Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 6401 Secure Shell & Denial of Service Attacks Outline Secure Shell Overview Authentication Practical issues Denial of Service Attacks Definition Examples.

Published byAnabel Watts Modified over 8 years ago

Similar presentations

Presentation on theme: "CS 6401 Secure Shell & Denial of Service Attacks Outline Secure Shell Overview Authentication Practical issues Denial of Service Attacks Definition Examples."— Presentation transcript:

1 CS 6401 Secure Shell & Denial of Service Attacks Outline Secure Shell Overview Authentication Practical issues Denial of Service Attacks Definition Examples

2 CS 6402 Secure Shell (SSH) Overview SSH is a secure remote virtual terminal application –Provides encrypted communication between untrusted hosts over an insecure network Assumes eavesdroppers can hear all communications between hosts Provides different methods of authentication Encrypts data exchanged between hosts –Intended to replace insecure programs such as rlogin, rsh, etc. –Includes capability to securely transfer file SCP –Includes ability to forward X11 connections and TCP ports securely Very popular and widely used –Not invulnerable!

3 CS 6403 Authentication in SSH1 Three means of authenticating supported by SSH –Simple rhosts User/system names in ~/.rhosts, ~/.shosts Vulnerable to IP/DNS spoofing Requires specific compilation for this mode of operation –Host based Use RSA to verify host keys Use ~/.rhosts file for user authentication –Host and user based RSA host key verification RSA user key verification If authentication fails, client is prompted for password –All communication is encrypted

4 CS 6404 SSH1 Key Exchange Protocol Server has public/private key pair –Client knows server’s public key in advance Must be sent securely in advance Server sends public key and random server key to client –Client verifies public key Client sends random session key encrypted with host and server key –Rest of session is encrypted with session key

5 CS 6405 SSH2 Key Exchange Protocol Diffie-Hellman public key exchange algorithm is used –Public key exchange algorithm – very cool –Two users can exchange a secret key over and insecure link without sharing any prior secrets (!) Digital signature verifies identity of server to client At the end of the key exchange, a secret key is shared –Used for encrypting the rest of the session Supports MD5 checksums for data integrity Supports a variety of encryption mechanisms –IDEA (default), Blowfish, DES, Triple DES, …

6 CS 6406 SSH in Practice Host public/private key is generated when SSH is installed –Public key must be in ~/.ssh/known_hosts on remote systems ssh-keygen command is used to generate users public/private keys –Requires user enter a pass phrase –Public key copied to ~/.ssh/authorized_keys on remote systems Ssh-agent and ssh-add eliminate the need for repeated typing of pass phrase Password authentication is vulnerable to guessing attacks X11 and port forwarding enable encrypted pipe through the Internet –Can be used to securely access insecure application eg. SMTP –Can be used to circumvent firewalls

7 CS 6407 SSH in Practice contd. Available as open source software –See OpenSSH Tricky to get working properly Standard with many software distributions

8 CS 6408 Denial of Service (DoS) Attacks One of the most general forms of attacking inter-networked systems –Based on overloading end systems –Result is sever reduction in performance or complete shutdown of target systems Focus of attacks can be network components or end hosts We have heard about a number of these in the past year Other most general form of attack is a break-in –Port scans –Buffer overflows –Password cracking…

9 CS 6409 Overloading a System The goal of DoS is to drown legitimate traffic in a sea of garbage traffic –Lots of traffic that has not been provisioned for pushes real traffic out of the way Clients experience delays due to congestion –Dropped packets lead to exponential backoff in timeouts Routers can become overloaded Servers become overloaded by increased number of connect requests –TCP connection setup requires state and response from server –Server is required to respond to SYN from clients –Clients don’t respond to server’s response

10 CS 64010 IP Spoofing Alter system to insert a different source IP address in TCP and IP headers –DoS attackers spoof for two reasons They don’t want to be discovered Spoofing can add additional load If you spoof with a legitimate IP address –Reset can be triggered from either attacked host or actual IP host Frees resources immediately on server –Careful use of sequence numbers can freeze future connections from actual IP host If you spoof with a random number IP –Server response to client SYN will be lost –Server will not free resources for 75 seconds (typically)

11 CS 64011 Key Elements of DoS Attack Expansion in required work –Easy for me, harder for you –Expansion in IP spoofing Me: generate SYNs as fast as possible (microseconds) You: Timeout a SYN open every 75 seconds Best effort protocols –Drop tail queues –No source specificity –Clients can be starved or slowed to crawl

12 CS 64012 DoS Attack Characteristics Expansion makes a only a few systems necessary –Typical goal is to attack from as many places as possible Enables better utilization of network resources Helps to prevent countermeasures Helps to obscure attackers DoS software is readily available and/or simple to write –Most found in IRC chat rooms DoS attacks are frequently preceded by break-ins to install DoS software –Enables even more anonymity for attacker

13 CS 64013 Facilitating DoS Attacks Lots of systems Large networks Naïve users Savvy bad guys Lots of free software Poor operating and management policies Hugely complex software with lots of well publicized holes Lack of means for stopping attacks

14 CS 64014 Dealing with DoS Attacks Don’t reserve state until receipt of client ACK –DOS attackers using spoofing don’t send these Otherwise they would have to keep state –Use of crypto to avoid saving state Send one-use key with server response to SYN Response ACK must return key Intrusion detection tools –Cut off an attack at a firewall if you recognize it –Bro, Snort IP traceback methods There are lots of companies in this space!

15 CS 64015 Code Red Code Red Worm –Released and identified on July 19, 2001 Infected over 250k systems in 9 hours –Takes advantage of hole in IIS on Win NT or Win 2k And the fact that most people don’t know IIS ON is default –Infected systems are completely compromised –Code Red installs itself in OS kernel Small and efficient V1 could be eliminated by reboot –Spends half its time trying to infect other systems, and half its time DoS’ing the White House and Pentagon

Download ppt "CS 6401 Secure Shell & Denial of Service Attacks Outline Secure Shell Overview Authentication Practical issues Denial of Service Attacks Definition Examples."

Similar presentations

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS 265 - Security Engineering Spring 2003 San Jose State University.

IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.

IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.

Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.

Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.

Similar presentations

Ads by Google