Department of Information Engineering1 About your assignment 5 -layers Model Application Layer(HTTP, DNS,...) TCP Layer(add sequence number to packets)

Slides:



Advertisements
Similar presentations
Module X Session Hijacking
Advertisements

ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
Computer Security and Penetration Testing
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.
1 Reading Log Files. 2 Segment Format
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Attacks Mark Shtern.
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
Slide 1 Attacks on TCP/IP. slide 2 Security Issues in TCP/IP uNetwork packets pass by untrusted hosts Eavesdropping (packet sniffing) uIP addresses are.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
The Transport Layer Chapter 6. The Transport Service Services Provided to the Upper Layers Transport Service Primitives Berkeley Sockets An Example of.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Man in the Middle attacks and ARP poisoning explained
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Forensic and Investigative Accounting
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
E0: Unix System Administration AfNOG 2006 Nairobi, Kenya Security introduction Brian Candler Presented by Hervey Allen.
IIT Indore © Neminath Hubballi
Computer Security and Penetration Testing
Part 2  Access Control 1 CAPTCHA Part 2  Access Control 2 Turing Test Proposed by Alan Turing in 1950 Human asks questions to another human and a computer,
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Transmission Control Protocol TCP. Transport layer function.
TCP/IP Vulnerabilities
CS426Network Security1 Computer Security CS 426 Network Security (1)
Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.
CSE 461 Section. Let’s learn things first! Joke Later!
CIS 450 – Network Security Chapter 5 – Session Hijacking.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
CIS 450 – Network Security Chapter 4 - Spoofing. Definition - To fool. In networking, the term is used to describe a variety of ways in which hardware.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
1 Securing Network Services. 2 How TCP Works Set up connection between port on source host to port on destination host Each connection consists of sequence.
TCP Security Vulnerabilities Phil Cayton CSE
Slide #1 CIT 380: Securing Computer Systems TCP/IP.
M ITNICK A TTACK. WHO IS THIS GUY?
Hands-On Ethical Hacking and Network Defense
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
Telecommunications Networking II Lecture 41d Denial-of-Service Attacks.
Internet Flow By: Terry Hernandez. Getting from the customers computer onto the internet Internet Browser
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
Transport Layer1 TCP Connection Management Recall: TCP sender, receiver establish “connection” before exchanging data segments r initialize TCP variables:
Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Presentation on ip spoofing BY
General Classes of TCP/IP Problems
PPP – Point to Point Protocol
IP Spoofing Sometimes on the internet, a girl named Alice is really a man named Yves.
Threats in Networks Jagdish S. Gangolly School of Business
Mitnick Attack.
Wireshark(Ethereal).
Wireless Spoofing Attacks on Mobile Devices
TCP Connection Management
Presentation transcript:

Department of Information Engineering1 About your assignment 5 -layers Model Application Layer(HTTP, DNS,...) TCP Layer(add sequence number to packets) IP Layer(for addressing) Data Link Layer(Ethernet, PPP) Physical Layer(wire, wireless, optical fibre,... )

Department of Information Engineering2 Hacking Common security problems –virus malicious computer program that makes copies of itself and attaches those copies to other programs –Trojan horse a program that appears to have one ubiquitous function, but actually has a hidden malicious function

Department of Information Engineering3 Hacking Dictionary attack –try all possible words in a dictionary and compare with the encrypted password in the server –need to get the password file first mary One-way encrypting function password xo12u50zag dictionary Password file

Department of Information Engineering4 Denial of Service Attack Sends fake IP packets to the web server –server sends an reply to the client, waiting for the HTTP message to arrive –but the source address is faked, so the server has to wait forever a server can only support a limited number of concurrent requests, if all these requests are faked, then the server cannot do any useful work

Department of Information Engineering5 Denial of Service Attack How to prevent it? –charge the packets ! –check the IP address at the source

Department of Information Engineering6 Denial of Service Attack Details of the attack –client > initial packet with a sequence no to server –server> return its own sequence no to client –client> OK, I got your sequence number –client> the request –server> return the requested file –client> disconnect –server> disconnect

Department of Information Engineering7 Christmas th December, 1994, 14:09:32... –Security expert Tsutomu Shimomura was on a skiing trip –meanwhile his computer in was break-in by a hacker 15th February, 1995 –By tracing the traffic log, Kevin Mitnick, the most wanted computer outlaw, was caught Paperbacks and movie about the story –Takedown by Shimomura and John Markoff –The Fugitive Game by Jonathan Littman –Takedown (movie) by Miramax

Department of Information Engineering8 IP spoofing Security hole in remote login (rlogin) –authentication based on IP address –password is not required IP spoofing attack –host A: attacker host B: the machine to be attacked host C: the machine impersonated by the attacker, C is trusted by B –A sends the 1st packet to host B using the false IP source address (host C) –B checks the IP, verifies it, find nothing wrong, so let the hacker login without checking the password

Department of Information Engineering9 3-way handshakes Problem: 3-way handshakes –1st segment: A > B –2nd segment: A < B –3rd segment: A --- ACK ---> B –BUT B sends the 2nd segment to C, so that A cannot return the ACK to B without knowing the sequence number used by B A (hacker) B (machine under attacked) C (friend of B) 1st2nd

Department of Information Engineering10 Sequence number prediction BUT the ISN of B can be guessed!! First, the hacker makes a real connection to B –because the connection is real, the 2nd segment sent by B will be received by the hacker –the 2nd TCP segment contains the number of B –after getting the number of B, the hacker launches the attack –return the 3rd packet using the guessed ISN –how to guess the number? –the number is incremented by for every new connection

Department of Information Engineering11 Sequence number prediction so that for two consecutive connection requests, the ISN will be differed by 128,000 if there is no other connection request to the server during that time, the ISN can be guessed accurately and easily the best time to attack is when there is little connection requests to the server –Christmas so after sending the 1st packet to B, A sends the the 3rd packet to B with the guessed number

Department of Information Engineering12 SYN flooding but the story does not end here, note that when B sends the 2nd packet to C, C will return a packet (reset) and spoils the attack To prevent C from returning the packet, A sends a large number of SYN packets (the first packet) to C using dead site as source address C receives a lot of connection requests and opens up many half-open connections (waiting the the 3rd packet to return) but since the source is a non-existing host, the 3rd handshake never come back prevent C from receiving anything from B

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.