lecture15-midterm-review

lecture15-midterm-review - 3/3/09 Lecture 15 Midterm Review...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
3/3/09 1 1 Lecture 15 Midterm Review Adrian Perrig 18-731: Network Security Spring 2009 2 Overview Administrative issues Midterm this Thursday 10:30-11:50am Closed book Main focus is on material covered in class Flavor of questions similar to homework Different room, wait for email announcement In today’s lecture, please ask questions!
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
3/3/09 2 3 TCP/IP Insecurity Main problem: no security provisions in IPv4 and TCP (no secrecy or authentication) Additional problem: TCP and IP specifications are ambiguous For example, no specification on how duplicated information is handled Sample security flaw: use IP address to authenticate origin / sender 4 Other IP Level Attacks IP fragment attack Host stores fragments until entire packet arrived Attack: send individual fragments only, host wastes memory to store them Countermeasure? Smurf attack Send packet with broadcast address to network, spoofing victim All hosts on the network will send reply packet to victim This is called a reflector attack, in this case the reflector also performs traffic amplification
Background image of page 2
3/3/09 3 5 TCP ISN Prediction Attack Typical TCP packet exchange A B: SYN(ISN A ) B A: SYN(ISN B ), ACK(ISN A ) A B: ACK(ISN B ) A B: data … Attack: M(A) B: SYN(ISN A ) B A: SYN(ISN B ), ACK(ISN A ) M(A) B: ACK(ISN B ) M(A) B: nasty-data 6 Other TCP Level Attacks TCP SYN flooding Exploit state allocated at server after initial SYN packet Extensive flooding exhausts server’s memory Countermeasures? TCP hijacking If TCP sequence numbers are known, attacker can inject malicious information into TCP stream Countermeasures? TCP poisoning Inject random data into TCP stream to shut down TCP connection Does sequence number need to be known? How many packets are required?
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
3/3/09 4 7 Sample SSL Session Client has no certificate, only server authenticated C S: client_hello S C: server_hello Ephemeral DH key exchange, RC4 encryption, MD5-based MAC S C: Server certificate, containing RSA public key Client checks validity + verifies URL matches certificate! S C: Server_key_exchange: g, p, g s , {H(g, p, g s )} K S -1 S C: server_hello_done C S: client_key_exchange: g c C S: change_cipher_spec C S: finished S C: change_cipher_spec S C: finished 8 Assumptions for Secure SSL CA assumptions No CA root key compromised No employee of any CA can issue a bogus certificate All CAs thoroughly verify owner of domain to issue certificate to Crypto assumptions All crypto algorithms are “secure”, SHA-1, MD5 vulnerabilities?
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/31/2009 for the course ECE 18731 taught by Professor Perrig during the Spring '08 term at Carnegie Mellon.

Page1 / 20

lecture15-midterm-review - 3/3/09 Lecture 15 Midterm Review...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online