复旦大学：《计算机网络 Computer Networking》课程电子教案（PPT课件讲稿）25 security-dosfirewall——Attacks and Countermeasures

Security Part One Attacks and Countermeasures 15-441 With slides from: Debabrata Dash, Nick Feamster, Myas Sekar 15-411: F08 security

Security Part One: Attacks and Countermeasures 15-441 With slides from: Debabrata Dash,Nick Feamster, Vyas Sekar 15-411: F08 security 1

Flashback. Internet design goals 1. Interconnection 2. Failure resilience 3. Multiple types of service 4. Variety of networks 5. Management of resources 6. Cost-effective 7. LoW entry-cost 8. Accountability for resources Where is security? 15-411: F08 security

Flashback .. Internet design goals 1. Interconnection 2. Failure resilience 3. Multiple types of service 4. Variety of networks 5. Management of resources 6. Cost-effective 7. Low entry-cost 8. Accountability for resources Where is security? 15-411: F08 security 2

Why did they leave it out? Designed for connectivity Network designed with implicit trust ◆ No bad"guys Can't security be provided at the edge? Encryption, Authentication etc End-to-end arguments in system design 15-411: F08 security

Why did they leave it out? • Designed for connectivity • Network designed with implicit trust  No “bad” guys • Can’t security be provided at the edge?  Encryption, Authentication etc  End-to-end arguments in system design 15-411: F08 security 3

Security vulnerabilities At every laver in the protocol stack! ° Network-layer attacks IP-level vulnerabilities ◆ Routing attacks Transport-layer attacks ◆ TCP vulnerabilities Application-layer attacks 15-411: F08 security

Security Vulnerabilities • At every layer in the protocol stack! • Network-layer attacks  IP-level vulnerabilities  Routing attacks • Transport-layer attacks  TCP vulnerabilities • Application-layer attacks 15-411: F08 security 4

IP-evel vulnerabilities iP addresses are provided by the source ◆ Spoofing attacks Using IP address for authentication + e.g., login with. rhosts Some features that have been exploited ◆ Fragmentation Broadcast for traffic amplification 15-411: F08 security

IP-level vulnerabilities • IP addresses are provided by the source  Spoofing attacks • Using IP address for authentication  e.g., login with .rhosts • Some “features” that have been exploited  Fragmentation  Broadcast for traffic amplification 15-411: F08 security 5

Security Flaws in IP The iP addresses are filled in by the originating host Address spoofing Using source address for authentication r-utilities(rlogin, rsh, rhosts etc.) 2111c Can a claim it is b to the server s? Internet .ARP Spoofing 1.13s Can c claim it is b to the server s? A11111112B 15-411: F08 security ° Source routing

Security Flaws in IP • The IP addresses are filled in by the originating host  Address spoofing • Using source address for authentication  r-utilities (rlogin, rsh, rhosts etc..) Internet 2.1.1.1 C A 1.1.1.1 1.1.1.2 B 1.1.1.3 S •Can A claim it is B to the server S? •ARP Spoofing •Can C claim it is B to the server S? 15-411: F08 security •Source Routing 6

Smurf Attack 口 Internet Attacking System Broadcast Enabled 6 Network Victim System 15-411: F08 security

Smurf Attack Attacking System Internet Broadcast Enabled Network Victim System 15-411: F08 security 7

ICMP Attacks No authentication ICMP redirect message Can cause the host to switch gateways ◆ Benefit of doing this? Man in the middle attack, sniffing icmP destination unreachable Can cause the host to drop connection ICMP echo request/reply Many more .http://www.sans.org/rr/whitepapers/threats/477.php 15-411: F08 security

ICMP Attacks • No authentication • ICMP redirect message  Can cause the host to switch gateways  Benefit of doing this? ▪ Man in the middle attack, sniffing • ICMP destination unreachable  Can cause the host to drop connection • ICMP echo request/reply • Many more…  http://www.sans.org/rr/whitepapers/threats/477.php 15-411: F08 security 8

Routing attacks Divert traffic to malicious nodes ◆B|ack-ho|e ◆ Eavesdropping How to implement routing attacks? ◆ Distance∨ ector: ◆Link- state: BGP vulnerabilities 15-411: F08 security 9

Routing attacks • Divert traffic to malicious nodes  Black-hole  Eavesdropping • How to implement routing attacks?  Distance-Vector:  Link-state: • BGP vulnerabilities 15-411: F08 security 9

Routing attacks Divert traffic to malicious nodes ◆B|ack-ho|e ◆ Eavesdropping How to implement routing attacks? Distance-Vector Announce low-cost routes Link-state: Dropping links from topology BGP vulnerabilities ◆ Prefix-hijacking ◆ Path alteration 15-411: F08 security 10

Routing attacks • Divert traffic to malicious nodes  Black-hole  Eavesdropping • How to implement routing attacks?  Distance-Vector: Announce low-cost routes  Link-state: Dropping links from topology • BGP vulnerabilities  Prefix-hijacking  Path alteration 15-411: F08 security 10