Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS4622: Computer Networking

PublishMichel Boulet Modified over 6 years ago

Similar presentations

Presentation on theme: "CS4622: Computer Networking"— Presentation transcript:

1 CS4622: Computer Networking
Group 3: Network Security Ayham Hmemes Hamilton Bradford Janelle Bright Jonathan Reagan Peter Wang

2 ARP POISONING

3 A BRIEF OVERVIEW : ARP: maps the logical address to the physical address (given logical, find physical) Keep in mind that the Tx doesn’t know the physical address of the Rx – and the IP address alone IS NOT enough info to tell the Tx where the RX is located – this is the problem ARP solves The Tx broadcast out an ARP query packet to all stations on the network – the packet contains the Tx’s physical/IP addresses and the IP address it’s seeking to find a physical address for. All stations on the network receives the query packet however, only the station with that IP responds The responding Rx sends back it’s physical address (in a unicast form) to the Tx Now the Tx can unicast the actual data to the Rx

4 Computer 1 → computer 2 Computer 1 → computer 3 Arp table for computer 1 will have : Computer 1 will be able to communicate with computer 2 and 3, because now it has both ip and mac address for each one of them. IP Addresses Mac Addresses Computer 2 IP address Computer 2 MAC address Computer 3 IP address Computer 3 MAC address

5 ARP POISONING: IP Address MAC address Router’s IP address
We will send fake ARP requests to the target, linking our MAC address with the IP address of the Gateway (Router) So the victim’s Arp table will look like : So now all the traffic that the victim sends to Wi-Fi Router, will be directed to us , but not to the Gateway IP Address MAC address Router’s IP address Our (hacker) MAC address

6 Redirect the received data after spying or modifying it
Let’s see this visually: data Redirect the received data after spying or modifying it Fake ARP requests

7 TIPS TO PREVENT ARP SPOOFING
If your network has been compromised by ARP spoofing, there are some methods you can try to prevent further damage or privacy breach. Use Anti-ARP Tools If you have any idea of what type of ARP spoofing tool the attacker is using, find a tool that can counter it. Using static ARP is one of the many methods to prevent ARP spoofing attack. However, static ARP can only prevent simple ARP attacks, and cannot be relied upon as a failsafe ARP spoofing defense tool. Use ARP-Spoofing Proof Switches Most modern switches come with the built-in ARP spoofing protection feature. You can use these switches to protect your network or computer from ARP spoofing attacks and ensure the protection of your privacy. Use Virtual Private Networks One of the best ways to protect your computer from ARP spoofing attack is by using a VPN.  A VPN will allow you to do online activities through an encrypted tunnel. Not only is the mode of transmission encrypted but also the data that goes through it. So, even if your network is compromised by ARP spoofing, your privacy, data or conversation will remain secure because the attacker won’t be able to decrypt the 256-bit encrypted data.

8 NON-MALICIOUS USE Proxy ARP1
Proxy ARP allows for multiple physical networks to act as though they were on the same subnet. Network Debugging Exactly how an attacker would use ARP poisoning, it can be used to analyze packets being sent across a network. Firewalls Firewalls can filter packets before they reach the network. 1https://

9 DNS SPOOFING

10 A BRIEF OVERVIEW DNS resolves symbolic domain names to IP addresses
Security was not considered during design of DNS

11 DNS SPOOFING1 Because DNS responses are predictable, the only thing an attacker needs to guess is the Transaction ID (generally 16 bits) Kaminsky exploit builds on this and compromises a domain by attacking an authoritative server Once successful, the attack remains until the response TTL expires 1https://

12 MAN IN THE MIDDLE Targets local networks instead of a vulnerable DNS Resolver Implements ARP Spoofing to intercept DNS requests to/from target and change them

13 TIPS TO PREVENT DNS SPOOFING
DNS Encryption DNSSEC Port Randomization Increasing expiry time for legitimate DNS requests in the cache

14 SQL INJECTION

15 A BRIEF OVERVIEW SQL Programming language used primarily for databases
Created in 1986 Most in-demand programming language for 2017 Companies such as Google, Facebook, and Twitter use SQL Notorious for its major security flaws

16 A BRIEF OVERVIEW SQL Injection
One of the most common hacking techniques Injects malicious code in order to manipulate databases An SQL injection can both insert or delete data in the database

17 WHAT IS SQL INJECTION

18 TIPS TO PREVENT SQL INJECTION
Prevention is quite simple mySQL_real_escape_string(“...”) Prepared Statements Various scripts and guides exist to check for SQL injection vunerabilites

19 SOURCES

Download ppt "CS4622: Computer Networking"

Similar presentations

Man in the Middle Attack

Man in the Middle Attack
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Foundations of Network and Computer Security J J ohn Black Lecture #35 Dec 9 th 2009 CSCI 6268/TLEN 5550, Fall 2009.

Foundations of Network and Computer Security J J ohn Black Lecture #35 Dec 9 th 2009 CSCI 6268/TLEN 5550, Fall 2009.
Man in the Middle attacks and ARP poisoning explained

Man in the Middle attacks and ARP poisoning explained
TELE202 Lecture 10 Internet Protocols (2) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Internet Protocols (1) »Source: chapter 15 ¥This Lecture »Internet.

TELE202 Lecture 10 Internet Protocols (2) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Internet Protocols (1) »Source: chapter 15 ¥This Lecture »Internet.
CSCI 6962: Server-side Design and Programming Secure Web Programming.

CSCI 6962: Server-side Design and Programming Secure Web Programming.
ARP Poisoning Rushad Shaikh CSCI 5931 Web Security Spring 2004.

ARP Poisoning Rushad Shaikh CSCI 5931 Web Security Spring 2004.
DHCP Security DHCP Snooping and Security David Mitchell 03/19/2008.

DHCP Security DHCP Snooping and Security David Mitchell 03/19/2008.
ARP Spoofing Attacks Dr. Neminath Hubballi IIT Indore © Neminath Hubballi.

ARP Spoofing Attacks Dr. Neminath Hubballi IIT Indore © Neminath Hubballi.
* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.

* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.
DNS Cache Poisoning. History 1993 – DNS protocol allowed attacker to inject false data which was then cached 1997 – BIND 16-bit transaction ids not randomized,

DNS Cache Poisoning. History 1993 – DNS protocol allowed attacker to inject false data which was then cached 1997 – BIND 16-bit transaction ids not randomized,
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://www.sans.org/reading-room/whitepapers/protocols/complete-guide-

Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://

Similar presentations

Ads by Google