Network Security. CSC 482/582: Computer Security Slide #1

Similar documents
CIT 380: Securing Computer Systems. Network Security Concepts

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

Computer Networks Security: intro. CS Computer Systems Security

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Network Security. Thierry Sans

AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM

ELEC5616 COMPUTER & NETWORK SECURITY

Managing and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer

CSc 466/566. Computer Security. 18 : Network Security Introduction

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 8

ARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1

CSC 574 Computer and Network Security. TCP/IP Security

ICS 351: Networking Protocols

Network Encryption 3 4/20/17

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

ENEE 457: Computer Systems Security 11/07/16. Lecture 18 Computer Networking Basics

TCP /IP Fundamentals Mr. Cantu

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

CSE 565 Computer Security Fall 2018

R (2) Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing.

Chapter 2 Advanced TCP/IP

Networking interview questions

Lecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

20-CS Cyber Defense Overview Fall, Network Basics

Physical and Link Layer Attacks

Wireless Network Security

Wireless Network Security Spring 2016

ET4254 Communications and Networking 1

network security s642 computer security adam everspaugh

Wireless Network Security Spring 2015

How Insecure is Wireless LAN?

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

NETWORK SECURITY. Ch. 3: Network Attacks

Guide to Networking Essentials, 6 th Edition. Chapter 5: Network Protocols

Internet Protocol and Transmission Control Protocol

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Computer and Network Security

Wireless LAN Security. Gabriel Clothier

Curso: Ethical Hacking and Countermeasures

CSC 4900 Computer Networks: Security Protocols (2)

Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking

Drone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created

SE 4C03 Winter Final Examination Answer Key. Instructor: William M. Farmer

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Network Security. Evil ICMP, Careless TCP & Boring Security Analyses. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018

Network Security. Network Vulnerabilities

Different Layers Lecture 20

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials

Introduction to TCP/IP networking

CS61C Machine Structures Lecture 37 Networks. No Machine is an Island!

Closed book. Closed notes. No electronic device.

Introduction to Network. Topics

TCP/IP Protocol Suite

Chapter 24 Wireless Network Security

CSCI 4250/6250 Fall 2015 Computer and Networks Security

precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level)

TSIN02 - Internetworking

TCP TCP/IP: TCP. TCP segment. TCP segment. TCP encapsulation. TCP encapsulation 1/25/2012. Network Security Lecture 6

ch02 True/False Indicate whether the statement is true or false.

Scribe Notes -- October 31st, 2017

interface Question 1. a) Applications nslookup/dig Web Application DNS SMTP HTTP layer SIP Transport layer OSPF ICMP IP Network layer

Outline. What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Security SSID Selection: Broadcast SSID:

CS Paul Krzyzanowski

Configuring attack detection and prevention 1

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

Wireless Attacks and Countermeasures

ICS 451: Today's plan

When does it work? Packet Sniffers. INFO Lecture 8. Content 24/03/2009

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Hands-On Ethical Hacking and Network Defense

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Applied Networks & Security

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Denial of Service. EJ Jung 11/08/10

Concept Questions Demonstrate your knowledge of these concepts by answering the following questions in the space that is provided.

CYBER ATTACKS EXPLAINED: PACKET SPOOFING

OSI Model with Protocols. Layer Name PDU Address Protocols Device

CSCI 680: Computer & Network Security

2. A collection of interconnected networks is called an internetwork. 3. Each machine is connected to a central hub with a point-to-point connection.

06/02/ Local & Metropolitan Area Networks 0. INTRODUCTION. 1. History and Future of TCP/IP ACOE322

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Introduction to Computer Security

CSCI-GA Operating Systems. Networking. Hubertus Franke

Wireless technology Principles of Security

Computer Security. 11. Network Security. Paul Krzyzanowski. Rutgers University. Spring 2018

Chapter 2. Switch Concepts and Configuration. Part II

MTA_98-366_Vindicator930

Configuring attack detection and prevention 1

User Datagram Protocol

Cisco CCNA (ICND1, ICND2) Bootcamp

Chapter 11: It s a Network. Introduction to Networking

Chapter -4 OSI Reference Model

Endpoint Security - what-if analysis 1

Computer and Network Security

Chapter 7. Local Area Network Communications Protocols

Transcription:

