Presentation is loading. Please wait.

Presentation is loading. Please wait.

Review For Exam 1 (February 18, 2013) © Abdou Illia – Spring 2013.

Published byPhyllis Clark Modified over 5 years ago

Similar presentations

Presentation on theme: "Review For Exam 1 (February 18, 2013) © Abdou Illia – Spring 2013."— Presentation transcript:

1 Review For Exam 1 (February 18, 2013) © Abdou Illia – Spring 2013

2 Introduction to Systems Security

3 The PTP framework Any security system must have 3 key elements
People (users and IT staff) Technology (firewall, IDS, antivirus, etc.) Policies (Safe-Use policy, password policy, privacy policy, etc.) People are usually the weakest link

4 Dialog attack: Eavesdropping
Intercepting confidential message being transmitted over the network Dialog Hello Client PC Bob Server Alice Hello Attacker (Eve) intercepts and reads messages

5 Resources Access Control

6 Resources Access Control Part 1

7 Security Goals Three main security goals: Confidentiality of communications and proprietary information Integrity of corporate data Availability of network services and resources CIA Authenticity: ensuring that the data, transactions, communications or documents are genuine. Also validating that both parties involved are who they claim to be. Non-repudiation: Ensuring that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.

8 What is Access Control? AAA process
Authentication: supplicant sends credentials to verifier to authenticate the supplicant Authorization: what permissions the authenticated user will have What resources he or she can get to at all What he or she can do with these resources Auditing: recording what people do in log files Detecting attacks

9 Figure 2-3: Password Length
Length In Characters Alphabetic, No Case (N=26) Alphabetic, Case (N=52) Alphanumeric: Letters & Digits (N=62) All Keyboard Characters (N=~80) 1 26 52 62 80 2 (N2) 676 2,704 3,844 6,400 4 (N4) 456,976 7,311,616 14,776,336 40,960,000 6 308,915,776 19,770,609,664 56,800,235,584 E+11 8 E+11 E+13 2.1834E+14 E+15 10 E+14 E+17 E+17 E+19 Q: Your password policy is: (a) the password must be 6 character long, (b) the password should include only decimal digits and lower case alphabetic characters. What is the maximum number of passwords the attacker would try in order to crack a password in your system?

10 Alternatives to password (cont.)
Proximity Access Tokens Use Radio Frequency ID (RFID) technology Supplicant only has to be near a door or computer to be recognized Two-Factor Authentication Access card: 1st factor PINs for the second factor Short: 4 to 6 digits Can be short because attempts are manual Should not choose obvious combinations (1111, 1234) or important dates

11 Resources Access Control Part 2

12 MAC Filtering The Access Point could be configured to only allow mobile devices with specific MAC addresses Today, attack programs exist that could sniff MAC addresses, and then spoof them to gain access MAC Access Control List O9-2X-98-Y6-12-TR 10-U1-7Y-2J-6R-11 U1-E2-13-6D-G1-90 H1-80 …………………….. Access Point

13 IP Address Filtering The Access Point could be configured to only allow mobile devices with specific IP addresses Attacker could Get IP address by guessing based on companies range of IP addresses Sniff IP addresses, then spoof them to gain access IP Address Access Control List / /24 …………………….. Access Point

14 Access control at EIU What is used at EIU today to control access to the WLAN?

15 Using Authentication server
2. Pass on Request to RADIUS Server RADIUS Server / WAP Gateway 1. Authentication Request Access Point Applicant (Lee) 4. Accept Applicant Key=XYZ 5. OK Use Key XYZ 3. Get User Lee’s Data (Optional; RADIUS Server May Store Authentication Data) Directory Server or Kerberos Server RADIUS is an AAA (Authentication, Authorization, Accounting) protocol Once user authenticated, AP assigns user individual key, avoiding shared key.

16 TCP/IP Internetworking

17 Layer Cooperation on the User PC
Encapsulation on the sending machine Embedding message received from upper layer in a new message HTTP request Application HTTP req. Encapsulation of HTTP request in data field of a TCP segment Transport HTTP req. TCP-H TCP segment Internet HTTP req. TCP-H IP-H IP Packet Data Link PPP-T HTTP req. TCP-H IP-H PPP-H Frame User PC Physical

18 Layer Cooperation on the Web server
De-encapsulation Other layers pass successive data fields (containing next-lower layer messages) up to the next-higher layer HTTP request HTTP req. Application TCP segment HTTP req. TCP-H Transport IP Packet HTTP req. TCP-H IP-H Internet Frame PPP-T HTTP req. TCP-H IP-H PPP-H Data Link Transmission media Webserver

19 IP Packet Bit 0 IP Version 4 Packet Bit 31 Version (4 bits) Header
0100 IP Version 4 Packet Bit 31 Version (4 bits) Header Length (4 bits) QoS (8 bits) Total Length (16 bits) Identification (16 bits) Flags Fragment Offset (13 bits) Time To Live (8 bits) Protocol (8 bits) 1=ICMP, 6=TCP,17=UDP Header Checksum (16 bits) Source IP Address (32 bits) Destination IP Address (32 bits) Options (if any) Padding Data Field QoS: Also called Type of Service, indicates the priority level the packet should have Identification tag: to help reconstruct the packet from several fragments Flags: indicates whether packet could be fragmented or not (DF: Don't fragment), indicates whether more fragments of a packet follow (MF: More Fragments or NF: No More Fragments) Fragment offset: identify which fragment this packet is attached to TTL: Indicates maximum number of hops (or routers) the packet could pass before a hop discards it. Header checksum: to check for errors in the headers only

