Any questions on Administrativia, organizational matters? TCP/IP: - - PDF document

TCP/IP: Ethernet, IP, and ARP (and a PGP refresher)

Network Security Lecture 2

Any questions on…

• Administrativia, organizational matters?
• Historical/cultural overview?

Eike Ritter Network Security - Lecture 2 1

Today

• PGP in 6 slides
• IP
• Ethernet
• ARP
• Attacks: sniffing

Eike Ritter Network Security - Lecture 2 2

PGP

Eike Ritter Network Security - Lecture 2 3

Pretty Good Privacy (PGP)

• Application for data encryption and

decryption created by Phil Zimmermann

• Message format used by PGP is standardized

(RFC 4880), so that interoperability among different programs is possible

• Here we will use GnuPG

Eike Ritter Network Security - Lecture 2 4

Generating a key

• $ gpg --gen-key
• Every user has one (or more) key pairs,

consisting of a private key and a public key

– The private key can be encrypted using a passphrase – All keys are stored in a keyring

• This command generates a new key pair and

stores it in the keyring

Eike Ritter Network Security - Lecture 2 5

Publishing the public key

• $ gpg --export –a ‘Eike Ritter (Test

key)’

• ----BEGIN PGP PUBLIC KEY BLOCK-----

Version: GnuPG v1.4.10 (GNU/Linux) mQENBE8KvXUBCADGTet/EQF0qPeaG5IkwWzGfRxc2XT7I6KvOKI4NverNxC8JijF ZKMf0RSZ5himtEVGjXTmc0hyMzuYlDzg/oVM70tygqEEC28IpppdINJVtyUfNYwu … … =aGju

• ----END PGP PUBLIC KEY BLOCK-----
• Public key can be upload it to web site or to

keyserver, such as pgp.mit.edu

Eike Ritter Network Security - Lecture 2 6

Encrypting a message

• $ gpg -r <recipient-key> -e secret.txt
• Encrypts the file secret.txt so that the

recipient having public key <recipient-key> can recover its plain text content

• In practice, a session key is generated randomly

and is used to encrypt (symmetrically) the file

• The session key is encrypted with the public key
• f the recipient(s) and attached to the file
• Decrypting:

$ gpg -d secret.gpg

Eike Ritter Network Security - Lecture 2 7

Signing a message

• $ gpg -s -a secret.txt
• Generates a signature for the given file (in

ASCII format) using the private key of the user

• The signature can be verified by using the

public key of the signer: $ gpg --verify secret.asc

gpg: Signature made Mon 09 Jan 2012 10:43:15 GMT using RSA key ID AA226670 gpg: Good signature from "Eike Ritter (Test key) <test@rittere.co.uk>"

Eike Ritter Network Security - Lecture 2 8

Other common operations

• Generating a detached signature
• Signing and encrypting a message
• Web of trust: sign a public key
• Revoking a key

Eike Ritter Network Security - Lecture 2 9

TCP/IP

Eike Ritter Network Security - Lecture 2 10

TCP/IP Protocol Suite

• Network protocols

– IP (Internet Protocol) – ICMP (Internet Control Message Protocol)

• Transport protocols

– TCP (Transmission Control Protocol) – UDP (User Datagram Protocol)

• Application protocols

– HTTP (HyperText Transfer Protocol) – SSH – DNS

• Other protocols

– ARP (Address Resolution Protocol)

Eike Ritter 11 Network Security - Lecture 2

TCP/IP layering

Eike Ritter Network Security - Lecture 2 12

Ethernet, Wireless Ethernet, Wireless Network card Network card IP IP TCP TCP SSH SSH UDP UDP HTTP HTTP DNS DNS RPC RPC FTP FTP Application

• Application-specific

protocols Transport

• Ordering, multiplexing,

correctness Network

• Transmission and routing

across subnets Data link

• Error control between

adjacent nodes Physical

• Connect to channel
• Send/receive bytes

ICMP ICMP

IP addresses

• Each host has one or more IP addresses for each network

interface

• IPv4 addresses are composed of 32 bit (class+netid+hostid)
• Represented in dotted-decimal notation: 147.188.193.82
• Classes (up to ~1993)