Network Security CSC 482/582: Computer Security Slide #1

Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. ARP 4. Network Sniffing 5. Internet Protocol (IP) 6. IP Spoofing and Other Vulnerabilities 7. ICMP 8. Transmission Control Protocol (TCP) 9. TCP Session Hijacking 10. UDP 11. Wireless Security

Protocols A protocol defines the rules for communication between computers. Two primary types of protocols: Connectionless protocol Sends data out as soon as there is enough data to be transmitted E.g., user datagram protocol (UDP) Connection-oriented protocol Provides a reliable connection stream between two nodes Consists of set up, transmission, and tear down phases Creates virtual circuit-switched network E.g., transmission control protocol (TCP)

Encapsulation A packet typically consists of Control information for addressing the packet: header and footer Data: payload A network protocol N1 can use the services of another network protocol N2 A packet p1 of N1 is encapsulated into a packet p2 of N2 The payload of p2 is p1 The control information of p2 is derived from that of p1 Header Header Payload Footer Footer Payload

Network Layers Network models typically use a stack of layers Higher layers use the services of lower layers via encapsulation A layer can be implemented in hardware or software The bottommost layer must be in hardware A network device may implement several layers A communication channel between two nodes is established for each layer Actual channel at the bottom layer Virtual channel at higher layers

Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi

Intermediate Layers Link layer Local area network: Ethernet, WiFi, optical fiber 48-bit media access control (MAC) addresses Packets called frames Network layer Internet-wide communication Best effort transmission 32-bit internet protocol (IP) addresses in IPv4 128-bit IP addresses in IPv6 Transport layer 16-bit addresses (ports) for classes of applications Connection-oriented transmission layer protocol (TCP) Connectionless user datagram protocol (UDP)

Internet Packet Encapsulation Application Packet Application Layer TCP Header TCP Data Transport Layer IP Header IP Data Network Layer Frame Header Frame Data Frame Footer Link Layer

Data link header IP header TCP or UDP header Application packet Data link footer Internet Packet Encapsulation Data link frame IP packet TCP or UDP packet Application packet

The OSI Model The OSI (Open System Interconnect) Reference Model is a network model consisting of seven layers

Network Interfaces Network interface: device connecting a computer to a network, such as an Ethernet or WiFi card. A computer may have multiple network interfaces. Most local area networks, including Ethernet and WiFi, broadcast frames, so all hosts on the LAN receive them. In regular mode, each network interface sends only packets destined for it to OS for processing. Network sniffing can be accomplished by configuring the network interface to send all frames (promiscuous mode) to OS for processing.

MAC Addresses Layer 2 protocols identify nodes by MAC addresses. A MAC address is a 48-bit number: E.g., 00-1A-92-D4-BF-86 The first three octets of any MAC address are IEEEassigned Organizationally Unique Identifiers E.g., Cisco 00-1A-A1, D-Link 00-1B-11, ASUSTek 00-1A-92 The next three can be assigned by manufacturers as they please, with uniqueness being the only constraint. Note that uniqueness is not always the case in practice. Admins can set MAC addresses to any desired value.

Switch A switch Operates at the link layer. Has multiple ports, each connected to a computer. Operation of a switch Learn the MAC address of each connected device. Forward frames only to the destination device.

Combining Switches Switches can be arranged into a tree. Each port learns the MAC addresses of the machines in the segment (subtree) connected to it. Fragments to unknown MAC addresses are broadcast. Frames to MAC addresses in the same segment as the sender are ignored. 11/19/2014

MAC Address Filtering A switch can be configured to provide service only to machines with specific MAC addresses Users must register devices with network admin. A MAC spoofing attack impersonates another PC Find out MAC address of target machine. Threat sets MAC address of his PC to that of target. Turn off or unplug target machine. Countermeasures to MAC spoofing: Block switch port when machine is turned off. Disable duplicate MAC addresses.

