introduction to network security
play

Introduction to Network Security Chapter 5 Physical Network Layer - PowerPoint PPT Presentation

Jun 14, 2023 •193 likes •1.01k views

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

  1. Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009

  2. Topics • Lower Layer Security • Physical Layer Overview • Common attack methods • Ethernet • Wireless Security • General Mitigation Methods Dr. Doug Jacobson - Introduction to 2 Network Security - 2009

  3. Upper Layer Digital Data in bytes Physical Network Service Access Data buffers Points Layer Software Drivers Software Digital Data in bytes Device Interface Medium Access Protocol Medium access Hardware Physical media specific signal Dr. Doug Jacobson - Introduction to 3 Network Security - 2009 Physical Media

  4. Common Attack Methods • Spoofing • Sniffing • Physical Attacks Dr. Doug Jacobson - Introduction to 4 Network Security - 2009

  5. Hardware Addressing D2 D4 D6 HW-D2 HW-D4 HW-D6 HW-R1a HW-R1-b HW-R2a HW-R2b R1 R2 Packet Network N1 Network N2 Network N3 HW-D5 HW-D1 HW-D3 HW-D7 D1 D3 D5 D7 Dr. Doug Jacobson - Introduction to 5 Network Security - 2009

  6. Hardware Address Spoofing Computer 1 Computer 2 Router 2 Router 1 HW = A1 HW = C2 HW = B3, C1 HW = A2, B1 Network B Network C Network A Attacker 1 Attacker 2 Attacker 3 Dr. Doug Jacobson - Introduction to 6 Network Security - 2009

  7. Network Sniffing Computer 1 Computer 2 Router 2 Router 1 HW = A1 HW = C2 HW = B3, C1 HW = A2, B1 Network B Network C Network A Attacker 1 Attacker 2 Attacker 3 Dr. Doug Jacobson - Introduction to 7 Network Security - 2009

  8. Physical Attacks • Bad network cable • Network cable loop (both ends plugged into the same device) • Bad network controller • Two network controllers with the same hardware address Dr. Doug Jacobson - Introduction to 8 Network Security - 2009

  9. Wired Network Protocols • Many protocols • Local Area Networks (LAN) – Ethernet is the most common • Wide Area Networks (WAN) Dr. Doug Jacobson - Introduction to 9 Network Security - 2009

  10. Ethernet • Developed in 1973 by Xerox • Speeds – 10 Mbps – 100 Mbps – 1000 Mbps (gigabit) – 10 Gigabit Dr. Doug Jacobson - Introduction to 10 Network Security - 2009

  11. Ethernet Transmission media Name Cable type Speed Maximum Distance between devices 10Base2 Coax 10 Mbps 185 meters 10BaseF Fiber 10 Mbps 500 meters 10BaseT Twisted Pair 10 Mbps 100 meters 100BaseT Twisted Pair 100 Mbps 100 meters 100BaseFX Fiber 100 Mbps 1000 meters 1000Base-X Fiber or coax 1000 Mbps Depends on cable type Dr. Doug Jacobson - Introduction to 11 Network Security - 2009

  12. 12 Coaxial Ethernet Dr. Doug Jacobson - Introduction to Network Security - 2009 Packet

  13. Ethernet Access Method • CSMA/CD – Listen – Talk if no one else is talking – Back off if more than one talks at a time – Minimum packet length is used to guarantee that a collision can be seen by all machines. This also puts a limit on the length of the cable Dr. Doug Jacobson - Introduction to 13 Network Security - 2009

  14. Dr. Doug Jacobson - Introduction to 14 Network Security - 2009

  15. Ethernet Collision Domain • The range that is effected when a collision occurs. • 10Mbps Ethernet it is 2500 Meters • This can be changed by using switches and routers (more later) Dr. Doug Jacobson - Introduction to 15 Network Security - 2009

  16. Connecting Devices • Repeater (physical layer only) • Hub (multi port repeater) • Bridge (layer 2 only) • Router (layer 3) • Layer 2 switch • Layer 3 switch Dr. Doug Jacobson - Introduction to 16 Network Security - 2009

