Professional Documents
Culture Documents
2 L1 L2 Security
2 L1 L2 Security
Course 2022-2023
3
Physical layer (L1)
4
Guided transmission media (I)
u Twister pair:
v Telephone cable:
ü 1 pair = 2 copper wires
ü Analog voice range: 20 Km (a.k.a. last mile)
v Unshielded Twisted Pair (UTP)
ü 4 pairs = 8 copper wires
ü Data transmission range: 100m
ü Different categories (qualities):
Ø Cat.3 (16MHz, 10Mbps) – Cat. 6 (250MHz, 1Gbps)
v Shielded/Screened Twisted Pair (STP/ScTP), Foil
Twisted Pair (FTP):
ü Four pairs as UTP, but protected with foil or metal
jacket to achieve higher speeds:
Ø Cat.7 (600MHz, 10 Gbps) – Cat. 8 (2GHz, 40Gbps)
u Coaxial cable:
v More bandwidth and better electromagnetic isolation
than Twister pair
v Baseband or wideband transmission (e.g. Cable TV) 5
Guided transmission media (&II)
u Optical transmission:
v Data transmission using light pulses:
ü Immune to electro-magnetic interference
ü More bandwidth than any copper medium
ü Optical fibre acts as a waveguide
v Optical fibre: Transparent silica glass
core surrounded by cladding with a lower
index of refraction:
ü Light traverses the core by means of internal
reflection
v Optical fibre may have several traverse
modes:
ü Multi-mode optical fibre
ØMore dispersion, short range (≤ 2 Kms)
ü Single-mode optical fibre:
ØLess dispersion, long range (≤ 50 Kms)
6
Structured Cabling
System (SCS) (I)
u Standards for the deployment of data cabling inside
buildings with a physical star topology.
v Ethernet: Logical bus topology.
v Token Ring: Logical ring topology.
u Also standardises the cabling and interconnections:
v Twister pair
v Optical fibre
u SCS composed by:
v Work area
v Horizontal cabling
v Telecommunication enclosures
v Vertical (Backbone) cabling
v Equipment room
v Entrance facilities
7
Structured Cabling System
(SCS) (&II)
Patch panel Horizontal cabling (≤ 90 m, UTP)
interconnection
(≤ 5m, UTP) Wall socket
Work Area
Patch cable (≤ 5m, UTP)
(≤ 500m, UTP or MM Optical Fibre)
Backbone or Vertical cabling
Telecommunications
Floor enclosure
8
Wireless transmission
9
Electromagnetic spectrum
10
Physical layer security
u Wired media:
v TEMPEST: NATO standards to prevent data leaking through
electro-magnetic emissions (EMSEC):
ü Cable shielding to ground (i.e. Faraday cage)
ü Cable crosstalk à Separate plaintext/encrypted links (RED/BLACK)
ü Optical fibres do not radiate at all
v Physical security to prevent cable/fibre tapping:
ü E.g. USS Annapolis (SSN 760) submarine
v Data Diode: One direction communication
ü Electrical (e.g. re-wiring) or optical (e.g.one direction diode)
ü Application for traffic monitoring, backups, different security levels
domains
11
Physical layer security (II)
u Wireless transmission:
v 2 main threats:
ü Broadcast (anyone in range can access)
ü superposition (overlapping multiple signal at receiver)
v Spread-spectrum modulations may evade detection and
jamming:
ü Direct Sequence Spread Spectrum (DSSS)
ü Frequency hopping
12
Source: http://www.eetimes.com/document.asp?doc_id=1271899
Link Layer (L2)
u Main functions:
v Addressing: Each device on the Local Area Network (LAN)
has a unique identifier, usually called a hardware or physical
address.
v Data framing: Encapsulation of data packets into frames that
are sent over the physical layer.
v Media Access Control (MAC): Procedures used by devices
to control access to the shared transmission medium.
v Error control: To detect errors during the physical layer
transmission (e.g. CRC)
u Link layer protocols:
v IEEE 802.3/Ethernet
v Point-to-Point Protocol (PPP)
v IEEE 802.11 (a.k.a. WiFi)
v …
13
Introduction to Ethernet
u Ethernet is the most popular LAN technology:
v 90% of Internet traffic starts and ends in Ethernet NICs.
u Ethernet benefits:
v High performance:
ü From 10 Mbps to 400 Gbps:
Ø10Mbps, 100Mbps, 1Gbps, 10Gbps, 40Gbps, 100Gbps,
400 Gbps
Ø800Gbps & 1,6 Tbps are being specified.
