018 CS 419 2017 Paul Krzyzanowski 1 Exam 3: Grade vs. Completion Time 5 Question 1 A high False Reject Rate
More informationLecture 3: The Transport Layer: UDP and TCP
Lecture 3: The Transport Layer: UDP and TCP Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4395 3-1 The Transport Layer Provides efficient and robust end-to-end
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationEE 122: Transport Protocols. Kevin Lai October 16, 2002
EE 122: Transport Protocols Kevin Lai October 16, 2002 Motivation IP provides a weak, but efficient service model (best-effort) - packets can be delayed, dropped, reordered, duplicated - packets have limited
More informationSingle Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking
1 Review of TCP/IP working Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path Frame Path Chapter 3 Client Host Trunk Link Server Host Panko, Corporate
More informationInternet Infrastructure
Internet Infrastructure Internet Infrastructure Local and inter-domain routing TCP/IP for routing and messaging BGP for routing announcements Domain Name System Find IP address from symbolic name (www.cc.gatech.edu)
More informationSecuring Internet Communication: TLS
Securing Internet Communication: TLS CS 161: Computer Security Prof. David Wagner March 11, 2016 Today s Lecture Applying crypto technology in practice Two simple abstractions cover 80% of the use cases
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationAN INTRODUCTION TO ARP SPOOFING
AN INTRODUCTION TO ARP SPOOFING April, 2001 Sean Whalen Sophie Engle Dominic Romeo GENERAL INFORMATION Introduction to ARP Spoofing (April 2001) Current Revision: 1.8 Available: http://chocobospore.org
More informationCSE 127: Computer Security Network Security. Kirill Levchenko
CSE 127: Computer Security Network Security Kirill Levchenko November 28, 2017 Network Security Original TCP/IP design: Trusted network and hosts Hosts and networks administered by mutually trusted parties
More informationCSC 6575: Internet Security Fall Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers
CSC 6575: Internet Security Fall 2017 Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee
More informationNetwork security. CSE 127 Computer Security. TCP/IP Protocol Stack. Packet Switched Network Architecture. Protocols are structured in layers
CSE 127 Computer Security Spring 2011 Intro to networking and network security Stefan Savage security First need to understand basic networking Architecture IP UDP TCP DNS And vulnerabilities in their
More informationIntroduction to TCP/IP networking
Introduction to TCP/IP networking TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol RTP, traceroute TCP : Transmission Control Protocol HTTP, FTP, ssh What is an internet? A set
More informationTCP /IP Fundamentals Mr. Cantu
TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:
More informationNWEN 243. Networked Applications. Layer 4 TCP and UDP
NWEN 243 Networked Applications Layer 4 TCP and UDP 1 About the second lecturer Aaron Chen Office: AM405 Phone: 463 5114 Email: aaron.chen@ecs.vuw.ac.nz Transport layer and application layer protocols
More informationSequence Number. Acknowledgment Number. Data
CS 455 TCP, Page 1 Transport Layer, Part II Transmission Control Protocol These slides are created by Dr. Yih Huang of George Mason University. Students registered in Dr. Huang's courses at GMU can make
More informationNetworking Technologies and Applications
Networking Technologies and Applications Rolland Vida BME TMIT Transport Protocols UDP User Datagram Protocol TCP Transport Control Protocol and many others UDP One of the core transport protocols Used
More informationICS 451: Today's plan
ICS 451: Today's plan ICMP ping traceroute ARP DHCP summary of IP processing ICMP Internet Control Message Protocol, 2 functions: error reporting (never sent in response to ICMP error packets) network
More informationR (2) Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing.
R (2) N (5) Oral (3) Total (10) Dated Sign Experiment No: 1 Problem Definition: Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing. 1.1 Prerequisite:
More informationReliable Transport I: Concepts and TCP Protocol
Reliable Transport I: Concepts and TCP Protocol Stefano Vissicchio UCL Computer Science COMP0023 Today Transport Concepts Layering context Transport goals Transport mechanisms and design choices TCP Protocol
More informationWorksheet #2 EE122 Fall 2011
Worksheet #2 EE122 Fall 2011 You are not required to do these problems, and we are not asking you to hand them in. However, if you can t do these problems, then you will have trouble on the final. In fact,
More informationSecuring Internet Communication
Securing Internet Communication CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationIntroduction to Internet. Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis
Introduction to Internet Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis What about inter-networks communications? Between LANs? Ethernet?? Ethernet Example Similarities and Differences between
More informationECE 435 Network Engineering Lecture 9
ECE 435 Network Engineering Lecture 9 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 26 September 2017 Announcements HW#4 was posted, due Thursday Hexdump format Midterm next
More informationHP High-End Firewalls
HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2630 Software version: F1000-E/Firewall module: R3166 F5000-A5: R3206 Document version: 6PW101-20120706 Legal and notice information
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationIntroduction to Network. Topics
Introduction to Network Security Chapter 7 Transport Layer Protocols 1 TCP Layer Topics Responsible for reliable end-to-end transfer of application data. TCP vulnerabilities UDP UDP vulnerabilities DNS
More informationHP High-End Firewalls
HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2650 Software version: F1000-A-EI&F1000-S-EI: R3721 F5000: F3210 F1000-E: F3171 Firewall module: F3171 Document version: 6PW101-20120719
More informationCS4700/CS5700 Fundamentals of Computer Networks
CS4700/CS5700 Fundamentals of Computer Networks Lecture 14: TCP Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang Alan Mislove amislove at ccs.neu.edu Northeastern
More informationIntroduction to Networks and the Internet
Introduction to Networks and the Internet CMPE 80N Announcements Project 2. Reference page. Library presentation. Internet History video. Spring 2003 Week 7 1 2 Today Internetworking (cont d). Fragmentation.