20 IP Fragmentation Subnet 1 Subnet 2 When a packet arrives at a router, the router selects the port and subnet to forward the packet to If packet too large for the subnet to handle, router fragments the packet; ie. Divides packet’s data field into fragments Gives each fragment same Identification tag value, i.e. the Identification tag of original packet First fragment is given Fragment Offset value of 0 Subsequent fragments get Fragment Offset values consistent with their data’s place in original packet Last fragment’s Flag is set to “No More Fragments” Destination host reassemble fragments based on the offsets. Identification (16 bits) Flags Fragment Offset (13 bits)

21 Firewalls and Fragmented IP Packet
Fragmentation makes it hard for firewalls to filter individual packets TCP or UDP header appears only in the first fragment Firewall might drop the first fragment, but not subsequent fragments Some firewalls drop all fragmented packets 2. Second Fragment 1. First Fragment Router TCP Data Field IP Header 4. TCP Data Field No TCP Header IP Header 5. Firewall Can Only Filter TCP Header in First Fragment Attacker 3. TCP Header Only in First Fragment

22 TCP Segment Bit 0 Bit 31 Source Port Number (16 bits)
Destination Port Number (16 bits) Sequence Number (32 bits) Acknowledgment Number (32 bits) Header Length (4 bits) Reserved (6 bits) Flag Fields: ACK, SYN,… (6 bits) Window Size (16 bits) TCP Checksum (16 bits) Urgent Pointer (16 bits) Data Port number: identifies sending and receiving application programs. Sequence number: Identifies segment’s place in the sequence. Allows receiving Transport layer to put arriving TCP segments in order. Acknowledgement number: identifies which segment is being acknowledged Flag fields: Six one-bit flags: ACK, SYN, FIN, RST, URG, PSH. Can be set to 0 (off) or 1 (on). e.g. SYN=1 means a request for connection/synchronization. Q: If the ACK flag is set to 1, what other field must also be set to allow the receiver know what TCP segment is being acknowledged?

23 TCP and use of Port numbers
Source Port Number (16 bits) Destination Port Number (16 bits) TCP and use of Port numbers Port Number identify applications Well-known ports (0-1023): used by major server applications running at root authority. HTTP web service=80, Telnet=23, FTP=21, SMTP =25 Registered ports ( ): Used by client and server applications. Ephemeral/dynamic/private ports ( ) Not permanently assigned by ICANN. Web server applications www:80 FTP:21 SMTP:25 Operating System Computer hardware Socket notation: IP address:Port # RAM chip HD Processor

24 Questions A host sends a TCP segment with source port number 25 and destination port number Is the source host a server or a client? Why? If the host is a server, what kind of service does it provide? Is the destination host a server or a client ? Why?

25 IP Address IPv4 addresses are 32 bit long IPv6 are 128 bit long
Example: There are 2^32 IP addresses IPv6 are 128 bit long There are 2^128 IP addresses

Download ppt "Review For Exam 1 (February 18, 2013) © Abdou Illia – Spring 2013."

Similar presentations

TCP/IP Christopher Zacky. lolwut Decimal Numbers.

TCP/IP Christopher Zacky. lolwut Decimal Numbers.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CCNA – Network Fundamentals

CCNA – Network Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
Introduction1-1 message segment datagram frame source application transport network link physical HtHt HnHn HlHl M HtHt HnHn M HtHt M M destination application.

Introduction1-1 message segment datagram frame source application transport network link physical HtHt HnHn HlHl M HtHt HnHn M HtHt M M destination application.
Chapter 7 – Transport Layer Protocols

Chapter 7 – Transport Layer Protocols
Module A.  This is a module that some teachers will cover while others will not  This module is a refresher on networking concepts, which are important.

Module A.  This is a module that some teachers will cover while others will not  This module is a refresher on networking concepts, which are important.
Lesson 7 – THE BUSINESS OF NETWORKING. TCP/IP and UDP Other Internet protocols Important Internet protocols OVERVIEW.

Lesson 7 – THE BUSINESS OF NETWORKING. TCP/IP and UDP Other Internet protocols Important Internet protocols OVERVIEW.
1 TCP/IP Internetworking (February 1, 2012) © Abdou Illia – Spring 2012.

1 TCP/IP Internetworking (February 1, 2012) © Abdou Illia – Spring 2012.
CSEE W4140 Networking Laboratory Lecture 6: TCP and UDP Jong Yul Kim 03.01.2010.

CSEE W4140 Networking Laboratory Lecture 6: TCP and UDP Jong Yul Kim
Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.

Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.
Transport Layer TCP and UDP IS250 Spring 2010

Transport Layer TCP and UDP IS250 Spring 2010
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
OSI Model Routing Connection-oriented/Connectionless Network Services.

OSI Model Routing Connection-oriented/Connectionless Network Services.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.

January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen

1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
1 Chapter Overview TCP/IP DoD model. 2 Network Layer Protocols Responsible for end-to-end communications on an internetwork Contrast with data-link layer.

1 Chapter Overview TCP/IP DoD model. 2 Network Layer Protocols Responsible for end-to-end communications on an internetwork Contrast with data-link layer.
Chabot College ELEC 99.08 Ports (Layer 4).

Chabot College ELEC Ports (Layer 4).

Similar presentations

Ads by Google