CSC 6575: Internet Security Fall 2017

Similar documents
CSC 6575: Internet Security Fall Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers

CSC 6575: Internet Security Fall 2017

Transport Layer. Gursharan Singh Tatla. Upendra Sharma. 1

Transport Layer. The transport layer is responsible for the delivery of a message from one process to another. RSManiaol

TSIN02 - Internetworking

TRANSMISSION CONTROL PROTOCOL. ETI 2506 TELECOMMUNICATION SYSTEMS Monday, 7 November 2016

Hands-On Ethical Hacking and Network Defense

OSI Transport Layer. objectives

TSIN02 - Internetworking

TCP/IP Transport Layer Protocols, TCP and UDP

Transport Layer Review

TCP /IP Fundamentals Mr. Cantu

TSIN02 - Internetworking

Transport Layer. <protocol, local-addr,local-port,foreign-addr,foreign-port> ϒ Client uses ephemeral ports /10 Joseph Cordina 2005

Chapter 7 Transport Layer. 7.0 Introduction 7.1 Transport Layer Protocols 7.2 TCP and UDP 7.3 Summary

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

UDP, TCP, IP multicast

TSIN02 - Internetworking

CCNA 1 v3.11 Module 11 TCP/IP Transport and Application Layers

Unit 2.

CCNA R&S: Introduction to Networks. Chapter 7: The Transport Layer

CCNA Exploration Network Fundamentals. Chapter 04 OSI Transport Layer

UDP and TCP. Introduction. So far we have studied some data link layer protocols such as PPP which are responsible for getting data

Transport Layer TCP & UDP Week 7. Module : Computer Networks Lecturers : Lucy White Office : 324

Chapter 23 Process-to-Process Delivery: UDP, TCP, and SCTP 23.1

EITF25 Internet Techniques and Applications L7: Internet. Stefan Höst

CSE 461 Connections. David Wetherall

ARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1

NT1210 Introduction to Networking. Unit 10

Internet and Intranet Protocols and Applications

Announcements. No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6

No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6

TCP/IP. Chapter 5: Transport Layer TCP/IP Protocols

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

ch02 True/False Indicate whether the statement is true or false.

Connectionless and Connection-Oriented Protocols OSI Layer 4 Common feature: Multiplexing Using. The Transmission Control Protocol (TCP)

Lecture 20 Overview. Last Lecture. This Lecture. Next Lecture. Transport Control Protocol (1) Transport Control Protocol (2) Source: chapters 23, 24

Lecture 3: The Transport Layer: UDP and TCP

Guide To TCP/IP, Second Edition UDP Header Source Port Number (16 bits) IP HEADER Protocol Field = 17 Destination Port Number (16 bit) 15 16

Lecture (11) OSI layer 4 protocols TCP/UDP protocols

CS 716: Introduction to communication networks th class; 7 th Oct Instructor: Sridhar Iyer IIT Bombay

Lesson 5 TCP/IP suite, TCP and UDP Protocols. Chapter-4 L05: "Internet of Things ", Raj Kamal, Publs.: McGraw-Hill Education

Outline. Connecting to the access network: DHCP and mobile IP, LTE. Transport layer: UDP and TCP

TCP/IP Protocol Suite 1

Introduction to TCP/IP networking

Different Layers Lecture 20

Chapter 5 End-to-End Protocols

Interconnecting Networks with TCP/IP

Networking Technologies and Applications

CMPE 80N: Introduction to Networking and the Internet

Lenuta Alboaie Computer Networks

Application. Transport. Network. Link. Physical

EE 610 Part 2: Encapsulation and network utilities

Transport Protocols. Raj Jain. Washington University in St. Louis

Chapter 2 Network Models 2.1

Linux Networking: tcp. TCP context and interfaces

Review of Important Networking Concepts

Introduction to Networking. Operating Systems In Depth XXVII 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.

