CSCI6268L20 - Foundations of Network and Computer Security...

Info icon This preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Foundations of Network and Foundations of Network and Computer Security Computer Security J J ohn Black Lecture #20 Oct 16 th 2009 CSCI 6268/TLEN 5550, Fall 2009
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
TCP – Transmission Control Protocol Stateful connections Runs over IP just like UDP, but adds more than just ports Establish a connection with listen() and connect() IP and UDP were “stateless” protocols Reliable delivery Unlike best-effort, this protocol guarantees delivery of packets, in proper order Uses sequence numbers, sliding windows, ACKs every transmission
Image of page 2
Crypto on a Network How do we do crypto on a network? We’ve seen application-layer examples SSL/TLS, SSH This is called “end-to-end” cryptography, meaning between hosts The routers don’t care if the innermost part of each packet (the “payload”) is ciphertext or plaintext IPSec IPSec does crypto at the network layer (the IP layer) Extremely well-engineered; hardly used We won’t study IPSec in this course
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Network Security: The Biggest Challenges What are the biggest problems now, today, on the Internet What are the most common types of attacks? Viruses, worms Break-ins via software vulnerabilities Denial of Service attacks (DoS) And Distributes Denial of Service (DDoS) What about keyloggers, spyware, rootkits? Not as relevant to network security More likely to be end-results of other break-ins A recent virus was found to install a keylogger
Image of page 4
Viruses (Worms) Today, most everyone just calls them viruses Technically most are “worms” Worm is a self-contained propagating program Viruses embed in other programs and self- replicate Kind of like viruses in biology
Image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Viruses: History Morris Worm, Nov 2 nd , 1988 The first worm (I know of) was the Morris worm Robert T. Morris, Jr. 23 years old Cornell grad student Father worked at the NSA (whoops!) Wrote a self-propagating program as a “test concept” Exploited Unix vulnerabilities in sendmail and fingerd Released at MIT Bug in the worm caused it to go wild Probably wouldn’t have caused much damage otherwise!
Image of page 6
Morris Worm (cont) Shut down thousands of Unix hosts But this was 1988… Reactions People didn’t know what to do, so they panicked Disconnected from net Unable to receive patches! Morris fined $10k, 3 yrs probation, 400 hrs community service CERT was created
Image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
CERT -- They were first Carnegie mellon Ermergency Response Team But don’t expand it into an acronym Provide technical advice and coordinate responses to security compromises Identify trends in intruder activity Work with other security experts to identify solutions to security problems Disseminate information to the broad community Analyze product vulnerabilities Publishes technical documents Presents training courses
Image of page 8
Modern Viruses Almost all look for Windows hosts Windows runs on more than 90% of desktops these days
Image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern