CSCI6268L20 - Foundations of Network and Computer Security...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Foundations of Network and Foundations of Network and Computer Security Computer Security J J ohn Black Lecture #20 Oct 16 th 2009 CSCI 6268/TLEN 5550, Fall 2009
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
TCP – Transmission Control Protocol Stateful connections Runs over IP just like UDP, but adds more than just ports Establish a connection with listen() and connect() IP and UDP were “stateless” protocols Reliable delivery Unlike best-effort, this protocol guarantees delivery of packets, in proper order Uses sequence numbers, sliding windows, ACKs every transmission
Background image of page 2
Crypto on a Network How do we do crypto on a network? We’ve seen application-layer examples SSL/TLS, SSH This is called “end-to-end” cryptography, meaning between hosts The routers don’t care if the innermost part of each packet (the “payload”) is ciphertext or plaintext IPSec IPSec does crypto at the network layer (the IP layer) Extremely well-engineered; hardly used We won’t study IPSec in this course
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Network Security: The Biggest Challenges What are the biggest problems now, today, on the Internet What are the most common types of attacks? Viruses, worms Break-ins via software vulnerabilities Denial of Service attacks (DoS) – And Distributes Denial of Service (DDoS) What about keyloggers, spyware, rootkits? Not as relevant to network security More likely to be end-results of other break-ins – A recent virus was found to install a keylogger
Background image of page 4
Viruses (Worms) Today, most everyone just calls them viruses Technically most are “worms” Worm is a self-contained propagating program Viruses embed in other programs and self- replicate Kind of like viruses in biology
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Viruses: History Morris Worm, Nov 2 nd , 1988 The first worm (I know of) was the Morris worm Robert T. Morris, Jr. 23 years old Cornell grad student Father worked at the NSA (whoops!) Wrote a self-propagating program as a “test concept” Exploited Unix vulnerabilities in sendmail and fingerd Released at MIT Bug in the worm caused it to go wild – Probably wouldn’t have caused much damage otherwise!
Background image of page 6
Morris Worm (cont) Shut down thousands of Unix hosts But this was 1988… Reactions People didn’t know what to do, so they panicked Disconnected from net Unable to receive patches! Morris fined $10k, 3 yrs probation, 400 hrs community service CERT was created
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CERT -- They were first Carnegie mellon Ermergency Response Team But don’t expand it into an acronym Provide technical advice and coordinate responses to security compromises Identify trends in intruder activity Work with other security experts to identify solutions to security problems Disseminate information to the broad community Analyze product vulnerabilities Publishes technical documents Presents training courses
Background image of page 8
Modern Viruses Almost all look for Windows hosts
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/11/2010 for the course CS 6268 taught by Professor Black during the Spring '09 term at University of Colombo.

Page1 / 36

CSCI6268L20 - Foundations of Network and Computer Security...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online