  17. Ethernet Hubs Hub C1 Hub Hub C3 C4 C2 Hub C5 C6 C7 Dr. Doug Jacobson - Introduction to 17 Network Security - 2009

  18. Ethernet switches • Collisions can slow the network down • Switches create multiple collision domains • Typically one machine per leg of the switch • Switches only pass traffic to the leg of the switch where the destination is located • Switches reduce the traffic on each leg – Problem with network monitoring Dr. Doug Jacobson - Introduction to 18 Network Security - 2009

  19. Ethernet Router R1 P1 Switch Switch 1 P2 P3 P4 C1 P1 P1 Switch 2 Switch 3 P3 P2 P3 P2 P1 C3 C4 C2 Switch 4 P2 P3 P4 C5 C6 C7 Port table, switch 2 Port table, switch 4 Port HW Address Port HW Address P1 Uplink P1 Uplink P2 C5 P2 C2 P3 C6 P3 Multiple P4 C7 Dr. Doug Jacobson - Introduction to 19 Network Security - 2009

  20. Ethernet Tap Points Router Router Hub OR Tap P1 Spanning or Monitoring mirrored port Switch Switch 1 Point P2 P3 P4 C1 P1 P1 Switch 2 Switch 3 P3 P2 P3 P2 C3 C4 C5 C2 Dr. Doug Jacobson - Introduction to 20 Network Security - 2009

  21. Ethernet - Frame Preamble (on wire only) 7 bytes Start Frame Delimiter 1 bytes Destination Address 6 Bytes Source Address 6 Bytes Type or Length 2 Bytes Data 46-1500 Bytes FCS 4 Bytes Dr. Doug Jacobson - Introduction to 21 Network Security - 2009

  22. Ethernet Addresses • Goal is to have all addresses globally unique • 6 bytes – Upper 3 bytes vendor code – Lower 3 bytes independent • All 1’s = broadcast address Dr. Doug Jacobson - Introduction to 22 Network Security - 2009

  23. Ethernet Type/length • If value < 0x800 then it is a length field otherwise it is a protocol type field. Some common types are: Hex • 0800 DoD Internet Protocol (IP) • 0805 X.25 level 3 • 0806 Address Resolution Protocol (ARP) • 6003 DECNET Phase IV • 6004 Dec LAT • 809B EtherTalk • 80F3 AppleTalk ARP Dr. Doug Jacobson - Introduction to 23 Network Security - 2009

  24. Attacks and vulnerabilities • Header-based • Protocol-based • Authentication-based • Traffic-based Dr. Doug Jacobson - Introduction to 24 Network Security - 2009

  25. Header-Based • Attacks – Setting the destination address as a broadcast address can cause traffic problems – Setting the source can cause switches to get confused • Mitigation – Very difficult to mitigate Dr. Doug Jacobson - Introduction to 25 Network Security - 2009

  26. Protocol-Based • Protocol is simple and is in hardware Dr. Doug Jacobson - Introduction to 26 Network Security - 2009

  27. Authentication-Based • You can set the hardware address • Hardware address is used to authenticate in switches • Hardware addresses can be used to authenticate devices in a network Dr. Doug Jacobson - Introduction to 27 Network Security - 2009

  28. Authentication-Based • Destination address spoofing • Destination address is obtained dynamically via a protocol • Trick a device into thinking you are the destination (ARP Poisoning) • No good mitigation method Dr. Doug Jacobson - Introduction to 28 Network Security - 2009

  29. 29 ARP Poisoning Dr. Doug Jacobson - Introduction to Network Security - 2009

  30. Authentication-Based • Source Address Spoofing • Source address if not used for authentication by default • New security and network management methods are starting to use the source address to authenticate the device. (Network Access Control [NAC]) • More on NAC as a general countermeasure later Dr. Doug Jacobson - Introduction to 30 Network Security - 2009

  31. Traffic-Based • Attack – Ethernet controllers can be set in promiscuous mode which enables them to sniff traffic • Mitigation – Encryption, VLAN (more later) • Broadcast traffic can cause flooding, hard to flood unless directly connected to the LAN • No good mitigation for flooding Dr. Doug Jacobson - Introduction to 31 Network Security - 2009

  32. Wireless Security Topics • Standards • Devices • Protocol • Packet Format • Vulnerabilities • Mitigation Dr. Doug Jacobson - Introduction to 32 Network Security - 2009

