Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of Networking & Operating System Security

Published byShinta Makmur Modified over 6 years ago

Similar presentations

Presentation on theme: "Overview of Networking & Operating System Security"— Presentation transcript:

1 Overview of Networking & Operating System Security
Jagdish S. Gangolly School of Business State University of New York at Albany NOTE: These notes are based on the book Security in Computing, by Charles & Shari Pfleeger (3rd ed) and are prepared solely for the students in the course Acc 661 at SUNY Albany. They are not to be used by others without the permission of the instructor. 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

2 Overview of Networking & Operating System Security
OSI Reference Model The Internet Model TCP/IP TCP Vulnerabilities UDP UDP Vulnerabilities IP IP Vulnerabilities 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

3 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
Networking I OSI Reference Model Layer 7: Application Layer Layer 6: Presentation Layer Layer 5: Session Layer Layer 4: Transport Layer Layer 3: Network Layer Layer 2: Data Link Layer Layer 1: Physical Layer 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

4 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
Networking II The Internet Model: Application Layer (http, telnet, client,…) Transport Layer: Responsible for ensuring data delivery. (TCP and UDP) (Port-to-Port) Network Layer: Responsible for communicating between the host and the network, and delivery of data between two nodes on network. (IP) (Machine-to-Machine) Data Link Layer: Responsible for transporting packets across each single hop of the network (Node-to-Node) Physical Layer: Physical media (Repeater-to-repeater) 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

5 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
TCP/IP Applications using TCP: FTP, telnet, SMTP, POP, HTTP TCP header info Source/Destination Port numbers Sequence number Acknowledgement number Data offset, describes where the header ends Reserved, for future use Control bits (six bits – URG, ACK, PSH, RST, SYN, FIN) Window, number of outstanding packets between systems Checksum, to maintain the integrity of the TCP packets Urgent pointer, to where urgent information is located in the packet Options, additional information about TCP processing capabilities Padding, to extend the boundary of TCP header to end on a 32-bit boundary 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

6 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
TCP Vulnerabilities Vulnerabilities: Scanning ports using tools such as N-map. (netstat command in Windows) Attacker can mask port usage using kernel level Rootkits (which can lie about backdoor listeners on the ports) Attacker can violate 3-way handshake, by sending a RESET packet as soon as SYN-ACK packet is received 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

7 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
UDP Connectionless protocol Used in streaming audio and video applications, and DNS query and response No retransmission of lost packets “Unreliable Damn Protocol” UDP header info: Source/Destination Port numbers Message length Checksum Data 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

8 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
UDP Vulnerabilities Lack of a 3-way handshake Lack of control bits hinders control Lack of sequence numbers also hinders control Scanning UDP ports is also harder, since there are no code bits (SYN, ACK, RESET)False positives common since the target systems may n oty send reliable ICMP (port unreachable) messages. 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

9 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
IP Used for all traffic moving across the internet Dotted-quad notation ( ) Netmasks Packet fragmentation in IP Vulnerability 1: Tiny fragment attack (the first fragment does not have TCP port number; rest of the header in a different fragment Vulnerability 2: Fragment overlap attack; first fragment carries a non-monitored port address, the second fragment’s offset overlaps the first to overwrite the header of the first fragment containing the port number 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

10 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly
IP Vulnerabilities Packet fragmentation in IP Vulnerability 1: Tiny fragment attack (the first fragment does not have TCP port number; rest of the header in a different fragment Vulnerability 2: Fragment overlap attack; first fragment carries a non-monitored port address, the second fragment’s offset overlaps the first to overwrite the header of the first fragment containing the port number Attackers can map a network using TTL (Time-to-Live) field Attackers can determine packet filtering firewall rule sets using Firewalk 9/18/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Download ppt "Overview of Networking & Operating System Security"

Similar presentations

TCP/IP Christopher Zacky. lolwut Decimal Numbers.

TCP/IP Christopher Zacky. lolwut Decimal Numbers.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
Guide to TCP/IP, Second Edition1 Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols.

Guide to TCP/IP, Second Edition1 Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
Communication Protocols II Ninth Meeting. TCP/IP family.

Communication Protocols II Ninth Meeting. TCP/IP family.
Lecture 5: TCP/IP OSI layers 3 (IP) and 4 (TCP/UDP) IPv4 – addresses and routing, “best-effort” service Ethernet, Appletalk, etc wrap IP packets with their.

Lecture 5: TCP/IP OSI layers 3 (IP) and 4 (TCP/UDP) IPv4 – addresses and routing, “best-effort” service Ethernet, Appletalk, etc wrap IP packets with their.
TRANSPORT LAYER  Session multiplexing  Segmentation  Flow control (TCP)  Connection-oriented (TCP)  Reliability (TCP)

TRANSPORT LAYER  Session multiplexing  Segmentation  Flow control (TCP)  Connection-oriented (TCP)  Reliability (TCP)
Module A.  This is a module that some teachers will cover while others will not  This module is a refresher on networking concepts, which are important.

Module A.  This is a module that some teachers will cover while others will not  This module is a refresher on networking concepts, which are important.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.
Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.

Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.
TCP. Learning objectives Reliable Transport in TCP TCP flow and Congestion Control.

TCP. Learning objectives Reliable Transport in TCP TCP flow and Congestion Control.
Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.

Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.
Transport Layer TCP and UDP IS250 Spring 2010

Transport Layer TCP and UDP IS250 Spring 2010
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 12 Transmission Control Protocol (TCP) Basics.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 12 Transmission Control Protocol (TCP) Basics.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.

January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Chabot College ELEC 99.08 Ports (Layer 4).

Chabot College ELEC Ports (Layer 4).
1 7-Oct-15 OSI transport layer CCNA Exploration Semester 1 Chapter 4.

1 7-Oct-15 OSI transport layer CCNA Exploration Semester 1 Chapter 4.
Chap 9 TCP/IP Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology

Chap 9 TCP/IP Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology

Similar presentations

Ads by Google