CSCI6268L18 - Foundations of Network and Computer Security...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Foundations of Network and Foundations of Network and Computer Security Computer Security J J ohn Black Lecture #18 Oct 12 th 2009 CSCI 6268/TLEN 5550, Fall 2009
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
The Big (Partial) Picture Primitives Block Ciphers Hash Functions Hard Problems Stream Ciphers First-Level Protocols Symmetric Encryption Digital Signatures MAC Schemes Asymmetric Encryption Second-Level Protocols SSH, SSL/TLS, IPSec Electronic Cash, Electronic Voting (Can do proofs) (Can do proofs) (No one knows how to prove security; make assumptions)
Background image of page 2
Network Security Haven’t we already been talking about network security?! Kind of… cryptography is a central part of it Cryptography is nice because it’s a neatly packaged science; but we’re done for now Network security itself is a vast area with fuzzy borders Research tends to be more ad hoc How do we stop attack A, how do we prevent bug B, how do we detect or tolerate intrusions, etc.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Crypto …. Good The easiest way to break into a computer is usually not by breaking the crypto We’ve said this a number of times in this class before; there are usually easier ways Let’s suppose we want to break into a friend’s account on CSEL What kind of friend are you?? Ok, give me methods… simple methods
Background image of page 4
Ok, Breaking into a “Friend’s” Acct Fake Login Screen Shoulder Surfing Password Cracker MD5 hashes publicly available on web Social engineering Hard to trick CSOps though Might be easy to impersonate CSOps! Key loggers Software and hardware versions Keystroke analysis Ok, getting obscure
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Networking Refresher For some of you this will be boring… sorry The basic model: ISP ISP Backbone (not a single line these days) LAN LAN Eth user1 user2
Background image of page 6
Basic Networking Suppose user1 sends a UDP packet to user2, what happens? What’s UDP? User Datagram Protocol Just like IP but with ports Well, first we need an IP address! What’s an IP address For IPv4, it’s a “dotted quad” of bytes Ex, 128.138.242.21 32 bits For IPv6, it’s 128 bits – 16 bytes in hex separated by colons
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Running out of IP addresses 2 32 is a lot, but we’re having problems A lot of hosts out there The class A, B, C scheme is wasteful Though subnetting helps A lot of NAT Boxing “helps” Since we’re getting by, it means a slower migration to IPv6
Background image of page 8
Sending a UDP packet Assume IPv4
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 28

CSCI6268L18 - Foundations of Network and Computer Security...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online