Register now to access 7 million high quality study materials (What's Course Hero?) Course Hero is the premier provider of high quality online educational resources. With millions of study documents, online tutors, digital flashcards and free courseware, Course Hero is helping students learn more efficiently and effectively. Whether you're interested in exploring new subjects or mastering key topics for your next exam, Course Hero has the tools you need to achieve your goals.
14 Pages
IPSpoofing
Course: CSCI 5931, Fall 2008School: UH Clear Lake
Rating:
Word Count: 925
Document Preview
Chawla Suneeta Web Security Presentation Topic : I P Spoofing Date : 03/24/04 I P Spoofing What is I P Spoofing? A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host Base for I P spoofing The concept of IP spoofing was discovered as a security weakness in the IP protocol which...
Unformatted Document Excerpt
Coursehero >> Texas >> UH Clear Lake >> CSCI 5931Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Chawla Suneeta Web Security Presentation Topic : I P Spoofing Date : 03/24/04
I P Spoofing
What is I P Spoofing? A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host
Base for I P spoofing The concept of IP spoofing was discovered as a security weakness in the IP protocol which carries the Source IP address and the TCP protocol which contains port and sequencing information.
I P protocol
IP routing is hop by hop. Every IP packet is routed separately. The route of a IP packet is decided by all the routers the packet goes through. IP address spoofing is possible because routers only require inspection of the destination IP address in the packet to make routing decisions. The source IP address is not required by routers and an invalid source IP address will not affect the delivery of packets. That address is only used by the destination machine when it responds back to the source.
TCP Connection Establishment
Types of Spoofing attacks
1. Non-Blind Spoofing Takes place when the attacker is on the same subnet as the victim. This allows the attacker to sniff packets making the next sequence number available to him.
Types of Spoofing attacks (contd.)
The first stage of this attack is to prevent Victim from sending RST packets to host Target once the attack begins. This can be done by flooding the Victim with SYN messages. Attacker initiates handshake message with the Target using the spoofed IP address. Target responds to the Victim with a SYN + ACK message which is sniffed by the Attacker to find out which sequence number is expected next for the ACK messages and sends it.
Types of Spoofing attacks contd.
2. Blind Spoofing
Usually the attacker does not have access to the reply. e.g. Host C sends an IP datagram with the address of some other host (Host A) as the source address to Host B. Attacked host (B) replies to the legitimate host (A) The sequence and acknowledgement numbers from the victim are unreachable. In order to circumvent this, several packets are sent to the victim machine in order to sample sequence numbers.
Types of Spoofing attacks contd.
Attacker connects to a TCP port on the victim prior to starting an attack to completes the three-way handshake, making sure that the initial sequence number (ISN) is recorded. This is repeated several times to determine the Round Trip Time (RTT) and the final ISN retained. The RTT is necessary to predict the next ISN. A spoofed ACK message is sent from the attacker to the server:
If the NSN is less than what is expected by the actual server, it considers it as a resent message and ignores it. If the NSN is correctly guessed, the target server responds back. If the NSN is greater than the expected but NSN it is within the window of packets expected by the server, the server waits until all the packets prior to that are received. If the NSN is greater than the expected NSN and is beyond the window of expected packets, the server just discards the packet.
Types of Spoofing attacks contd.
3. I CM P redirect The attacker sends a spoofed ICMP redirect message that appears to come from the host` s default gateway.
192.168.1.2
192.168.1.3 Forged packet
192.168.1.1
Internet
192.168.1.4
e.g. Host 192.168.1.4 sends a forged ICMP packet to host 192.168.1.3, saying the route through 192.168.1.4 is a better way to internet. The source IP address of this forged ICMP packet is the gateway' s IP address 192.168.1.1. Then all the traffic from 192.168.1.3 to internet will go through 192.168.1.4.
Services Vulnerable to I P Spoofing
1. RPC (Remote Procedure Call services) RPC multiplexes many services on top of one framework. Portmapper directs clients to the service that they want. Some of these services include NIS, NFS, and Exchange mail. Portmapper is usually secure, but the services below it often are not. 2. Any service that uses I P address authentication 3. X Window system You can run programs on other people's displays, snoop their keystrokes and mouse movements, lock their screens etc. 4. R services suite (rlogin, rsh, etc.) To prevent these sorts of attacks, users should have uncrackable passwords, and all shell access should be strongly authenticated and encrypted.
How to prevent Spoofing Attacks
1. Avoid using the source address authentication. Implement cryptographic authentication system wide. 2. Disable all the r* commands, remove all .rhosts fi...
Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more.
Course Hero has millions of course specific materials providing students with the best way to expand
their education.
Below is a small sample set of documents:
Below is a small sample set of documents:
UH Clear Lake - CSCI - 5931
SSH The `Secure' ShellCourse: CSCI 5931 Web Security Instructor : Dr.YangPresented by Karthik Sadasivam05/18/09 1Secure What. ? `Secure shell is a de facto standard for remote logins and encrypted file transfers.' [SSH communicati
UH Clear Lake - CSCI - 5931
Topic: Vulnerabilities in SNMP implementationsSubmitted By: Harini Varatharajan Abstract: The Simple Network Management Protocol (SNMP) is used extensively to remotely monitor and configure almost all types of modern TCP/IP-enabled devices. While SN
UH Clear Lake - CSCI - 5931
CSCI 5931 Web Security Author: Tarun Lall Presentation abstract Topic: Session HijackingThe presentation explains the Session Hijacking. Session Hijacking is any Security attack, carried out by an Intruder, which attempts to insert commands into a
UH Clear Lake - CSCI - 5931
Session HijackingTarun LallWhat is Session Hijacking TCP Connection Takeover Takeover of a Web Application SessionState ManagementHTTP is Stateless Web Applications need state User Logins Shopping CartsState Management, Cont'dC
UH Clear Lake - CSCI - 5931
Security Vulnerabilities in RPC(csci5931)by Shaheen PattanRPC Security (1)Distributed applications may require a number of security measures, including: Authentication Authorization (access control) Data integrity Data privacyDCE Security
UH Clear Lake - CSCI - 5931
Vulnerabilities in peer to peer communicationsWeb SecuritySravan Kunnuri What is peer to peer communicationPeertopeer is a communications model in which each party has the same capabilities and either party can initiate a communicati
UH Clear Lake - CSCI - 5931
Wireless SecurityPresented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang Going WirelessRecent technologies include 802.11b,802.11g etc. Most commonly and widely present are 802.11b (11 mbps) 802.11b uses security techniques like
UH Clear Lake - CSCI - 5931
Title: A Stateful Intrusion Detection System for World-Wide Web Servers Authors: Giovanni Vigna, William Robertson, Vishal Kher, Richard A. Kemmerer Department of Computer Science University of California, Santa Barbara Annual Computer Security Appli
UH Clear Lake - CSCI - 5931
A Stateful Intrustion Detection System for Worldwide Web Servers19th Annual Computer Security Applications Conference December 08 12, 2003 Las Vegas, Nevada Vigna G, Robertson W, Kher V, Kemmerer R Department of Computer Science UC, Santa Baraba
UH Clear Lake - CSCI - 5931
WS Security RoadmapDave Tran CSCI5931 Web Security WS Security Roadmap Proposed by IBM and MicrosoftWS Security Roadmap Whatis a Web Service? ". application components whose functionality and interfaces are exposed to potential users through th
UH Clear Lake - CSCI - 5931
Name: Pradeep Rath Topic: Measures to prevent Man-in-the-middle-Attack and their effectiveness AbstractDefinition: Man-in-the-middle attack is a type of attack upon when two users are communicating remotely through internet, exchange public keys to
UH Clear Lake - CSCI - 5234
CSCI 5931 Web Security Your name:Midterm exam (3/10/04) Score:p.1 of 7 / 60.Important: Budget your time! Do not spend too much time on any single question. A. (14 pts) Write, within the parenthesis, the best answer from the given choices: 1. (
UH Clear Lake - CSCI - 5234
CSCI5931 Web SecuritySpring 2004Final Exam5/12/2004Note: This is an open-book exam. Please write your answers within the space provided. If you would need more space to write, feel free to use the back of the pages. In that case, make sure cl
UH Clear Lake - CSCI - 5931
CSCI 5931 Web security Team 1A : Tarun lall & Karthik Sadasivam Questions on the veriSign's Technical Brief: "Building an E-Commerce Trust Infrastructure: SSL Server Certificates and Online Payment Services"1. By offering products and services on
UH Clear Lake - CSCI - 5931
Questions & Answers on the veriSign's Technical Brief:"Building an E-Commerce Trust Infrastructure: SSL Server Certificates and Online Payment Services" 3. To succeed in the fiercely competitive e-commerce marketplace, businesses must become fully a
UH Clear Lake - CSCI - 5931
CSCI 5941 web security Spring 2004 Questions on the veriSign's Technical Brief: "Building an E-Commerce Trust Infrastructure: SSL Server Certificates and Online Payment Services" Group 2B Abdul Mohammed Imtiaz Paniwala Q 4). List and explain three or
UH Clear Lake - CSCI - 5931