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More informationUser Datagram Protocol
Topics Transport Layer TCP s three-way handshake TCP s connection termination sequence TCP s TIME_WAIT state TCP and UDP buffering by the socket layer 2 Introduction UDP is a simple, unreliable datagram
More informationDifferent Layers Lecture 20
Different Layers Lecture 20 10/15/2003 Jian Ren 1 The Network Layer 10/15/2003 Jian Ren 2 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every host,
More informationHands-On Ethical Hacking and Network Defense
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified 1-11-17 Objectives Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the
More informationLab Exercise UDP & TCP
Lab Exercise UDP & TCP Objective UDP (User Datagram Protocol) is an alternative communications protocol to Transmission Control Protocol (TCP) used primarily for establishing low-latency and loss tolerating
More informationWhat is TCP? Transport Layer Protocol
UNIT IV TRANSPORT LAYER Duties of transport layer Multiplexing Demultiplexing Sockets User Datagram Protocol (UDP) Transmission Control Protocol (TCP) Congestion Control Quality of services (QOS) Integrated
More informationIntroduction to Information Science and Technology 2017 Networking II. Sören Schwertfeger 师泽仁
II Sören Schwertfeger 师泽仁 Outline Review Network Layer Routing Transport Layer Applications HTTP Demos Internet: Huge network of networks Billions of hosts (computers) Internet Structure Network Edge:
More informationTCP TCP/IP: TCP. TCP segment. TCP segment. TCP encapsulation. TCP encapsulation 1/25/2012. Network Security Lecture 6
TCP TCP/IP: TCP Network Security Lecture 6 Based on IP Provides connection-oriented, reliable stream delivery service (handles loss, duplication, transmission errors, reordering) Provides port abstraction
More informationGuide To TCP/IP, Second Edition UDP Header Source Port Number (16 bits) IP HEADER Protocol Field = 17 Destination Port Number (16 bit) 15 16
Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols Objectives Understand the key features and functions of the User Datagram Protocol (UDP) Explain the mechanisms that drive segmentation,
More informationLecture 8. Basic Internetworking (IP) Outline. Basic Internetworking (IP) Basic Internetworking (IP) Service Model
Lecture 8 Basic Internetworking (IP) Reminder: Homework 3, Programming Project 2 due on Tuesday. An example internet is shown at right. Routers or gateways are used to connect different physical networks.
More informationMultiple unconnected networks
TCP/IP Life in the Early 1970s Multiple unconnected networks ARPAnet Data-over-cable Packet satellite (Aloha) Packet radio ARPAnet satellite net Differences Across Packet-Switched Networks Addressing Maximum
More informationThe big picture. Security. Some consequences. Three types of threat. LAN Eavesdropping. Network-based access control
The big picture Security Next two lectures about security Today: attack - All kinds of bad things attackers can do over the network Next lecture: defense - Techniques for protecting against these and other
More informationEE 122: IP Forwarding and Transport Protocols
EE 1: IP Forwarding and Transport Protocols Ion Stoica (and Brighten Godfrey) TAs: Lucian Popa, David Zats and Ganesh Ananthanarayanan http://inst.eecs.berkeley.edu/~ee1/ (Materials with thanks to Vern
More informationIntroduction to Computer Security
Introduction to Computer Security Instructor: Mahadevan Gomathisankaran mgomathi@unt.edu CSCE 4550/5550, Fall 2009 Lecture 7 1 Projects Groups Max 3 persons Topics Cryptography Network Security Program
More informationChapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet
Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties
More informationLecture 8. Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1
Lecture 8 Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1 Outline Chapter 3 - Internetworking 3.1 Switching and Bridging 3.2
More informationCCNA 1 Chapter 7 v5.0 Exam Answers 2013
CCNA 1 Chapter 7 v5.0 Exam Answers 2013 1 A PC is downloading a large file from a server. The TCP window is 1000 bytes. The server is sending the file using 100-byte segments. How many segments will the
More informationENEE 457: Computer Systems Security 11/07/16. Lecture 18 Computer Networking Basics
ENEE 457: Computer Systems Security 11/07/16 Lecture 18 Computer Networking Basics Charalampos (Babis) Papamanthou Department of Electrical and Computer Engineering University of Maryland, College Park
More informationNetwork Security (and related topics)
Network Security (and related topics) EE122 Fall 2012 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other colleagues at Princeton
More informationCS 3640: Introduction to Networks and Their Applications
CS 3640: Introduction to Networks and Their Applications Fall 2018, Lecture 13: The Transport Layer I (Credit: Christo Wilson @ NEU) Instructor: Rishab Nithyanand Teaching Assistant: Md. Kowsar Hossain
More informationNext Week. Network Security (and related topics) Project 3 Q/A. Agenda. My definition of network security. Network Security.
