Professional Documents
Culture Documents
4 Security
4 Security
Network Security
Network Security
Network security describe all aspects of securing your computer or
computers from unauthorized access.
This includes blocking outsiders from getting into the network, as well as
password protecting your computers and ensuring that only authorized
users can view sensitive data.
Network Security
Security Services
Confidentiality
Authentication
Integrity
Non Repudiation
Access Control
Availability
Network Security
Model
Trusted
Third Party
Information Channel
Security Security
Related Related
Transmition Transmition
Opponent
Network Security
Introduction
Session hijacking
When a TCP connection is established between a
client and a server, all information is transmitted
in clear and this can be exploited to hijack the
session
Network Security/ Protocols and vulnerabilities
Attacks on TCP/IP Networks
140.252.13
arp req | target IP: 140.252.13.5 | target eth: ?
Reply
08:00:20:03:F6:42 00:34:CD:C2:9F:A0 00:00:C0:C2:9B:26
.1 .2 .3 .4 .5
140.252.13
arp rep | sender IP: 140.252.13.5 | sender eth: 00:34:CD:C2:9F:A0
Network Security/ Protocols and vulnerabilities
Link Layer: ARP spoofing
When a node doesn’t know a particular IP-to-MAC mapping, it
broadcasts an ARP request message to the LAN.
The appropriate node on the LAN responds with an ARP reply and the
requesting node can then fill in an entry in its ARP cache.
ARP is a stateless protocol, and, as a result, a node does not have a
record of ARP requests that it has sent.
As a consequence, a node will accept any ARP reply that it receives,
even if it made no corresponding ARP request.
This opens the door to an attack by a malicious host on the LAN.
This attack—which is known as ARP cache poisoning.
ARP is an example of a vulnerable stateless protocol.
Network Security/ Protocols and vulnerabilities
Network Layer: IP Vulnerabilities
IP packets can be intercepted
In the LAN broadcast
In the router, switch
Since the packets are not protected they can be easily read
Since IP packets are not authenticated they can be easily
modified
Even if the user encrypts his/her data it will still be
vulnerable to traffic analysis attack
Information exchanged between routers to maintain their
routing tables is not authenticated
All sort of problems can happen if a router is compromised
Network Security/ Protocols and vulnerabilities
Network Layer: IP security (IPSec) overview
Benefits of IPSec
Transparent to applications (below transport layer)
(TCP, UDP)
Provide security for individual users
(a) Before AH
Network Security/ Protocols and vulnerabilities
Network Layer: IPSec AH Authentication …
Cookies
cookies are set by web servers and stored by web
browsers
A cookie set by a server is sent back to the server when
the browser visits the server again
Cookies can be used to track what sites the user visits
Network Security/ Protocols and vulnerabilities
Application layer: E-mail Security