5. Four goals were discussed in section 1.B of the article. Availability was not one of them. Should an e-commerce site be concerned with availability? Justify your answer. Sol: Availability is about being able to use the service when needed and with
UH Clear Lake - CSCI - 5931
6 The 2 proposed solutions are digital certificates for web servers and secure online payment management system. Digital certificates can be used for authentication indirectly because it is used to identify the server in the SSL handshakes. Once SSL
UH Clear Lake - CSCI - 5931
8. Explain why symmetric cryptography is considered as impractical in today's webbased systems. Traditional symmetric cryptographic systems are based on the idea of a shared secret. In such a system, twp parties that want to communicate securely firs
UH Clear Lake - CSCI - 5931
Team 5 a. Amit Kumar Singh Sai Jagadish Maddikayala. 9. Explain why a hybrid approach of combining both public-key and traditional symmetric cryptography is used in modern cryptographic systems. The reason for using hybrid approach is that public-key
UH Clear Lake - CSCI - 5931
Edward Murphy CSCI 5931 Web Security Midterm Questions 10) What is the Key Management Problem in the context of symmetric and public key cryptography? Symmetric key cryptography is based on the idea of a shared secret, 2 parties agree on using a sing
UH Clear Lake - CSCI - 5234
CSCI 5931 Web security Team 1A : Tarun lall & Karthik Sadasivam Questions on the veriSign's Technical Brief: "Building an E-Commerce Trust Infrastructure: SSL Server Certificates and Online Payment Services"1. By offering products and services on
UH Clear Lake - CSCI - 5234
Questions & Answers on the veriSign's Technical Brief:"Building an E-Commerce Trust Infrastructure: SSL Server Certificates and Online Payment Services" 3. To succeed in the fiercely competitive e-commerce marketplace, businesses must become fully a
UH Clear Lake - CSCI - 5234
CSCI 5941 web security Spring 2004 Questions on the veriSign's Technical Brief: "Building an E-Commerce Trust Infrastructure: SSL Server Certificates and Online Payment Services" Group 2B Abdul Mohammed Imtiaz Paniwala Q 4). List and explain three or
UH Clear Lake - CSCI - 5234
5. Four goals were discussed in section 1.B of the article. Availability was not one of them. Should an e-commerce site be concerned with availability? Justify your answer. Sol: Availability is about being able to use the service when needed and with
UH Clear Lake - CSCI - 5234
6 The 2 proposed solutions are digital certificates for web servers and secure online payment management system. Digital certificates can be used for authentication indirectly because it is used to identify the server in the SSL handshakes. Once SSL
UH Clear Lake - CSCI - 5234
Group 4 ATeam members: Rushad Shaikh & Pradeep Rath Q.7 In section II.A, it was stated that "This section presents background technical information on cryptographic systems, including Public Key Cryptography, the system underlying Secure Sockets Lay
UH Clear Lake - CSCI - 5234
8. Explain why symmetric cryptography is considered as impractical in today's webbased systems. Traditional symmetric cryptographic systems are based on the idea of a shared secret. In such a system, twp parties that want to communicate securely firs
UH Clear Lake - CSCI - 5234
Cryptography: an overviewcsci5233 computer security & integrity1Outline Securitycomponents Security mechanisms: Symmetric Cryptography Asymmetric Cryptography Cryptographic Checksums Digital Signaturescsci5233 computer security & inte
UH Clear Lake - CSCI - 5234
CSCI 5931 Web Security Supplemental Notes for Chapter 10 of the GS book: TunnelServer.java NOTE: Correction! The diagram below illustrates how the two instances of TunnelServer, one on the client machine (that's where JDBCTest.java is located), and
UH Clear Lake - CSCI - 5234
Bishop: Chapter 27 System Security1OutlineVarious systems require different configurations and administration.web server system, development system, corporate data system, . Policy System AdministrationNetworks Users Authentication
UH Clear Lake - CSCI - 5939
Web Service and SecurityLilly Wang1Agenda Brief introduction to web service Web service security Wireless web service2Software Evolution Main frame based TwoTier Client Server Webbased Ntier Client Server Web centric hig
UH Clear Lake - CSCI - 5939
Overview of J2ME and PocketPC Support for both in the PDA, mobile phone market Securing J2ME/MIDP applications using Bouncy Castle Crypto APIsPresented by: Atul Shrivastava CSCI 5939 Instructor: Dr. Yang Date: 27th March 2003 1What is J2ME?