MAC Addresses Viewing the MAC addresses of the interfaces of a machine Linux: ifconfig Windows: ipconfig /all Changing a MAC address in Linux Stop the networking service: /etc/init.d/network stop Change the MAC address: ifconfig eth0 hw ether <MAC-address> Start the networking service: /etc/init.d/network start Changing a MAC address in Windows Open the Network Connections applet Access the properties for the network interface Click Configure In the advanced tab, change the network address to the desired value Changing a MAC address requires administrator privileges

ARP The address resolution protocol (ARP) connects the network layer to the data layer by translating IP addresses to MAC addresses. ARP broadcasts requests and caches responses for future use Protocol begins with a computer broadcasting a message of the form who has <IP address1> tell <IP address2> When the machine with <IP address1> or an ARP server receives this message, its broadcasts the response <IP address1> is <MAC address> Requestor s IP address <IP address2> contained in the link header The Linux and Windows command arp - a displays the ARP table Internet Address Physical Address Type 128.148.31.1 00-00-0c-07-ac-00 dynamic 128.148.31.15 00-0c-76-b2-d7-1d dynamic 128.148.31.71 00-0c-76-b2-d0-d2 dynamic

ARP Caches IP: 192.168.1.1 MAC: 00:11:22:33:44:01 ARP Cache 192.168.1.105 00:11:22:33:44:02 Data 192.168.1.1 is at 00:11:22:33:44:01 192.168.1.105 is at 00:11:22:33:44:02 IP: 192.168.1.105 MAC: 00:11:22:33:44:02 ARP Cache 192.168.1.1 00:11:22:33:44:01

ARP Spoofing ARP table updated when ARP response is received Requests are not tracked ARP announcements are not authenticated, so A rogue machine can spoof other machines Rogue sends ARP redirecting IP to its MAC Network traffic destined for that IP sent to rogue machine by all hosts on subnet including switch. Countering ARP spoofing Use static ARP table. Requires admin to reconfigure each time a new host is added or a host is removed from the subnet.

Poisoned ARP Caches 192.168.1.106 00:11:22:33:44:03 Dat a Dat a 192.168.1.1 00:11:22:33:44:01 192.168.1.105 is at 00:11:22:33:44:03 192.168.1.1 is at 00:11:22:33:44:03 192.168.1.105 00:11:22:33:44:02 Poisoned ARP Cache 192.168.1.105 00:11:22:33:44:03 Poisoned ARP Cache 192.168.1.1 00:11:22:33:44:03

ARP Spoofing CLIENT LAN: 192.168.1.x Regular traffic SERVER switch Alice Using arp poisoning Bob.10.100 MAC: 00:0A:E4:2E:9B:11 MAC: 00:0A:E4:3B:47:7E gratuitous arp reply Bob s IP Cracker s MAC arpspoof 192.168.1.10 192.168.1.100 victim ip gateway ip MAC: 00:22:64:34:60:88 Cracker.1 gratuitous arp reply Alice s IP Cracker s MAC arpspoof 192.168.1.100 192.168.1.10 victim ip gateway ip

Telnet Protocol (RFC 854) Telnet is a protocol that provides unencrypted communication to another machine to issue commands and receive output. Allows remote shell access like ssh. Sends whatever you type. Prints whatever comes back. Telnet client can connect to any TCP port Useful for testing TCP services (ASCII based protocols) like HTTP, SMTP, etc.

Packet Sniffing Packet sniffing is the process of intercepting and observing traffic on a network. If packets are not encrypted, attacker can read confidential data, such as passwords, etc. Wired networks Broadcast traffic is observable by all hosts. Hubs send all packets to all hosts on subnet. Switches send packets only to destination host, but ARP poisoning can let attacker see all packets. Wireless networks Sniffer can see all packets.

menu main toolbar filter toolbar packet list pane packet details pane packet bytes pane status bar

Packet Sniffer Applications Legitimate applications Debug network problems. Monitor network usage. Network intrusion detection. Attacker applications View confidential information. Gather data required for other attacks, especially spoofing attacks.

