Presentation is loading. Please wait.

Presentation is loading. Please wait.

BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary.

Published byKallie Thoburn Modified over 9 years ago

Similar presentations

Presentation on theme: "BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary."— Presentation transcript:

1 BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary

2 Project goals Find OSPF vulnerabilities. Investigate new means of disrupting traffic in networks running OSPF. Implement our attacks and measure their effectiveness.

3 Project milestones Detailed Study of RFC 2328 (OSPFv2). Research on known attacks implemented so far. Learning to work with OMNet++ Environment and constructing sample networks using it. Invention of new attacks on OSPF. Implementation of the attacks using OMNet++. Collecting and analyzing the attack’s results.

4 Introduction to OSPF OSPF: Open Shortest Path First (RFC 2328) OSPF is a routing protocol designed to work on Autonomous Systems (AS) Provides shortest path routes to any destination in the AS.

5 How does it work? Routers discover one another using Hello messages. They use LSA messages to exchange routing information between themselves. Using LSA, each OSPF router creates a graph representing the structure of the AS. All the OSPF routers in the network eventually converge to the same graph. From that graph the OSPF router builds a shortest path tree with itself as root using the Dijkstra algorithm.

6 Assumptions Our only assumption is that we have full control over a single OSPF router. From there, we have to cause maximum damage to the AS.  Therefore, overcoming OSPF Authentication Protection is trivial, since the authentication key is known to us.

7 Proposed Attacks Introduction We discovered and implemented three different attacks on the OSFP algorithm. Our attacks exploit the Hello algorithm and a special kind of LSA messages, called Network LSAs. These Network LSAs are being sent by a DR – a Designated Router, which is elected amongst other routers adjacent to a network – according to a pre- set priority of each router.

8 Proposed Attacks Introduction - cont. There are two main types of networks, transit and stub. Transit networks allow the travel of foreign packets through them. Stubs do not. We exploit weaknesses in the Designated router election process in order to eliminate the network LSAs being sent by that network. Once a transit network is deprived of it’s network LSAs, it becomes a stub. All routes that used to pass through it, now can not.

9 Our example AS

10 Attack 1 Can be launched on the compromised router only. The compromised router falsifies its priority to be the highest possible. It is then elected to be the DR for its network. And then stops sending Network LSA. Once no Network LSAs are sent for a specific network, it becomes a stub network; new routes must be set; connectivity may be broken. Pros: Easy implementation. Cons: The compromised router may be easily spotted.

11 Attack 2 Can be launched upon routers adjacent to the attacker. The compromised router A sends Hello messages, impersonating himself as a neighboring router B. Router A also advertises a false high priority for B. Hence, B is elected to become a DR without knowing it. B will not send Network LSAs because it is not aware of itself being a DR. Pros: The actual attacker is hidden! He is also able to choose which router to attack. Cons: Somewhat more difficult to implement.

12 Attack 2 statistics

13 Attack 3 The compromised router can target any network in the AS. The compromised router sends a malicious hello message with high priority to the designated router of some network. That designated router then thinks that the attacking router will now be the new DR. Hence, it stops sending network LSAs and relinquishes DR control. The attacking router doesn’t send them either. The network becomes a stub.

14 Attack 3 statistics

15 Example - Before the attack H3 to H2 cost is 6 H1 to H2 cost is 3 H4 to H2 cost is 7

16 Example - After an attack on N1 H3 to H2 cost was 6 now 8 H 1 to H2 cost was 3 now 9 H4 to H2 cost was 7 now 11

17 Comparing the two attacks

18 Conclusions: Choosing an attack Which attack should we choose.  Attack 2 is always preferable to attack 1.  Attacks 2 and 3 have different effects.  Possible to combine between attacks. Which network should we choose to attack.  Some networks are more vulnerable to attack then others.  Especially networks that create a partition.  Attack 3 can reach more distant networks.

Download ppt "BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary."