UH Clear Lake - CSCI - 5939
WAP Public Key InfrastructureBy: Juan Cao For: CSCI5939 Instructor: Dr. T. Andrew Yang Date: 04/03/200305/18/091What is PKI?Public-Key Infrastructure (PKI) is the combination of software, encryption technologies, and services that enables
UH Clear Lake - CSCI - 5939
Evaluation of a Publish/Subscribe System for Collaboration and Mobile Working Collaborative Advertising over Internet with Agents Independent Study: Wireless Security Presented by: Lin Bei Instructor: Dr.Yang Date: 04.05.2003Collaborative Mobile W
UH Clear Lake - CSCI - 5939
Challenges of Wireless Security TCP in WiredCumWireless EnvironmentsPresented by Vijaiendra Singh Bhatia CSCI 5939 Independent Study Wireless Security Introduction Most of the wireless technologies were not designed with security as top pri
UH Clear Lake - CSCI - 5939
NETWORK WORLD NEWSLETTER: KEITH SHAW ON MOBILE COMPUTING02/06/03Today's focus: Gartner: 2002 not so hot for PDAsDear Andrew Yang,In this issue:* PDA shipment fell 9.1% last year* Links related to Mobile Computing* Featured reader resource
UH Clear Lake - CSCI - 5234
An Online Grades Calculation and Reporting ApplicationCourse: Web Security Instructor: Dr. Yang Student: Tan Nguyen Hung TranUML DiagramUser -UserID -UserName -Password -Role -FullName * * 1 1 Grades * GradingSystem -CourseID -Category -Percenta
UH Clear Lake - CSCI - 5234
Web-based Console for Controlling a Wireless Sensor Network (WeConWSN)Course: Web Security Instructor: Dr. Andrew T. Yang Students: Dung Nguyen Toan Le3-Tier design3-Tier designPresentation tier: provide Nodes configuration and User management
UH Clear Lake - CSCI - 5234
Team 5 a. Amit Kumar Singh Sai Jagadish Maddikayala. 9. Explain why a hybrid approach of combining both public-key and traditional symmetric cryptography is used in modern cryptographic systems. The reason for using hybrid approach is that public-key
UH Clear Lake - CSCI - 5234
Edward Murphy CSCI 5931 Web Security Midterm Questions 10) What is the Key Management Problem in the context of symmetric and public key cryptography? Symmetric key cryptography is based on the idea of a shared secret, 2 parties agree on using a sing
Allan Hancock College - MGT - 2201
MGT 2201 Administrative ManagementModule 6 Conflict, Stress and Group Dynamics Amongst Administrative Employees Where have we been? Basic principles of management Administrative management and changes therein Recruiting, selecting, de
Allan Hancock College - MGT - 2201
MODULE 3Recruitment, Selection and Development of Administrative Employees Where have we been?Where have we been? Basic management principles Systems view of management Functions of management Skills required by managers Definition and
Allan Hancock College - NSC - 1951
NSC 1951 Biophysical Science Foundations Mid-Semester Physics Exam Semester 1 2006 Date: Time: Duration: Friday 31st March, 2006 7.50 am to 8.55 am 60 minutes 30 multiple choice /30 5 Short Ans Ques /10 TOTAL /40Number of questions:Material Exami
Allan Hancock College - NSC - 1951
NSC1951 Biophysical Science Foundations End - Semester Chemistry & Biochemistry Exam Semester 1 2006 Date: Time: Duration: Wednesday 21st June, 2006 9.00am Perusal: Working: 10 minutes 2 hoursVenue: Toowoomba: Rumours ~ Upstairs Wide Bay: To be adv
Allan Hancock College - NSC - 1951
NSC1951 Biophysical Science Foundations Physics Lectures 1-9 Sample Mid-Semester Exam Questions 1. In relation to sound, the number of complete waves per second is the: a) Velocity b) Amplitude c) Frequency d) Intensity 2. The crystalline lens in the
Allan Hancock College - NSC - 1951
NSC1951 Biophysical Science Foundations Physics Lectures 1-9 Sample Mid-Semester Exam Answers 1. c 2. b 3. d 4. a 5. a 6. a 7. b 8. b 9. a 10. e 11. a 12. b 13. d 14. a 15. a 16. Inertia is the resistance to a change in the state of rest or motion of
Allan Hancock College - NSC - 1951
Question 5 The name of AlPO4 is a) Aluminium phosphide b) Alum phosphate c) Aluminium phosphate d) Aluminium phosphorous oxide e) Aluminium phosphiteQuestion 7 What is the formula of the ionic compound Barium hydroxide a) Ba(OH) b) Ba2(OH) c) BaOH2
Allan Hancock College - NSC - 1951
NSC1951 Answers to End Semester Sample Questions Chemistry Module: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. a a c d c b d d d c a c c eBiochemistry Module1. a 2. a 3. c 4. d 5. c 6. d 7. e 8. a 9. b 10.b 11.b 12.a 13.e 14.b 15.a
Allan Hancock College - NSC - 1951
Self Directed Learning 1: Light and the EyeREFERENCES: Nave and Nave. 1985. Physics for the Health Sciences. 3rd ed. W.B. Saunders, Philadelphia. (Out of print). Cree and Rischmiller. 2001. Science in Nursing. 4th ed. The Eyes and Seeing. 2nd ed. Vi
Allan Hancock College - NSC - 1951
Self Directed Learning 2: Sound & HearingREFERENCES: 1. 2. 3. 4. Nave, C.R. & Nave, B.C. 1985. Physics for the health sciences. 3rd ed. W.B. Saunders, Philadelphia. pp299-303, Audiograms. Cree, L. and Rischmiller, S. 2001. Science in nursing. 4th ed
Allan Hancock College - NSC - 1951
NSC1951 BIOPHYSICAL SCIENCE FOUNDATIONSSELF DIRECTED LEARNING 3Self Directed Learning 3: Electricity & Electrical SafetyREFERENCE MATERIAL 1. 2. Australian Standard 2500. (1986). AGPS. Cree, L. and Rischmiller, S. 2001. Science in Nursing. 4th ed
Allan Hancock College - NSC - 1951
Self Directed Learning 5: Chemical Quantities & Equation; SolutionsPROBLEMS 1. State the number of atoms of each element in the following formulae. Use this information and the ATOMIC WEIGHTS shown on the Periodic Table, to calculate the MOLECULAR/
Allan Hancock College - NSC - 1951
Self Directed Learning 6: Acids & BasesPROBLEMS 1. Define STRONG ELECTROLYTES, WEAK ELECTROLYTES and NONELECTROLYTES. Name at least two (2) examples of each in the human body. ELECTROLYTES = Substances that dissolve in H2O Cations & anions +ve & -v
Allan Hancock College - NSC - 1951
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>f3057c8b8dbfb6e356f0eea3b7fd0bdc0265e7e8.doc</Key><RequestId>5 4E4E7A15F797CFF</RequestId><HostId>3ST+Uh/IPSgk0ATtbGSf57ZZj74
Allan Hancock College - NSC - 1951
Self Directed Learning 8: Proteins & Enzymes1 Match the following functions of proteins with the examples listed below: 1 catalytic 2 structural 3 transport 4 storage 5 protective 6 hormonal a b c d e f g h 2 haemoglobin collagen keratin amylase ins
Allan Hancock College - NSC - 1951
NSC1951 BIOPHYSICAL SCIENCE FOUNDATIONSSELF DIRECTED LEARNING 9Self Directed Learning 9: Carbohydrates & Nucleic AcidsCARBOHYDRATES 1 List three functions of carbohydrates in living organisms. Source of energy Source of carbon other componen
Allan Hancock College - NSC - 1951
NSC1951 BIOPHYSICAL SCIENCE FOUNDATIONSSELF DIRECTED LEARNING 10Self Directed Learning 10: Digestion and MetabolismPROBLEMS 1. Define each of the following terms: a. MetabolismMetabolism "all reactions within cells" Several reactions "pathwa
Allan Hancock College - NSC - 1951
NSC1951 BIOPHYSICAL SCIENCE FOUNDATIONSLABORATORY SESSION TOPIC 3Laboratory Session Topic 3: Introductory Chemistryi) Matter, Atoms & ElementsPROBLEMS 1. 2. a. b. c. d. e. f. 2. It has its own shape and the attraction between molecules is strong
Allan Hancock College - NSC - 1951
COMMONWEALTH OF AUSTRALIA Copyright Regulations 1969 WARNING This material has been copied and communicated to you by or on behalf of The University of Southern Queensland pursuant to Part VA of the Copyright Act 1968 (the Act). The material in this
Allan Hancock College - NSC - 1951
COMMONWEALTH OF AUSTRALIA Copyright Regulations 1969 WARNING This material has been copied and communicated to you by or on behalf of The University of Southern Queensland pursuant to Part VA of the Copyright Act 1968 (the Act). The material in this