Defending against Sniffing Encrypt traffic Use application level encryption, e.g. HTTPS instead of HTTP, SSH instead of telnet. Use network level encryption, like WPA2 or IPsec, where possible. Traffic patterns can still be observed. Use wired networks with switches Use static ARP tables to avoid ARP spoofing. Limits attacker to broadcasts and packets directed to attacker controlled machines.

<< link >> Attempting to Sniff Telnet CLIENT LAN: 192.168.1.x << link >> << link >> switch Alice Add a user on server: Bob.10 adduser user.100 In a switched network, packets are sent only to the destination computer One would think that another computer plugged to the switch cannot sniff traffic Cracker.1 and then follow program instructions Ethernet UTP RJ 45 SERVER

Sniffing Telnet Passwords CLIENT LAN: 192.168.1.x Regular traffic SERVER switch Alice Using arp Bob poisoning.10.100 With dsniff, we catch the passwords used to log in to a telnet service: dsniff -n Cracker.1 Acts as a router

Internet Protocol (IP) Connectionless Each packet is transported independently from other packets Unreliable Delivery on a best effort basis No acknowledgments Packets may be lost, reordered, corrupted, or duplicated IP packets Encapsulate TCP and UDP packets Encapsulated into link-layer frames Data link frame IP packet TCP or UDP packet

IP Addresses 32-bit integers that identify machine on net Dotted decimal notation: ii.jj.kk.ll DNS translates names to IP addresses 172. 16. 254. 1 10101100 00010000 11111110 00000001 1 byte 32 bits = 4 bytes IPv6 addresses are 128-bit integers written like 2001:0db8:0000:0000:0000:ff00:0042:8329

Network Address Translation Uses public IP addr to represent private IP. Translates source IP in outgoing packets. Translates dest IP in incoming packets. Router keeps table of translations.

IP Address Geolocation ISPs get blocks of IP addresses from ARIN. ARIN database records where IP addresses are. Application layer and time data may help reveal details. Check http://www.findmyip.org/ for your location.

IP Header

IP Routing A router bridges two or more networks Operates at the network layer. Maintains tables to forward packets to the appropriate network. Forwarding decisions based solely on the destination address. Routing table Maps ranges of IP addresses to LANs or other gateway routers.

IP Routing Same IP address at each hop used to route data packet. New MAC address at each hop

IP Vulnerabilities 1. Unencrypted transmission Eavesdropping possible at any intermediate host during routing. 2. No source authentication Sender can spoof source address, making it difficult to trace packet back to attacker. 3. No integrity checking Entire packet, header and payload, can be modified while en route to destination, enabling content forgeries, redirections, and man-in-the-middle attacks. 4. No bandwidth constraints Large number of packets can be sent to DoS target.

IP Spoofing IP Spoofing is an attempt by an intruder to send packets from one IP address that appear to originate at another. If victim trusts spoofed IP, then attacker trusted. Tracking down attack leads to spoofed IP. Two basic forms of IP Spoofing Blind Spoofing can be used from any source. Non-Blind Spoofing must be on same subnet.

Blind Spoofing Attacker cannot see response packets, but Some attacks, like DoS do not want to receive response packets, and Some responses can be guessed sufficiently accurately to carry on conversation, such as TCP hijacking attacks.

Network Tests with ICMP Internet Control Message Protocol (ICMP) Used for network testing and debugging. Simple messages encapsulated in single IP packets. Considered a network layer protocol. ICMP-based Network Testing Tools ping: sends echo request messages and provides statistics on roundtrip times and packet loss. traceroute: sends series of ICMP packets with increasing TTL value to discover routes.

ICMP DoS Attacks Ping of death ICMP specifies messages must fit a single IP packet (64KB). Send a ping packet that exceeds maximum size using IP fragmentation. Reassembled packet caused several operating systems to crash due to a buffer overflow. Smurf Ping a broadcast address using a spoofed source address. Large number of responses sent to target whose address was spoofed.