Similar presentations

CCNA3: Switching Basics and Intermediate Routing v3.0 CISCO NETWORKING ACADEMY PROGRAM Chapter 2 – Single Area OSPF Single Area OSPF Link State Routing.

CCNA3: Switching Basics and Intermediate Routing v3.0 CISCO NETWORKING ACADEMY PROGRAM Chapter 2 – Single Area OSPF Single Area OSPF Link State Routing.
Introduction to OSPF.

Introduction to OSPF.
Lonnie Decker Multiarea OSPF for CCNA Department Chair, Networking/Information Assurance Davenport University, Michigan August 2013 Elaine Horn Cisco Academy.

Lonnie Decker Multiarea OSPF for CCNA Department Chair, Networking/Information Assurance Davenport University, Michigan August 2013 Elaine Horn Cisco Academy.
PROJECT IN COMPUTER SECURITY - 236349 IS-IS ROUTING ATTACKS Supervisor Gabi Nakibly, Ph.D. Students Bar Weiner, Asaf Mor Spring 2012.

PROJECT IN COMPUTER SECURITY IS-IS ROUTING ATTACKS Supervisor Gabi Nakibly, Ph.D. Students Bar Weiner, Asaf Mor Spring 2012.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Multiarea OSPF Scaling Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Multiarea OSPF Scaling Networks.
By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly.

By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—3-1 Medium-Sized Routed Network Construction Reviewing Routing Operations.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—3-1 Medium-Sized Routed Network Construction Reviewing Routing Operations.
1 LINK STATE PROTOCOLS (contents) Disadvantages of the distance vector protocols Link state protocols Why is a link state protocol better?

1 LINK STATE PROTOCOLS (contents) Disadvantages of the distance vector protocols Link state protocols Why is a link state protocol better?
1 ELEN 602 Lecture 20 More on Routing RIP, OSPF, BGP.

1 ELEN 602 Lecture 20 More on Routing RIP, OSPF, BGP.
Unicast Routing Protocols: RIP, OSPF, and BGP

Unicast Routing Protocols: RIP, OSPF, and BGP
Objectives After completing this chapter you will be able to: Describe hierarchical routing in OSPF Describe the 3 protocols in OSPF, the Hello, Exchange.

Objectives After completing this chapter you will be able to: Describe hierarchical routing in OSPF Describe the 3 protocols in OSPF, the Hello, Exchange.
1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.

1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.
ROUTING ON THE INTERNET COSC 6590 1 14-Aug-15. Routing Protocols  routers receive and forward packets  make decisions based on knowledge of topology.

ROUTING ON THE INTERNET COSC Aug-15. Routing Protocols  routers receive and forward packets  make decisions based on knowledge of topology.
Chapter 12 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Read a routing table  Configure a static route 

Chapter 12 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Read a routing table  Configure a static route 
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Adjust and Troubleshoot Single- Area OSPF Scaling Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Adjust and Troubleshoot Single- Area OSPF Scaling Networks.
Link State Routing Protocol W.lilakiatsakun. Introduction (1) Link-state routing protocols are also known as shortest path first protocols and built around.

Link State Routing Protocol W.lilakiatsakun. Introduction (1) Link-state routing protocols are also known as shortest path first protocols and built around.
Open Shortest Path First (OSPF) -Sheela Anand -Kalyani Ravi -Saroja Gadde.

Open Shortest Path First (OSPF) -Sheela Anand -Kalyani Ravi -Saroja Gadde.
Routing and Routing Protocols Dynamic Routing Overview.

Routing and Routing Protocols Dynamic Routing Overview.
1 CS 4396 Computer Networks Lab Dynamic Routing Protocols - II OSPF.

1 CS 4396 Computer Networks Lab Dynamic Routing Protocols - II OSPF.
OSPF Open Shortest Path First (OSPF) is a link-state routing protocol for Internet Protocol (IP) networks. It uses a link state routing algorithm and.

OSPF Open Shortest Path First (OSPF) is a link-state routing protocol for Internet Protocol (IP) networks. It uses a link state routing algorithm and.

Similar presentations

Ads by Google