ü Simple strict-match forwarding:
Ø<Dest. MAC addr.,VLAN> → Output port(s)
v No configuration needed (‘Plug-and-play’):
ü Globally unique MAC addresses.
ü Backward MAC address learning.
ü Spanning Tree Protocol (STP) [IEEE 802.1D].
v Low cost and many different vendors. Source: Ethernet Alliance
14
IEEE 802.3/Ethernet DIX
frame format
6 bytes 6 bytes 2 bytes 0-1500 bytes 0-46 4 bytes
15
MAC Addresses
1 1 22 bits 24 bits
G L Vendor OUI NIC identifier
17
LAN interconnection:
Hubs, Bridges, Switches
u Initially, an Ethernet LAN was just a (yellow) coaxial cable:
v Physical Bus topology: All stations receive all frames.
v Medium access controlled by Carrier-Sense Multiple Access /
Collision Detection (CSMA/CD):
ü CSMA = Listen the medium before start sending.
ü CD = Stop transmitting if a collision is detected. Source: Bob Metcalfe (1973)
u Hubs/Repeaters allowed to extend the LAN range (but only up to
2.5 Km @10Mbps because CSMA/CD):
v Logical bus topology/Physical star topology (SCS).
v Backwards-compatible LANs (even nowadays).
u Bridges were designed to interconnect IEEE LAN technologies:
v Split a LAN in separate collision domains à ‘Unlimited’ LAN size.
v Still single broadcast domain (i.e. one IP subnet).
v “Transparent” bridges: Hosts are unaware of them.
u Nowadays Ethernet Bridges are simply known as Switches:
v Full-duplex interfaces = No collisions à CSMA/CD no longer needed.
v Ethernet forwarding based on exact match of destination MAC address:
ü <Dst addr> → Output port
ü Broadcast/Multicast/Unknown MAC addresses are just flooded by all ports.
v Ethernet “routing” based on Backwards Learning over an Spanning Tree.
18
Backward MAC address
learning
u No need to configure the forwarding table of Ethernet bridges/switches:
v Start with empty forwarding tables.
v Source MAC address learned by forwarding frames.
u Unknown/broadcast/multicast frames are just flooded, i.e. sent by all
ports but the arriving one.
A < B Data
A 0 0 0 B
1 2 1
1
19
Spanning Tree (I)
u Backward learning requires a loop-free topology. Otherwise:
v Broadcast storms: Ethernet has no TTL field to drop looping frames.
v Invalid forwarding tables: Looping frames may come from wrong ports.
A B
1 4
3
2
C 6 D
8 5
7
E
20
Spanning Tree Protocol (STP)
802.3+LLC
Root ID Cost Bridge ID Port ID
ST root bridge:
(0.1.1) 0 (0.0.0)
A B
1 4
3 (0.1.4)
(0.1.2) 2 (0.1.3)
4 0
1
C 6 D
8 3 2 5
(0.2.8) 7 (0.2.6) (0.2.5)
(0.2.7)
DA Out Port
A 4
(RootId.Cost.BridgeId) (0.3.9) B 4
9
Root port: C 4
D 4
Designated port: E E 2
Blocked port:
22
Virtual LANs (VLANs)
24
Ethernet exercise
1. What is the resulting Spanning Tree of this topology? Show the final
BPDUs of each Switch as well as the final state of all ports.
2. Show the MAC Tables of Switches S22 and S50, after running STP,
and taking into account that all applications are client-server.
3. What is the reason that there is no traffic in S30-S40 link, whereas
S40-S50 is overloaded? How could you solve this issue?