Smurf Attack Amplifying Network echo response echo request echo response Attacker echo response Victim

TCP: Transmission Control Protocol Connection-oriented Must establish connection before sending data. 3-way handshake. Reliable byte-stream TCP decides how to divide stream into packets. ACK, timeout, retransmit, reordering. 16-bit source and destination ports. FTP(21), HTTP(80), POP(110), SMTP(25) Slide #43

TCP Reliability 1. Breaks data into best-sized chunks. 2. After sending segment, maintains timer; if no ACK within time limit, resends segment. 3. Sends ACK on receipt of packets. 4. Discards pkts on bad checkum of header and data. 5. Receiver resequences TCP segments, based on sequence numbers, allowing data to be reassembled correctly no matter what order. 6. Receiver discards duplicate segments. 7. Flow control: only sends as much data as receiver can process. Slide #44

TCP Header Slide #45

TCP Connection Establishment Slide #46 TCP 3-Way Handshake

SYN Floods Create many half-open connections to target Send SYN packet Ignore SYN+ACK response (May spoof invalid source IP address for each SYN) Target connection table fills up, resulting in DoS 3 minute timeout for final ACK all new TCP connections refused Defenses Micro-connections (allocate few resources til see ACK) SYN cookies store state in TCP ISN, not on server

TCP Connection Termination

TCP Session Killing RST Need one valid TCP sequence number. Send RST segment with spoofed IP address and valid sequence number. May need to send multiple RST s in case host receives TCP segment with your chosen sequence number before your RST segment. FIN Need valid TCP sequence + ACK numbers. Send FIN+ACK segment with spoofed IP address to terminate session. Receive FIN packet in response, verifying kill if successful.

TCP Session Hijacking A TCP session hijacking attack is when an attacker takes control of an existing TCP session. The attacker must be able to Spoof IP address of one side of connection. Predict TCP sequence numbers. Gives threat access to authenticated sessions. Defenses: Random initial TCP sequence numbers. Use encrypted protocols like SSH, so attacker cannot interact with system due to inability to send properly encrypted traffic.

TCP Session Hijacking Steps 1. Guess TCP sequence numbers used in current session between two hosts. 2. Create desynchronized state so neither side of connection can talk to the other. 3. Send packet with correct SN + ACK with spoofed client IP address to server, containing attack.

ACK Storm Noisy side effect of TCP session hijacking. Both client and server ACK unacceptable packets with expected sequence number. Each ACK is also unacceptable and generates another ACK response. If network drops packet, no response made. ACK storms create network congestion, leading to many dropped packets.

Port Knocking Port knocking is a method of opening ports by making connections to a set of unused ports in a specified sequence. Fairly secure against brute force attacks since there are 65536 k combinations, where k is the number of ports knocked Susceptible to replay attacks. If a port knock is sniffed, then attacker can replay the knock. Used to hide ports from network scans. Can be used by defenders and attackers.

User Datagram Protocol (UDP) Stateless, unreliable layer 4 protocol. Runs on top of IP. Trades reliability for speed. Applications Streaming audio/video. TFTP (builds simple state on top of UDP.) DNS.

UDP Header Slide #55

Welcome to Wireless Radio waves No need to be physically plugged into the network. Unlicensed spectrum in the 2.4 and 5 GHz ranges. Coverage Personal Area Network (PAN). Local Area Network (WLAN). Metropolitan Area Network (MAN). Security concerns Radio signals leaking outside buildings (sniffing). Detection of unauthorized devices. Intercepting wireless communications. Man-in-the-middle attacks. Verification of users. Restricting access. 11/19/2014 Wireless Networks 56

IEEE 802.11 Family of IEEE networking standards for creating wireless local area networks. Standar d Year Frequency Data Rate Per Stream 802.11a 1999 5 GHz 54 Mbps 1 802.11b 1999 2.4 GHz 11 Mbps 1 802.11g 2003 2.4 GHz 54 Mbps 1 802.11n 2009 2.4 and 5 GHz 150 Mbps 4 802.11ac 2014 5 GHz 867 Mbps 8 802.11ad 2012 2.4, 5, and 60 GHz 6912 Mbps Allowable Streams

