2.10.network-attacks.v1

2.10.network-attacks.v1 - Network Attacks CS 161 - Computer...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Network Attacks CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/ Feb 10, 2010
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Layers 1 & 2: General Threats? Application Transport (Inter)Network Link Physical 7 4 3 2 1 Encoding bits to send them over a single physical link e.g. patterns of voltage levels / photon intensities / RF modulation Framing and transmission of a collection of bits into individual messages sent across a single “subnetwork” (one physical technology)
Background image of page 2
3 Physical/Link-Layer Threats: Eavesdropping • For subnets using broadcast technologies (e.g., WiFi, some types of Ethernet), get it for “free” Each attached system’s NIC (= Network Interface Card) can capture any communication on the subnet Some handy tools for doing so o Wireshark o tcpdump / windump o bro (demo) • For any technology, routers (and internal “switches”) can look at / export traffic they forward • You can also “tap” a link Insert a device to mirror physical signal Or: just steal it!
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Stealing Photons
Background image of page 4
5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 • With physical access to a subnetwork, attacker can Overwhelm its signaling o E.g., jam WiFi’s RF Send messages that violate the Layer-2 protocol’s rules o E.g., send messages > maximum allowed size, sever timing synchronization, ignore fairness rules • Routers & switches can simply “drop” traffic • There’s also the heavy-handed approach … Physical/Link-Layer Threats: Disruption
Background image of page 6
7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 • With physical access to a subnetwork, attacker can create any message they like • May require root/administrator access to have full freedom • Particularly powerful when combined with eavesdropping Can manipulate existing communications Physical/Link-Layer Threats: Injection
Background image of page 8
9 Layer 3: General Threats? Application Transport (Inter)Network Link Physical 7 4 3 2 1 Bridges multiple “subnets” to provide end-to-end internet connectivity between nodes 4-bit Version 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Total Length (Bytes) 16-bit Identification 3-bit Flags
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/14/2010 for the course CS 161 taught by Professor Wagner during the Spring '10 term at University of Central Arkansas.

Page1 / 24

2.10.network-attacks.v1 - Network Attacks CS 161 - Computer...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online