4. We want to define a VLAN per department, which are spread all over
the 5 building of the campus, and each building floor may be shared
between different departments. There is only one PC/server per port,
and they do not support 802.1Q.
a) Specify which links should be native, and which ones should be trunk ones.
b) Specify the format of a Ethernet frame sent by the engineering (VLAN 3) computer
E to its server C that has been captured in link S20-S22.
c) Is it possible to share server A between different departments (VLANs)? How? 25
Attacks to Ethernet LANs
u Ethernet security:
v Ethernet (nor STP) does not implement any security mechanism:
ü Neither encryption, nor integrity protection, nor authentication.
ü Assumes physical security à Disable unused ports.
ü VLANs may help, by segmenting the LAN.
v IEEE 802.1x provides Access Control:
ü General security mechanism against outsiders.
ü Does not provide encryption nor integrity protection.
u Attacks to Ethernet LANs:
v MAC address spoofing: NIC impersonation.
v MAC table overflow: Data snooping & DoS.
v STP attacks: DoS & data snooping.
v LAN storm: DoS.
v Trunking & VLAN hopping attack: VLAN intrusion.
26
MAC address spoofing
A 0 0 0 B
1 2 1
1
Bcast < B
DA Out Port
A 2
B 01
E
E 1
A 0 0 0 B
1 2 1
1
DA Out Port
Bcast < E1
Bcast < E2
Bcast < E3
A E1 1
2
B E2 0
1
E
E E3 1
u Data snooping in Hub-based LANs was trivial because frames flooded the
whole LAN:
v Now Switches only send frames to the port where the destination MAC is.
v But if MAC is unknown, frames are flooded like Hubs did.
u Hardware MAC address tables have a limited size à Denial of Service (DoS):
v An attacker sends many frames to the switch with bogus source MAC addresses to
overload the switch MAC table and overwrite real ones.
v Real MAC addresses are now unknown à Frame flooding à Snooping.
u Countermeasure:
v Limit the number of MAC addresses that can be learnt in an access port.
ü Bad idea in an uplink port.
28
LAN traffic analysis
30
LAN storms
31
Trunk & VLAN hopping attacks
32
Double-Tag VLAN Hopping
VLAN 10
33
LLDP/CDP
6 bytes 6 bytes 2 bytes 0-1500 bytes 4 bytes
Ethernet LLDP Multicast Ethertype:
01-80-C2-00-00-oE
Src Addr 88-CC LLDPDU FCS
LLDP
End of
Chassis ID Port ID TTL Optional Optional
TLV TLV ... TLV
LLDPDU
TLV TLV TLV
u L2 Discovery Protocol
v Protocol typical used for network inventory
ü Cisco discovery protocol (CDP)
Ø 1st developed (1994). Cisco Propietary
ü Link Layer Discovery Protocol (LLDP)
Ø IEEE 802.1.AB standardized 2005.
v LLDP collects local device information
(Mgmt. IP, device ID, port ID) and
advertises it to neighbours.
v Neighbours store this info and offer
through SNMP
v No security in the protocol 35
LLDP/CDP attacks
u Attacks to LLDP:
v MAC address spoofing: NIC impersonation.
v Information disclosure: Collect valuable info (vendor, Sw
version, topology,..)
v Information poisoning: inject false topologies in
LLDP/MIB table
v DoS attacks
ü Flooding LLDP messages
ü Fuzzers (http://www.cs.utexas.edu/ftp/techreports/tr07-24.pdf )
u Countermeasures:
v Disable if no necessary (cdp can be active by default)
v Limit to needed interfaces (avoid at device level)
v Rate limit. 36
Dial-up access
AAA
Server
DIUS
User RA
NAS
Modem
PSTN ISP Internet
[1] M. Marlinspike, D. Hulton. “Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate”. Defcom 20. Jul. 2012.
39
Extensible Authentication
Protocol (EAP)
Bytes 1 1 2 1 Variable
…
…
u Request/Response Types:
1. Identity: To identify user. Request n
2. Notification: To send a text message. Response n
3. Nak (Response only): Unsupported
authentication method.
