Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advanced Network Labs & Remote Network Agent

Published by悠魁 黄 Modified over 6 years ago

Similar presentations

Presentation on theme: "Advanced Network Labs & Remote Network Agent"— Presentation transcript:

1 Advanced Network Labs & Remote Network Agent
Asaf Avisar Evyatar Shalev

2 Objective #1 Conducting labs with “ Mastering Networks “ manual, and adapt it to our network equipment. Local network security today relay on a Firewall connected at the entrance of a network which inspect every packet pass through it. Security in networks based on the assumption that once a computer is inside my personal network (“physically connected”) it is less dangerous to it. Therefore, most of private networks today are vulnerable from “inside”. We will use this vulnerability, by opening a “back door” to a network which will act like a host in the network while actually pass back and forward packets from another network. By doing so, We have straight access through an unauthorized gate to any computer in a private network.

3 Implementation- Labs The labs manual consists of 10 labs that deal with main network topics. Lab Topic 1 Introduction 2 Single segment IP networks 3 Static Routing 4 Dynamic Routing Protocols 5 Transport Layer Protocols 6 LAN Switching 7 NAT and DHCP 8 DNS 9 SNMP 10 IP Multicast

4 Implementation- Labs The manual was written in 2005, therefore, it is optimized to the software and hardware that were popular then. In order to run it on a modern setup, a lot of adaptations had to be made, especially with Linux commands, networking tools and more. All the adaptations are documented in a dedicated guide.

5 Objective #2 Remote Network Agent – sophisticated “ back door ” to a network. Basic assumptions : Local network security today relies on a Firewall. Most private networks today are vulnerable from the “inside”. Local network security today relay on a Firewall connected at the entrance of a network which inspect every packet pass through it. Security in networks based on the assumption that once a computer is inside my personal network (“physically connected”) it is less dangerous to it. Therefore, most of private networks today are vulnerable from “inside”. We will use this vulnerability, by opening a “back door” to a network which will act like a host in the network while actually pass back and forward packets from another network. By doing so, We have straight access through an unauthorized gate to any computer in a private network.

6 Remote Network Agent Intervening NAT normal operation in order to impersonate a host in a secured network from distant location. Implementation involves multiple protocols : NAT- Network Address Translation. Port forwarding. VPN- Virtual Private Network. NAT – Network Address Translation which changes IP & ports for expending availability of IP addresses. Port forwarding – Protocol in use in routing for moving packet to a pc according to the port assign to it. VPN - Virtual private network which connect a pc to a private network even if its not locally there.

7 Remote Network Agent Modifying external packet’s headers to act as internal ones. The logic of changing the header runs on a malicious host and managed with Data Base. An operator controls the Data Base with a friendly web/Python based GUI. Application Application Presentation Presentation Session Session Transport Transport Network Network Malicious header Data link Data link Physical Physical

8 Demonstration Basic attack Operator Blocked by Firewall Firewall
DstIP: Agent p: 10000 SourcIP: Operator Blocked by Firewall Firewall Local network victim1

9 Demonstration Remote Network Agent attack Operator Firewall Agent
DstIP: Agent p: 10000 SourcIP: Operator Firewall Agent Local network Eth0 Cell0 victim1

10 Demonstration Remote Network Agent attack Operator Agent DB Firewall
outside Port Inside dest ip Inside dest port 10000 Victim1 80(http) 20000 21(ftp) 30000 Victim2 Firewall Agent Local network DstIP: Agent p: 10000 SourcIP: Operator Dst: VICTIM1 P: 80 Source: Agent Eth0 Cell0 victim1

11 Dst: :10000 Source: : 4231 Dst: : 21 Source: : 5123 APP Control links

12 Challenges Learning computer networks infrastructure.
Conducting the labs with an old manual. Understanding Linux Kernel Networking. Manipulate sockets with code. Linux Kernel Networking – Linux, in its basic networking capabilities, allows user working with sessions only ( layer 4-7 OSI module). To modify layer 1-3, we need to deeply understand Linux networking kernel structure and alter it according to our project. Programming – Our code should work with a correspondence to Linux kernel. We have to implement a whole header and do not disturb to Linux kernel stack, while implementing GUI, Remote access and using DB.

Download ppt "Advanced Network Labs & Remote Network Agent"

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Understanding Internet Protocol

Understanding Internet Protocol
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
Introduction An introduction to the software and organization of the Internet Lab.

Introduction An introduction to the software and organization of the Internet Lab.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Introduction An introduction to the equipment and organization of the Internet Lab.

Introduction An introduction to the equipment and organization of the Internet Lab.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
By: Colby Shifflett Dr. Grossman Computer Science 420 12/01/2009.

By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.
Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.

Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
A Brief Taxonomy of Firewalls

A Brief Taxonomy of Firewalls
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
OSI Model Routing Connection-oriented/Connectionless Network Services.

OSI Model Routing Connection-oriented/Connectionless Network Services.
Configuring Routing and Remote Access(RRAS) and Wireless Networking

Configuring Routing and Remote Access(RRAS) and Wireless Networking
IP Ports and Protocols used by H.323 Devices Liane Tarouco.

IP Ports and Protocols used by H.323 Devices Liane Tarouco.

Similar presentations

Ads by Google