Eike Ritter Network Security - Lecture 2 13

Class Starts with Netid bits Hostid bits # hosts A 7 24 16,777,21 4 B 10 14 16 65,534 C 110 21 8 254 D 1110 Multicast address E 1111 Reserved for future use

Special addresses

• 127.0.0.0 – 127.255.255.255: loopback interface
• Private networks (RFC 1597):

– 10.0.0.0 - 10.255.255.255 – 172.16.0.0 - 172.31.255.255 – 192.168.0.0 - 192.168.255.255

• Network

– hostid bits set to 0

• Broadcast

– All bits set to 1: local broadcast – Netid+hostid with all bits to 1: net-directed broadcast to netid (147.188.255.255)

Eike Ritter Network Security - Lecture 2 14

Classless Inter-Domain Routing (CIDR)

• Classes lead to inefficient use of IP space and to large

routing tables

– Not enough class B – Little opportunity for route aggregation (many class C networks geographically dispersed)

• Solution: variable-length subnet masking, i.e., the

netid/hostid boundary can be placed on arbitrary bit

• Notation: /N gives the number of bits interpreted as

network number (“prefix”)

– /24: legacy class C – /16: legacy class B – /8: legacy class A

Eike Ritter Network Security - Lecture 2 15

Internet Protocol (IP)

• Transmissions of blocks of data (datagrams) from

source to destination

• Standardized in RFC 791
• Transmission properties

– Connectionless – Unreliable, best-effort

• delivery, integrity, ordering, non-duplication are not guaranteed
• IP does handle fragmentation and reassembly of long datagrams
• For direct communication, IP relies on lower level

protocols (e.g., Ethernet)

Eike Ritter Network Security - Lecture 2 16

IP datagram

Version HL ToS Total length Identifier Flags Fragment offset Time To Live Protocol Header checksum Source IP address Destination IP address Options Padding Data

Eike Ritter Network Security - Lecture 2 17

4 8 12 16 20 24 28 31

IP header

• Normal size: 20 bytes
• Version (4 bits): 4 (IPv4)
• Header length (4 bits): number of 32-bit words in the

header, including options (max header size: 60 bytes)

• Type Of Service (8 bits):

– Used to be: priority (3 bits), quality of service (4 bits), unused bit – Now: Differentiated Services Code Point (6 bits), Explicit Congestion Notification (2 bits)

• Total length (16 bits): datagram length in bytes (max

size: 65,535 bytes)

• ID (16 bits): datagram identifier

Eike Ritter Network Security - Lecture 2 18

IP header

• Flags (3 bits) and Offset (13 bits): to support

fragmentation

• Time To Live (8 bits): max number of hops in the

delivery process

• Protocol (8 bits): specifies the protocol encapsulated in

the datagram data (e.g., TCP, UDP)

• Header checksum (16 bits): checksum calculated over

the IP header

– Recomputed at each hop (TTL, fragmentation)

• Source and destination address (32 bits each): IP

addresses of the source and destination of the datagram

Eike Ritter Network Security - Lecture 2 19

IP options

• Present if header length > 5
• Variable length
• Type is identified by first byte

– Record route – Source route – Timestamp – …

• Not often used

Eike Ritter Network Security - Lecture 2 20

IP encapsulation

• How are IP datagrams transferred over a LAN?
• RFC 894 explains IP over Ethernet

– Encapsulation + direct delivery

Eike Ritter Network Security - Lecture 2 21

Frame data Frame data Frame header Frame header IP header IP header IP data IP data

IP direct delivery

• Sender forwards a packet to the final

destination on a directly attached network

Eike Ritter Network Security - Lecture 2 22

147.188.193.82 00:19:D1:80:AE:45 147.188.193.15 147.188.193.6 00:04:96:1D:6B:20

From: 00:19:D1:80:AE:45 To: 00:04:96:1D:6B:20 From: 147.188.193.82 To: 147.188.193.6