Success/Failure Success/Failure
v EAP Method
40
EAP Methods
u EAP-MD5 [RFC3748]:
v PPP CHAP
u EAP-OTP (One-Time Password) [RFC2289]:
v hashn(seed), hashn-1(seed), … hashn-i(seed) = OTPi
u EAP-GTC (Generic Token Card) [RFC3748]:
v Text from Hardware Token or Coordinates Card.
u EAP-MS-CHAPv2 [RFC2759]:
v PPP MS-CHAPv2
u EAP-SIM/EAP-AKA [RFC4186, RFC4187]:
v Employ the Subscriber Identity Module (SIM)/UMTS Subscriber Identity Module (USIM) of a
GSM/UMTS terminal
u EAP-TLS (Transport Layer Security) [RFC5216]:
v TLS messages encapsulated in EAP ones (TLS over EAP): Mutual authentication with client
certificates (but non-anonymous client identity sent in clear-text).
u EAP-TTLS (Tunnelled TLS) [RFC5281]:
v Two phases: 1) TLS over EAP authentication with anonymous client identity, 2) Exchange of
Attribute-Value Pairs (AVP) over TLS over EAP.
u PEAP (Protected EAP) [draft-josefsson-pppext-eap-tls-eap-10]:
v Two phases: 1) TLS over EAP authentication with anonymous client identity, 2) 2nd EAP
session (e.g. EAP-MS-CHAPv2) tunnelled in TLS over EAP (i.e. EAP-TLS)
u Cisco EAP-LEAP, Cisco EAP-FAST, …
41
Remote Access Dial-in User
Service (RADIUS)
u RADIUS [RFC2865] is a stateless client-server AAA protocol:
v Runs over IP/UDP (port 1812).
v RADIUS Client-Server have a Shared Secret (SS).
v User roaming: Supports Proxies that route messages between realms based
on Network Access Identifier (NAI):
ü e.g. “user@uc3m” NAI à to “uc3m” realm
u Code:
1. Access Request
2. Access Accept
3. Access Reject
4. Accounting Request
ü Acct-Status-Type AVP = (Start | Stop)
5. Accounting Response
6. Interim Accounting:
ü Session time, Input octets, Output packets, …
11. Access Challenge
u Authenticator:
v In request: Random number employed as nonce (e.g. in Access-Request) for
User-Password encryption:
up1[ 0,15] = passwd[ 0,15] XOR md5(SS|Authenticator)
up2[16,31] = passwd[16,31] XOR md5(SS|up1[0,15])
v In Response: md5 of request packet
ResponseAuth = md5(Code|ID|Length|RequestAuth|Attributes|SS)
u Multiple vector attacks (SS, password, pre-compute md5 hashed,etc..) 42
v https://www.untruth.org/~josh/security/radius/radius-auth.html
RADIUS Attribute-Value Pairs
(AVPs)
1. User-Name 40. Acct-Status-Type
2. User-Password 41. Acct-Delay-Time
3. CHAP-Password 42. Acct-Input-Octets
4. NAS-IP-Address
43. Acct-Output-Octets
5. NAS-Port
6. Service-Type 44. Acct-Session-Id
7. Framed-Protocol 45. Acct-Authentic
8. Framed-IP-Address 46. Acct-Session-Time
9. Framed-IP-Netmask 47. Acct-Input-Packets
10. Framed-Routing 48. Acct-Output-Packets
12. Framed-MTU 49. Acct-Terminate-Cause
22. Framed-Route
85. Acct-Interim-Interval
26. Vendor specific:
v MS-MPPE-Recv-Key
v … 64. Tunnel-Type
27. Session-Timeout 65. Tunnel-Medium-Type
30. Called-Station-Id 66. Tunnel-client-Endpoint
31. Calling-Station-Id 67. Tunnel-Server-Endpoint
69. Tunnel-Password
79. EAP-Message mandatory
80. Message-Authenticator 81. Tunnel-Private-Group-ID
u Provide integrity:
v Message-authenticator = HMAC-MD5(SS, Type|Identifier|Length|Request Authenticator|Attributes) 43
PPP + EAP-MD5 + RADIUS
Dial-up Example
User NAS RADIUS AAA Server
(EAP Supplicant) (EAP Authenticator) Proxy (EAP AuthN. Server)
46
Example of IEEE 802.11
Authentication with PEAP
49