OSI Transport Layer. Network Fundamentals Chapter 4. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

Configure Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) Service Settings on a Switch

Announcements Computer Networking. Outline. Transport Protocols. Transport introduction. Error recovery & flow control. Mid-semester grades

CSC 6575: Internet Security Fall 2017

Lab 1: Packet Sniffing and Wireshark

CCNA 1 Chapter 7 v5.0 Exam Answers 2013

Need For Protocol Architecture

Introduction to Network. Topics

Chapter 6. What happens at the Transport Layer? Services provided Transport protocols UDP TCP Flow control Congestion control

CSC 4900 Computer Networks: TCP

Transport Layer (TCP/UDP)

Operating Systems and. Computer Networks. Introduction to Computer Networks. Operating Systems and

CSE 461 The Transport Layer

Network Technology 1 5th - Transport Protocol. Mario Lombardo -

Different Layers Lecture 21

Connections. Topics. Focus. Presentation Session. Application. Data Link. Transport. Physical. Network

CSC 4900 Computer Networks: Transport Layer

ECE4110 Internetwork Programming. Introduction and Overview

UNIT IV -- TRANSPORT LAYER

4.0.1 CHAPTER INTRODUCTION

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

NWEN 243. Networked Applications. Layer 4 TCP and UDP

User Datagram Protocol (UDP):

ECE 650 Systems Programming & Engineering. Spring 2018

IS370 Data Communications and Computer Networks. Chapter 5 : Transport Layer

Lab - Using Wireshark to Examine TCP and UDP Captures

Network and Security: Introduction

Part VI. Appendixes. Appendix A OSI Model and Internet Protocols Appendix B About the CD

CYBER SECURITY AND MITIGATING RISKS

CONTENTS IN DETAIL ACKNOWLEDGMENTS INTRODUCTION 1 PACKET ANALYSIS AND NETWORK BASICS 1 2 TAPPING INTO THE WIRE 17 3 INTRODUCTION TO WIRESHARK 35

THE TRANSPORT LAYER UNIT IV

Network Model. Why a Layered Model? All People Seem To Need Data Processing

Transport Over IP. CSCI 690 Michael Hutt New York Institute of Technology

TCP/IP-2. Transmission control protocol:

Business Data Networks and Security 10th Edition by Panko Test Bank

APPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE

5105: BHARATHIDASAN ENGINEERING COLLEGE NATTARMPALLI UNIT I FUNDAMENTALS AND LINK LAYER PART A

Need For Protocol Architecture

ETSF10 Internet Protocols Transport Layer Protocols

CSCI-GA Operating Systems. Networking. Hubertus Franke

CYBER ATTACKS EXPLAINED: PACKET SPOOFING

Transcription:

CSC 6575: Internet Security Fall 2017 Attacks on Different OSI Layer Protocols Hackers and System Security Transport Layer Protocols Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee Tech University

Agenda Assignment 1 Different Attacker Types Secure Systems - CIAA Transport Layer Protocols TCP UDP M. Ashiq Rahman, Tennessee Tech University 2

Assignment 1 Wireshark is a free and open source packet analyzer. Used for network troubleshooting, analysis, software and communications protocol development, and education. In Assignment 1, you will use Wireshark and analyze different protocol packets. Protocols we will cover: TCP/IP, ARP, DNS, HTTP Choose a non-trivial web portal for the assignment! www.csc.tntech.edu/~marahman Explain your answers and the processes (e.g., filtering and exporting data) of getting them. Submission Deadline: September 15, 2017 (Friday) Late submission is acceptable. 25% of the original marks will be deducted for each day. M. Ashiq Rahman, Tennessee Tech University 3

Different Types of Attackers Hacking: Intentional access without authorization or in excess of authorization for many reasons Elite Hackers A social status among hackers: most skilled Usually, avoid deliberately destroying information or damaging the computer systems they have exploited. Ethical Hackers Hackers who attack at the invitation of target firms for vulnerability detection or they have a code of ethics about what not to do. CREST, Mile2, SANS Institute, EC-Council, and many more White-hat hackers M. Ashiq Rahman, Tennessee Tech University 4

Different Types of Attackers (2) Script Kiddies Use pre-written attack scripts (large number) Virus Writers and Releasers Cyber Mafia: profession, organized, business Nation state Hacktivist Utilizes technology to publicize a social, ideological, religious, or political message. Anonymous M. Ashiq Rahman, Tennessee Tech University 5

Secure Systems CIAA Confidentiality Attackers cannot read messages if they intercept them Integrity If attackers change messages, this will be detected Authentication Access control Digital right management Availability System can serve legitimate users all the time What is privacy? M. Ashiq Rahman, Tennessee Tech University 6