802.11 in the OSI Model

Types of Wireless Networks Infrastructure Client machines establish a radio connection to a wireless access point (WAP). Access points connected to a wired network, which provides a gateway to the Internet. Most common type of wireless network. Peer-to-peer Client Peer Client Access Point Wired LAN Peer Client Multiple peer machines connect to each other. Typically used in ad-hoc networks and Internet connection sharing. Peer Peer 11/19/2014 Wireless Networks 59

SSID Multiple wireless networks can coexist Each network is identified by a 32-character service set ID (SSID). Typical default SSID of access point is manufacturer s name. SSIDs often broadcasted via beacon frames to enable discovery of the network by prospective clients. SSIDs are not signed, thus enabling a simple spoofing attack Place a rogue access point in a public location (e.g., cafe, airport) Use the SSID of an ISP Set up a login page similar to the one of the ISP Wait for clients to connect to rogue access point and authenticate Possibly forward session to ISP network SSIDs with crafted Unicode can crash iphones/ipads. 11/19/2014 Wireless Networks 60

Eavesdropping and Spoofing All wireless network traffic can be eavesdropped. MAC-based authentication typically used to identify approved machines in corporate network. MAC spoofing attacks possible, as in wired networks. Sessions kept active after brief disconnects. If ISP client does not explicitly end a session, MAC spoofing allows to take over that session. Wireless Networks 61

Captive Portal Protocol DHCP provides IP address Name server maps everything to authentication server Firewall blocks all other traffic Any URL is redirected to authentication page After authentication, regular network services reinstated Client identified by MAC address Used by wireless ISPs Security issues A MAC spoofing and session stealing attack may be performed if client does not actively disconnect A tunneling attack can bypass captive portal if DNS traffic beyond firewall is not blocked before authentication 11/19/2014 Wireless Networks 62

Wireless Discovery

Wardriving Driving around looking for WLANs. Derived from earlier term wardialing. Also: warflying.

Wardriving Tools Vistumbler or other wifi scanner. Antenna for db gain. Wireless card with plug and monitor mode. GPS (optional). 11/19/2014 Wireless Networks 65

Wired Equivalent Privacy (WEP) Goals Confidentiality: eavesdropping is prevented. Data integrity: packets cannot be tampered with. Access control: only properly encrypted packets are routed. Design constraints Inexpensive hardware implementation with 90s technology. Early U.S. export regulations caused WEP to deploy with 40-bit keys. Later versions used 104-bit keys. Implementation and limitations Encrypts the body of each frame at the data-link level. Can be broken and decrypted in minutes. 11/19/2014 Wireless Networks 66

WEP Protocol Setup Access point and client share 40-bit key K. The key never changes during a WEP session Encryption. Compute CRC-32 checksum of message M (payload of frame) Pick 24-bit initialization vector V Using the RC4 stream cipher, generate key stream S(K,V) Create ciphertext C = (M crc(m)) S(K,V) Client authentication Access point sends unencrypted random challenge to client. Client responds with encrypted challenge. Transmission Send V C. Message Key Stream CRC 67

Initialization vector (IV) One for each packet, a 24-bit value Sent in the cleartext part of the message! Small space of initialization vectors guarantees reuse of the same key stream IV Collision: Attack the XOR of the two plaintext messages IV is often very predictable and introduces a lot of redundancy 11/19/2014 Wireless Networks 68

WEP Key Recovery Attacks FiOS calculator attacks insecure SSID to key algorithm on Verizon FiOS routers. Neesus attacks insecure passphrase to key algorithm, reducing key from 40 to 21-bits, then brute forces. Dictionary attacks brute force other passphrase to key algorithms.

FMS WEP Cracking To crack a 64-bit WEP key you can capture: 50,000 to 200,000 packets containing Initialization Vectors (IVs) Only about ¼ of the packets contain IVs So you need 200,000 to 800,000 packets It can take a long time (typically several hours or even days) to capture that many packets 11/19/2014 Wireless Networks 70

Aircrack-ng 50% change to recover 104 bit WEP key with 40,000 captured packets. 80% chance with 60,000; 95% chance with 85,000. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition.