147.188.193.80

Ethernet

• Widely-used link layer protocol
• Uses CSMA/CD (Carrier Sense, Multiple Access

with Collision Detection)

Eike Ritter Network Security - Lecture 2 23

Dest Src Ethertype Payload CRC 6 bytes 6 bytes 2 bytes 46-1500 bytes 4 bytes 0800 0800 IP datagram IP datagram 0806 0806 ARP ARP

Address Resolution Protocol (ARP)

• Used to map an IP address to the link-level

addresses associated with the peer’s hardware interface (e.g., Ethernet)

• ARP messages are encapsulated in the

underlying link-level protocol

Eike Ritter Network Security - Lecture 2 24

Address Resolution Protocol (ARP)

• Host A wants to know the hardware address associated

with IP address Ib of host B

• A broadcasts a special message to all the hosts on the

same physical link

• Host B answers with a message containing its own link-

level address

• A keeps the answer in its cache (for some time, e.g., 20

minutes)

• When A sends its request, A includes its own IP address

in the request

• As an optimization, the receiver of the ARP request may

cache the requester mapping

Eike Ritter Network Security - Lecture 2 25

ARP messages

• Mapping information

– Hardware (2 bytes) [Typically: Ethernet] – Protocol (2 bytes) [Typically: IP] – Hardware size (1 byte) – Protocol size (1 byte) Typically: 0x0001, 0x0800, 6, 4

• Op: type of message (1: request; 2: response)
• Sender Ethernet/IP: sender data
• Target Ethernet/IP: target data
• Target Ethernet is all 0s in request

Eike Ritter Network Security - Lecture 2 26

Hw type Proto type Hw size Proto size Op Sender Ether Sender IP Target Ether Target IP

ARP traffic

Eike Ritter Network Security - Lecture 2 27

host1# arp –n host1# ping –c 1 192.168.0.2 04:21:16.312430 ARP, Request who-has 192.168.0.2 tell 192.168.0.1, length 28 04:21:16.312500 ARP, Reply 192.168.0.2 is-at 00:30:48:dd:ec:12, length 46 04:21:16.312506 IP 192.168.0.1 > 192.168.0.2: ICMP echo request, id 16976, seq 1, length 64 04:21:16.312577 IP 192.168.0.2 > 192.168.0.1: ICMP echo reply, id 16976, seq 1, length 64 host1# arp –n 192.168.0.2 ether 00:30:48:dd:ec:12 C eth0 Host2# arp –n 192.168.0.1 ether 00:30:48:de:0b:3a C eth0

host1: 192.168.0.1 00:30:48:de:0b:3a 192.168.0.3 host2: 192.168.0.2 00:30:48:dd:ec:12 ARP request ARP response

Exercise

• Alice (192.168.1.1) wants to send an IP datagram

to Bob (192.168.1.2)

• What happens? (fill in the blanks)

Eike Ritter Network Security - Lecture 2 28

Alice Bob

LAN attacks

Attack Security violation Attacker goal Sniffing Confidentiality Access to information Spoofing Authenticity Impersonation of trusted host Hijacking Confidentiality, Integrity, Authenticity Impersonation, access to information Denial of Service Availability Disruption

Eike Ritter Network Security - Lecture 2 29

Network sniffing

• The attacker sets his/her network interface in

promiscuous mode so that all packets can be received (not only those directed to the attacker’s host)

• Can access all the traffic on the segment
• Note: sniffing on University network is a “disciplinary
• ffence”

Eike Ritter Network Security - Lecture 2 30

Network sniffing

• Many protocols (e.g., POP, TELNET, HTTP,

IMAP) transfer sensitive information (e.g., authentication credentials) in the clear

• By sniffing the traffic, it is possible to collect

credentials, files, content of visited web pages, emails, etc.