Next Week No sections Network Security (and related topics) EE122 Fall 2012 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other
More informationTCP/IP SECURITY GRAD SEC NOV
TCP/IP SECURITY GRAD SEC NOV 14 2017 TODAY S PAPERS WHY DOES THE INTERNET WORK? 1. PROTOCOLS Agreements on how to communicate Publicly standardized, esp. via Requests for Comments (RFCs) RFC 826: ARP RFC
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer
Managing and Securing Computer Networks Guy Leduc Chapter 7: Securing LANs Computer Networking: A Top Down Approach, 7 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2016. (section 8.8) Also
More informationSecurity. - All kinds of bad things attackers can do over the network. - Techniques for protecting against these and other attacks
Security Next two lectures about security Today: attack - All kinds of bad things attackers can do over the network Next lecture: defense - Techniques for protecting against these and other attacks Note:
More informationCS670: Network security
Cristina Nita-Rotaru CS670: Network security ARP, TCP 1: Background on network protocols OSI/ISO Model Application Presentation Session Transport Network Data Link Physical Layer Application Presentation
More informationAttacks on WLAN Alessandro Redondi
Attacks on WLAN Alessandro Redondi Disclaimer Under the Criminal Italian Code, articles 340, 617, 617 bis: Up to 1 year of jail for interrupting public service 6 months to 4 years of jail for installing
More informationTransport Protocols Reading: Sections 2.5, 5.1, and 5.2. Goals for Todayʼs Lecture. Role of Transport Layer
Transport Protocols Reading: Sections 2.5, 5.1, and 5.2 CS 375: Computer Networks Thomas C. Bressoud 1 Goals for Todayʼs Lecture Principles underlying transport-layer services (De)multiplexing Detecting
More informationInformation Network 1 TCP 1/2. Youki Kadobayashi NAIST
Information Network 1 TCP 1/2 Youki Kadobayashi NAIST 1 Transport layer: a birds-eye view Hosts maintain state for each transport-layer endpoint Routers don t maintain per-host state H R R R R H Transport
More informationInternet Security: How the Internet works and some basic vulnerabilities
CS 155 Internet Security: How the Internet works and some basic vulnerabilities Dan Boneh Acknowledgments: Lecture slides are from the Computer Security course taught by Dan Boneh and John Mitchell at
More informationReliable Transport I: Concepts and TCP Protocol
Reliable Transport I: Concepts and TCP Protocol Brad Karp UCL Computer Science CS 3035/GZ01 29 th October 2013 Part I: Transport Concepts Layering context Transport goals Transport mechanisms 2 Context:
More informationCS475 Networks Lecture 8 Chapter 3 Internetworking. Ethernet or Wi-Fi).
Assignments Reading for Lecture 9: Section 3.3 3.2 Basic Internetworking (IP) Bridges and LAN switches from last section have limited ability CS475 Networks Lecture 8 Chapter 3 Internetworking is a logical
More informationCISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks
CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of
More informationAttacks on DNS: Risks of Caching
Attacks on DNS: Risks of Caching CS 161: Computer Security Prof. David Wagner March 30, 2016 Today Midterm 2 grades available Reminder: Start Project 2, Part 2! Today, DNS: protocol for mapping hostnames
More informationTCP/IP Performance ITL
TCP/IP Performance ITL Protocol Overview E-Mail HTTP (WWW) Remote Login File Transfer TCP UDP IP ICMP ARP RARP (Auxiliary Services) Ethernet, X.25, HDLC etc. ATM 4/30/2002 Hans Kruse & Shawn Ostermann,
More informationCongestion / Flow Control in TCP
Congestion and Flow Control in 1 Flow Control and Congestion Control Flow control Sender avoids overflow of receiver buffer Congestion control All senders avoid overflow of intermediate network buffers
More informationNetwork Security. Tadayoshi Kohno
CSE 484 (Winter 2011) Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials...
More information