Professional Documents
Culture Documents
Chapter 4 Netwook Security
Chapter 4 Netwook Security
Chapter 4 Netwook Security
(CoSc4171)
Sem. II - 2022
DEPARTMENT OF COMPUTER SCIENCE
AU
Network Security
Network Security
Security Services
Confidentiality
Authentication
Integrity
Non Repudiation
Access Control
Availability
Network Security
Model
Trusted
Third Party
Security Security
Related Related
Transmition Transmition
Opponent
Network Security
Introduction
Session hijacking
When a TCP connection is established between a
client and a server, all information is transmitted
in clear and this can be exploited to hijack the
session
Network Security/ Protocols and vulnerabilities
Attacks on TCP/IP Networks
140.252.13
arp req | target IP: 140.252.13.5 | target eth: ?
Reply
08:00:20:03:F6:42 00:34:CD:C2:9F:A0 00:00:C0:C2:9B:26
.1 .2 .3 .4 .5
140.252.13
Benefits of IPSec
Transparent to applications (below transport layer)
(TCP, UDP)
Provide security for individual users
Access Control
Connectionless integrity
Data origin authentication
Rejection of replayed packets
Confidentiality (encryption)
Network Security/ Protocols and vulnerabilities
Network Layer: IP security scenario …
Network Security/ Protocols and vulnerabilities
Network Layer: IPSec - Security Associations (SA)
client server
SYN = ISNC
SYN = ISNS, ACK(ISNC)
ISN – Initial Sequence Number
ACK(ISNS)
data transfer
attacker server
SYN = ISNX, SRC_IP = T trusted host (T)
ACK(ISNS), SRC_IP = T
SRC_IP = T, nasty_data
Network Security/ Protocols and vulnerabilities
Application layer: DNS spoofing