TCP TCP is THE transport layer protocol! TCP is A transport protocol Transmission Control Protocol UDP (User Datagram Protocol) Ports Abstract destination point 16 bit positive integer for UDP and TCP Reserved/well-known ports: 1-1023 HTTP? DNS? SSH? SMTP? Registered ports: 1024-49151 Assigned by IANA for specific service upon application by a requesting entity On most systems, registered ports can be used by ordinary users. Dynamic or private ports: 49151-65535 Cannot be registered with IANA Used for private, or customized services or temporary purposes M. Ashiq Rahman, Tennessee Tech University 7

Common Ports M. Ashiq Rahman, Tennessee Tech University 8

TCP Characteristics Connection-oriented (establish, terminate, notify) Reliable (ordered, no lose, and no duplicates) Provide flow control and congestion control Byte stream Full-duplex Used by most of the applications M. Ashiq Rahman, Tennessee Tech University 9

TCP Header TCP Header 4 bits - 9 bits for flags - First 3 bits for congestion control M. Ashiq Rahman, Tennessee Tech University 10

UDP Characteristics Connection less transport layer protocol Simple format with command/response procedure Does not provide ordered delivery, flow or congestion control Message oriented protocol Message-oriented vs. stream-oriented Full-duplex UDP can be considered as fully duplex, but by itself, it is not. UDP is a fire-and-forget, best-effort protocol. The upper layers can use it in a fully duplex fashion. Used by applications like DNS, SNMP UDP Header M. Ashiq Rahman, Tennessee Tech University 11

Connection: IP Address and Port Sockets: the IP address plus a port A connection establishes between two sockets M. Ashiq Rahman, Tennessee Tech University 12

TCP Key Concepts Sequence number (SYN) Designates each packet uniquely for ordered delivery Initial sequence number is randomly generated and thereafter incremented Increment follows special procedure Possible to predict Handshake Connection setup Connection release TCP states TCP timers M. Ashiq Rahman, Tennessee Tech University 13

TCP Handshake M. Ashiq Rahman, Tennessee Tech University 14

TCP Handshake Snapshot Supposed to be 0 Increased by the packet size (725 bytes) Client s Seq # and Ack # Server s Seq # and Ack # http://packetlife.net/blog/2010/jun/7/understanding-tcp-sequence-acknowledgment-numbers/ M. Ashiq Rahman, Tennessee Tech University 15

TCP Connection: Start to End M. Ashiq Rahman, Tennessee Tech University 16

TCP State Diagram Source: Wikipedia M. Ashiq Rahman, Tennessee Tech University 17

TCP Checksum Considered as 0 during computation http://www.tcpipguide.com/free/t_tcpchecksumcalculationandt hetcppseudoheader-2.htm Provides error detection Packet dropped if invalid checksum Crafted/rogue packets can have valid checksums M. Ashiq Rahman, Tennessee Tech University 18

THANKS Acknowledgement: - Many figures are taken from different online sources. - Explicit sources are specified in the next page. - Special thanks to Ehab Al-Shaer (UNC Charlotte) and Ambareen Siraj (Tennessee Tech) M. Ashiq Rahman, Tennessee Tech University 19

Sources Introduction to network Security, Jacobson, CRC Press, 2008 [DJ] Security Assessment of the Transmission Control Protocol (TCP) : UK CPNI (Centre for the Protection of National Infrastructure) [CPNI] http://www.gont.com.ar/papers/tn-03-09-security-assessment-tcp.pdf TCP/IP Security : Chris Chambers, Justin Dolske, And Jayaraman Iyer [CDI] http://www.linuxsecurity.com/resource_files/documentation/tcpip-security.html Introduction to TCP/IP Network Attacks, Guang Yang http://seclab.cs.sunysb.edu/sekar/papers/netattacks.pdf http://www.cyberdna.uncc.edu/~ehab/courses/itis6167/ Computer Security: Art and Science, Matt Bishop, Addison Wesley, 2003 [Bishop] http://intronetworks.cs.luc.edu/1/html/tcp.html http://packetlife.net/blog/2010/jun/7/understanding-tcp-sequence-acknowledgment-numbers/ http://www.tcpipguide.com/free/t_tcpchecksumcalculationandthetcppseudoheader-2.htm M. Ashiq Rahman, Tennessee Tech University 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback