Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.

Slides:



Advertisements
Similar presentations
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Advertisements

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CCNA – Network Fundamentals
CSCI 4550/8556 Computer Networks
Transmission Control Protocol (TCP)
Intermediate TCP/IP TCP Operation.
CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
Chapter 7 – Transport Layer Protocols
Copyright 1999, S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 32 Transmission Control Protocol (TCP) Ref: Tanenbaum pp:
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets with Internet Applications, 4e By Douglas.
1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
TCP. Learning objectives Reliable Transport in TCP TCP flow and Congestion Control.
WXES2106 Network Technology Semester /2005 Chapter 8 Intermediate TCP CCNA2: Module 10.
Transport Layer TCP and UDP IS250 Spring 2010
Gursharan Singh Tatla Transport Layer 16-May
CS 356 Systems Security Spring Dr. Indrajit Ray
What Can IP Do? Deliver datagrams to hosts – The IP address in a datagram header identify a host IP treats a computer as an endpoint of communication Best.
Process-to-Process Delivery:
ITIS 6167/8167: Network Security Weichao Wang. 2 Contents ICMP protocol and attacks UDP protocol and attacks TCP protocol and attacks.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 24 November 11, 2004.
1 Transport Layer Computer Networks. 2 Where are we?
Presentation on Osi & TCP/IP MODEL
Exploring the Packet Delivery Process Chapter
Overview Network communications exposes one to many different types of risks: No protection of the privacy, integrity, or authenticity of messages Traffic.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
1 Chapter Overview TCP/IP DoD model. 2 Network Layer Protocols Responsible for end-to-end communications on an internetwork Contrast with data-link layer.
The Transmission Control Protocol (TCP) TCP is a protocol that specifies: –How to distinguish among multiple destinations on a given machine –How to initiate.
Introduction to Networks CS587x Lecture 1 Department of Computer Science Iowa State University.
Chapter 4 TCP/IP Overview Connecting People To Information.
TCP : Transmission Control Protocol Computer Network System Sirak Kaewjamnong.
TCP Lecture 13 November 13, TCP Background Transmission Control Protocol (TCP) TCP provides much of the functionality that IP lacks: reliable service.
University of the Western Cape Chapter 12: The Transport Layer.
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
© Introduction to Internetworking – Alex Kooijman 04/04/2000 Introduction to internetworking Part Two.
Chapter 6-2 the TCP/IP Layers. The four layers of the TCP/IP model are listed in Table 6-2. The layers are The four layers of the TCP/IP model are listed.
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
Networked Graphics Building Networked Virtual Environments and Networked Games Chapter 3: Overview of the Internet.
Lecture 4 Overview. Ethernet Data Link Layer protocol Ethernet (IEEE 802.3) is widely used Supported by a variety of physical layer implementations Multi-access.
1 Introduction to TCP/IP. 2 OSI and Protocol Stack OSI: Open Systems Interconnect OSI ModelTCP/IP HierarchyProtocols 7 th Application Layer 6 th Presentation.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 23 November 9, 2004.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. TCP/IP Addressing and Data Delivery  The TCP/IP Protocol Suite  IP Addressing.
DoS/DDoS attack and defense
1 DETAILS OF PROTOCOLS The Zoo Protocol - TCP - IP.
1 Version 3.1 Module 10 Intermediate TCP/IP (Layer 4)
Network Basics CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
IP1 The Underlying Technologies. What is inside the Internet? Or What are the key underlying technologies that make it work so successfully? –Packet Switching.
© 2002, Cisco Systems, Inc. All rights reserved..
Data Communication Network Models
TCP/IP1 Address Resolution Protocol Internet uses IP address to recognize a computer. But IP address needs to be translated to physical address (NIC).
Introduction to TCP/IP networking
Introduction to TCP/IP
or call for office visit,
Error and Control Messages in the Internet Protocol
TCP/IP Transmission Control Protocol / Internet Protocol
ITIS 6167/8167: Network Security
CCNA 2 v3.1 Module 10 Intermediate TCP/IP
Process-to-Process Delivery:
Lecture 2: Overview of TCP/IP protocol
OSI Reference Model Unit II
Process-to-Process Delivery: UDP, TCP
ITIS 6167/8167: Network and Information Security
16EC Computer networks unit II Mr.M.Jagadesh
Internet Control Message Protocol
OSI Model 7 Layers 7. Application Layer 6. Presentation Layer
Transport Layer 9/22/2019.
Presentation transcript:

Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini

Network Performance Gilder’s Law – George Gilder projected that the total bandwidth of communication systems triples every twelve months Ethernet: 10Mbps  10Gbps (1000 times) CPU clock frequency: 25MHz  2.5GHz (100 times) Metcalfe's Law – Robert Metcalfe projected that the value of a network is proportional to the square of the number of nodes Phone, Internet 2 CS 450/650 – Lecture 22: Network Security

Internet Internet is the collection of networks and routers – form a single cooperative virtual network – spans the entire globe The Internet relies on the combination of the Transmission Control Protocol and the Internet Protocol or TCP/IP – The majority of Internet traffic is carried using TCP/IP packets 3 CS 450/650 – Lecture 22: Network Security

ISO OSI Network Model Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical LAN Internet 4 CS 450/650 – Lecture 22: Network Security

smtp sftp ssh Transmission Control Protocol (TCP) Internet Protocol (IP) Ethernet Token ring TCP/IP 5 CS 450/650 – Lecture 22: Network Security

Physical Header IP Header TCP Header message TCP/IP Packets 6 CS 450/650 – Lecture 22: Network Security

Addressing MAC (Media Access Control) address – Every host connected to a network has a network interface card (NIC) with a unique physical address IP address – IPv4  32 bits ( ) – IPv6  128 bits 7 CS 450/650 – Lecture 22: Network Security

Routing Routers Routing Tables 8 CS 450/650 – Lecture 22: Network Security

IP Protocol Best-effort packet delivery service Datagram (IPv4) Service TypeVERSHLENTOTAL LENGTH IDENTIFICATIONFLAGSFRAGMENT OFFSET TIME TO LIVEPROTOCOLHEADER CHECKSUM SOURCE ADDRESS DESTINATION ADDRESS PADDINGOPTIONS (IF ANY) DATA 9 CS 450/650 – Lecture 22: Network Security

Internet Control Message Protocol Transmit error messages and unusual situations Different types of ICMP have slightly different format TypeCodeCHECKSUM Unused (must be zero) DATA: Header and 1 st 64 bits of offending datagram ICMP time-exceeded message 10 CS 450/650 – Lecture 22: Network Security

ICMP (Echo request/reply) Transmit error messages and unusual situations Different types of ICMP have slightly different format TypeCodeCHECKSUM Sequence number DATA (optional) ICMP Echo Request/Reply Message Identifier 11 CS 450/650 – Lecture 22: Network Security

Ping of Death Attack Denial of service attack (1st in 1996) Some systems did not handle oversized IP datagrams properly An attacker construct an ICMP echo request containing 65,510 data octets and send it to victim Total size of resulting datagram would be larger than 65,535 octet limit specified by IP – System would crash 12 CS 450/650 – Lecture 22: Network Security

SMURF Attacker send echo request message to broadcast address Attacker also spoofs source address in the request Intermediary Attacker Victim 13 CS 450/650 – Lecture 22: Network Security

UDP (User Datagram Protocol) From one application to another – multiple destinations Port  positive integer – unique destination CHECKSUM (optional) DATA LENGTH DESTINATION PORTSOURCE PORT 14 CS 450/650 – Lecture 22: Network Security

Attacks on UDP Fraggle Trinoo 15 CS 450/650 – Lecture 22: Network Security

Fraggle (similar to smurf) UDP port 7 is used for echo service An attacker can create a stream of user datagram with random source port and a spoofed source address Destination port is 7 and destination source is a broadcast address at some intermediate site The attack can get worse if the source port = 7 Could be prevented by filtering out UDP echo requests destined for broadcast addresses 16 CS 450/650 – Lecture 22: Network Security

spoofed source Victim’s host broadcast destination random source port destination Port = 7 spoofed source Victim’s host broadcast destination source Port = 7 destination Port = 7 Stream of UDP datagrams Fraggle attack 17 CS 450/650 – Lecture 22: Network Security

Trinoo Distributed denial of service In smurf and fraggle, trafic comes from a single intermediate node Trinoo allows attacker to flood the victim from hundreds intermediate sites simultaneously Two programs: – master and – daemon installed in many different stolen accounts 18 CS 450/650 – Lecture 22: Network Security

attacker master daemon Large number of UDP packets to random ports Trinoo attack 19 CS 450/650 – Lecture 22: Network Security

TCP Reliable delivery TCP messages are sent inside IP datagrams CODE BITSHLENRESVWINDOW URGENT POINTER SEQUENCE NUMBER PADDINGOPTIONS (IF ANY) DATA CHECKSUM DESTINATION PORTSOURCE PORT Acknowledgment 20 CS 450/650 – Lecture 22: Network Security

TCP Overview TCP segments are sent inside IP datagrams TCP divides a stream of data into chunks that fit in IP datagrams It ensures that each datagram arrives at its destination It then reassembles the datagrams to produce the original message 21 CS 450/650 – Lecture 22: Network Security

TCP Overview (cont.) TCP uses an acknowledgment-and retransmission scheme TCP sending software keeps a record of each datagram and waits for an acknowledgment – If no acknowledgment is received during the timeout interval, the datagram is retransmitted 22 CS 450/650 – Lecture 22: Network Security

Host A Host B Establishing a TCP Connection Using a 3-way handshake Host AHost B Closing a TCP Connection (one way A to B) Message 1 (SYN + SEQ) Message 2 (SYN + SEQ + ACK) Message 3 (ACK) Message 1 (FIN + SEQ) Message 2 (ACK) TCP communication 23 CS 450/650 – Lecture 22: Network Security

Attacks on TCP SYN Flood – Half-opened connection table LAND – Spoofed source address = destination address – Source port = destination port – Certain implementations  freezing TRIBE Flood Network (TFN) – Similar to trinoo but more than one attack – UDP flood, smurf, SYN floods, and others 24 CS 450/650 – Lecture 22: Network Security

Probes and Scans Ping scan and traceroute – What machines exist on a given network and how they are arranged Remote OS fingerprinting – What OS each detected host is running – Different OS respond to invalid packets differently – Example: FIN to connection that has not been opened 25 CS 450/650 – Lecture 22: Network Security

Probes and Scans Port Scanning – Which ports are open?  port scanner Open a TCP connection and close it immediately Use half opened connections 26 CS 450/650 – Lecture 22: Network Security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.