• Many tools available

Eike Ritter Network Security - Lecture 2 31

tcpdump

• Tool to sniff and analyze the traffic on a network

segment

• One of the “standard” network tools
• Based on libpcap, which provides a platform-

independent library and API to perform traffic sniffing

• Allows one to specify an expression that defines

which packets have to be printed

• Requires root privileges to set the interface in

promiscuous mode (regular users can read traffic data saved in a file)

Eike Ritter Network Security - Lecture 2 32

tcpdump: command line options

• -i: use the given network interface
• -r: read packets from a file
• -w: write packets to a file
• -s: specify the amount of data to be sniffed for

each packet (0 means catch whole packets)

• -n: do not convert addresses to names
• -x: print the data of each packet in hex

Eike Ritter Network Security - Lecture 2 33

tcpdump: filters

• If a filter expression is provided, tpcdump only

processes packets matching the expression

• Expression consists of one or more primitives
• Primitives are composed of a qualifier and an

id

• Operators can be used to create complex filter

expressions

Eike Ritter Network Security - Lecture 2 34

tcpdump filters – cont’d

Qualifiers

• Type

– host (host 192.168.0.1) – net (net 192.168) – port (port 80)

• Dir: direction of traffic

– src (src host 192.168.0.1) – dst

• Proto: protocol of interest

– Ether (ether src host 00:0c:29:ab:2c:18) – Ip – arp

Operators

• Logical: and, or, not

– src host 192.168.0.01 and dst host google.com

• Relational: <, >, >=, <=, =, !=
• Binary: +, -, *, /, &, |
• Data: proto[expr:size]

– expr: offset – size: # bytes of interest – ip[0] & 0xf > 5: filters IP datagrams with options – arp[7] = 2: ARP replies

Eike Ritter Network Security - Lecture 2 35

Wireshark

Eike Ritter Network Security - Lecture 2 36

Detecting sniffers

• Sniffers work by putting the network interface in promiscuous mode
• ifconfig

$ ifconfig en1 en1:flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 ether d8:a2:5e:ab:cd:ef inet 10.4.59.191 netmask 0xffff0000 broadcast 10.4.255.255 media: autoselect status: active

• On recent Linux versions, this will not (always) work due to changes in

how the state of the interface is maintained in the kernel that have not been ported back to tools

– Instead, read interface flags from /sys filesystem – If flags & 0x100 then interface is in promiscuous mode (/include/linux/if.h)

# cat /sys/class/net/eth0/flags 0x1003 # tcpdump –i eth0 & # cat /sys/class/net/eth0/flags 0x1103

Eike Ritter Network Security - Lecture 2 37

Detecting sniffers – cont’d

• Remote detection is difficult since sniffers are typically passive programs
• Suspicious DNS lookups

– Sniffer attempts to resolve names associated with IP address (e.g., tcpdump without –n option) – Generate traffic to/from IP addresses and detect attempts to resolve their names – $ ping 173.194.37.104 16:27:38.657863 IP 172.16.48.130 > 173.194.37.104: ICMP echo request, id 21009, seq 1, length 64 16:27:38.659014 IP 172.16.48.139.57105 > 172.16.48.2.53: 20764+ PTR? 104.37.194.173.in-addr.arpa. (45)

• Latency

– Since NIC is in promiscuous mode, it will need to process every packet – Analyze response time of host A (e.g., sending ping packets) – Generate lots of traffic to other hosts and analyze response time of host A

Eike Ritter Network Security - Lecture 2 38

NEXT ON

Eike Ritter Network Security - Lecture 2 39

Take away points

• Basics of gpg
• Basics of Ethernet, IP, ARP and how they fit

together

• Sniffing on a network
• Tools

– tcpdump – wireshark

Eike Ritter Network Security - Lecture 2 40

Next time

• Continue analysis of TCP/IP
• More attacks!

Eike Ritter Network Security - Lecture 2 41