Wi-Fi Protected Access (WPA) WEP became widely known as insecure In 2005, FBI publically cracked a WEP key in only 3 minutes! Wi-Fi Protected Access (WPA) proposed in 2003 Subset of 802.11i that could be deployed quickly. Improves on WEP in several ways: Larger secret key (128 bits) and initialization data (48 bits) Supports various types of authentication besides a shared secret, such as username/password Dynamically changes keys as session continues Cryptographic method to check integrity Frame counter to prevent replay attacks 11/19/2014 Wireless Networks 72

802.11i IEEE standard approved to replace WEP in 2004. Wi-Fi Alliance branded 802.11i as WPA2. Security Features Four-way handshake for AP authentication, key xchg. AES encryption instead of RC4 used by WEP and WPA. Converts AES-128 into stream cipher by using it in Counter Mode with Cipher Block Chaining (CCMP). Generates Pairwise Transient Key (PTK) for encryption with each client/ap pair. Almost all wireless hardware supports 802.11i. 11/19/2014 Wireless Networks 73

4-way Handshake 1. AP sends a nonce to client station (STA). 2. Client constructs PTK (Pairwise Transient Key) and sends its nonce and a hash (MIC) to AP. 3. AP constructs PTK, sends GTK (Group Temporal Key), used to decrypt multicast and broadcast traffic, and hash. 4. Client acknowledges receipt.

Alternatives and Add-Ons WEP, WPA, and WPA2 all protect your traffic only up to the access point. No security provided beyond access point. Other methods can encrypt end-to-end: SSL, SSH, VPN, PGP, etc. End-to-end encryption is often simpler than setting up network-level encryption. Most of these solutions require per-application configuration. 11/19/2014 Wireless Networks 75

Wi-Fi Protected Setup (WPS) Protocol to make 802.11i setup easy. Enter PIN from sticker or AP display. Push button on each device. WPS protocol has design flaws. Brute force PIN in 10 8 tries (4 hours). Design flaws in protocol provide feedback on PIN guesses, reducing tries to 2 10 4.

Key Points: Layer 2 1. Layer 2 concepts Hosts identified by 48-bit MAC addresses. OS can spoof MACs by setting to any value. Switches manage layer 2 traffic. 2. ARP translates IPs to MACs so packets can be delivered on hosts on local subnet. There is no authentication. ARP spoofing can be used to receive frames destined for other hosts. 3. Network sniffing View confidential network traffic of other hosts. ARP spoofing can let attacker sniff even if switches used.

Key Points: Layers 3-4 1. IP addresses seen by recipient unlike MAC NAT hides many IP addresses behind one. 2. IP spoofing Blind: do not see responses. Non-blind: use sniffer to see responses. 3. Technical DoS: ping of death, smurf, SYN flood 4. TCP session hijacking seizes authenticated session Guess TCP sequence numbers based on ISN. Desynchronize existing TCP session. Threat resynchronizes with server, seizing control. 5. Cannot hijack encrypted sessions like ssh.

Key Points: Wireless 1. Wireless networks can be discovered by 1. Passive scanning (Kismet). 2. Active scanning if no beacons broadcast. 2. Wireless networks can be sniffed. 1. By anyone in range. 2. Range can be miles with good antennas. 3. WEP security is broken 1. Threat can recover key in seconds. 4. 802.11i (WPA2) security is good 1. But WPS protocol can allow breaking if used.

References 1. Carna Botnet, Internet Census 2012, http://internetcensus2012.bitbucket.org/paper.html, 2012. 2. Johnny Cache, Hacking Exposed: Wireless, 2 nd edition, Mc-Graw Hill, 2010. 3. Matthew Gast, 802.11 Wireless Networks: The Definitive Guide, 2 nd edition, 2005. 4. Goodrich and Tammasia, Introduction to Computer Security, Pearson, 2011. 5. Richard Stevens, TCP/IP Illustrated, Vol. 1, Addison- Wesley, 1994. 6. Vladimirov et. Al., Wi-Foo: The Secrets of Wireless Hacking, Addison-Wesley, 2004.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback