44 - CprE 530 Lecture 15 Topics TCP vulnerabilities UDP UDP...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
CprE 530 Lecture 15 Topics TCP vulnerabilities UDP UDP vulnerabilities • UDP vulnerabilities DNS
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Header Based There have been several attacks using invalid flag combinations. Most have been fixed, however this is now used to help determine the type o now used to help determine the type of operating system – Probing attacks • Invalid header responses • Initial values – sequence numbers – Window size Protocol Based Syn flood Reset Packets Session Hijacking • Session Hijacking
Background image of page 2
SYN Flood Attacker A2 Attacker A1 Victim Internet Attacker A3 Attacker A4 Attacker A5 Valid User SYN Flood
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Reset Shutdown Session Hijacking Victim Attacker Server Internet Network where the attacker can see the traffic between the Victim and the Server Router
Background image of page 4
Session Hijacking Attacker Server Victim SYN SYN+ ACK ACK DATA RST DATA DATA DATA + ACK Passive Network Filter User Filter Server Internet Network where the filter can see the traffic between the user and the server Router
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Passive Network Filter Mitigation Encryption can fix Session hijacking Reset is harder Syn flood is hard • Syn flood is hard
Background image of page 6
Authentication Based No authentication in TCP Ports might be considered an authentication of the application Traffic Based Flooding (using all of the TCP resources) QOS Sniffing
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
User Datagram Protocol Designed to allow connectionless protocols Typical applications will send one • Typical applications will send one packet and wait for a single response. Source Port Destination Port UDP Tota l Length Checksum UDP Attacks Header & Protocol: None since there is no protocol and very simple header Authentication: same as TCP Traffic: typically not a problem. Sniffing is a • Traffic: typically not a problem. Sniffing is a potential problem, but most UDP protocols don’t try to hide data. Flooding is hard with UDP.
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 23

44 - CprE 530 Lecture 15 Topics TCP vulnerabilities UDP UDP...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online