cse443-lecture-16-networksecurity - Lecture 16 - Network...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Lecture 16 - Network Security CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger The network … Internet LAN (perimeter) (hosts/desktops) (edge) (server) (remote hosts/servers) 2
Background image of page 2
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Internet Services Internet Protocol (IP) Really refers to a whole collection of protocols making up the vast majority of the Internet Routing How these packets move from place to place? Network management Administrators have to maintain the services and infrastructure supporting everyone’s daily activities Quality of service How do we ensure that we get our fair share of network resources, e.g., bandwidth? 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Reality Networks are not secure . . Never meant to be . ... Designers of Internet saw security as largely orthogonal to network services . . 4
Background image of page 4
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Protocol used to map IP address onto the physical layer addresses (MAC) 1) ARP request: who has x.x.x.x? 2) ARP response: me! Policy: last one in wins Used to forward packets on the appropriate interfaces by network devices (e.g., bridges) Attack: replace good entries with your own Leads to Session hijacking Man-in-the-middle attacks Denial of service, etc. Q : Why would you want to spoof an IP address? Address Resolution Protocol (ARP) 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger TCP/IP uses a three-way handshake to establish a connection 1. C -> S: Q C where sequence numbers Q C 2. S -> C: Q S , ack(Q C ) and Q S are nonces 3. C -> S: ack(Q S ) … then send data However assume the bad guy does not hear msg 2, if he can guess Q S , then he can get S to accept whatever data it wants (useful if doing IP authentication, e.g., “rsh”) Client Server Adversary Sequence number prediction 6
Background image of page 6
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger RIP - routing information protocol
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/11/2012 for the course CSE 443 taught by Professor Trentjaeger during the Spring '11 term at Pennsylvania State University, University Park.

Page1 / 21

cse443-lecture-16-networksecurity - Lecture 16 - Network...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online