  33. Wireless Standards Name Frequency Data Rate Max Distance 802.11a 5 GHz 54Mbps 30 meters 802.11b 2.4 GHz 11Mbps 30 meters 802.11g 2.4 GHz 11-54 Mbps 30 meters 802.11n 2.4 GHz 200-500 Mbps 50 meters Dr. Doug Jacobson - Introduction to 33 Network Security - 2009

  34. 34 Dr. Doug Jacobson - Introduction to Network Security - 2009 Reflection Signal

  35. Wireless Ethernet 802.11 • Two topologies – IBSS Independent Basic Service Set • Ad-hoc, all stations are peers – ESS Extended Service Set • AP – Access points connected to a network • Station plus the AP form a BSS Dr. Doug Jacobson - Introduction to 35 Network Security - 2009

  36. Wireless Network Environment A B C D E Access point A Access point B Access point C SSID = LAB SSID = OFFICE SSID = SERVER ROOM Switch Router Dr. Doug Jacobson - Introduction to 36 Network Security - 2009

  37. Discovery and joining Access Point A Device C Access point B Beacon SSID = LAB Beacon SSID = OFFICE Probe Probe Probe Response Probe Response SSID = LAB SSID = OFFICE Discovery Joining Association Request Association Response Dr. Doug Jacobson - Introduction to 37 Network Security - 2009

  38. IEEE 802.11 • CSMA/CA – Wait till medium is free – Backoff after defer random amount – Exponential backoff for retransmission – Backoff timer resets if idle – Get an ACK if frame was received correctly Dr. Doug Jacobson - Introduction to 38 Network Security - 2009

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

966 views • 40 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics WWW HTTP: Hyper Text Transfer Protocol HTTP Security HTML Protocol HTML Security

1.09k views • 74 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Protocol Functions OSI model

743 views • 38 slides
Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics TCP Layer Responsible for reliable end-to-end transfer of application data.

632 views • 32 slides
Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson -

Introduction to Network Security Chapter 6 Network Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics The network layer IP V4 BOOTP &amp; DHCP IP V6 Common IP countermeasures Dr.

1.88k views • 152 slides
Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Key terms Protocol

464 views • 19 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
INTRODUCTION COMPUTER &amp; NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER &amp; NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER &amp; NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 3 The Internet Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics The Internet Addressing Client Server Routing Dr. Doug Jacobson - Introduction to 2 Network

940 views • 24 slides
Introduction CMSC 414: Computer and Network Security Spring 2016 What is computer &amp; network

Introduction CMSC 414: Computer and Network Security Spring 2016 What is computer &amp; network

Introduction CMSC 414: Computer and Network Security Spring 2016 What is computer &amp; network security? Normally, we are concerned with correctness Does the software achieve the desired behavior? Security is a form of correctness

682 views • 47 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Some Security Notes on Notes on Cisco Enterprise WLAN Solutions WLAN Solutions Daniel Mende,

Some Security Notes on Notes on Cisco Enterprise WLAN Solutions WLAN Solutions Daniel Mende,

Some Security Notes on Notes on Cisco Enterprise WLAN Solutions WLAN Solutions Daniel Mende, Enno Rey Rey {dmende, oroeschke, erey}@ernw.de Who we are Old-school network geeks, working as security researchers for Germany based

832 views • 42 slides
http://guysiwouldnevereverfuck.tumblr.com/ ROFL Tech =! Technology ? Why only certain

http://guysiwouldnevereverfuck.tumblr.com/ ROFL Tech =! Technology ? Why only certain

http://guysiwouldnevereverfuck.tumblr.com/ ROFL Tech =! Technology ? Why only certain technologies are called tech? Tech has become its own thing, even though information Technology is only one type of technology. Infocentrism +

593 views • 28 slides
NSAC Subcommittee Report Implementing the 2007 Long Range Plan Robert E. Tribble Texas A&amp;M

NSAC Subcommittee Report Implementing the 2007 Long Range Plan Robert E. Tribble Texas A&amp;M

NSAC Subcommittee Report Implementing the 2007 Long Range Plan Robert E. Tribble Texas A&amp;M University January 28, 2013 The Budget Problem Report Appendix to the subcommittee Charge from NSAC Report Appendix Subcommittee Membership

805 views • 56 slides
WebRTC what makes developers happy, angry, and everything in between? Brian Doll

WebRTC what makes developers happy, angry, and everything in between? Brian Doll

+ Analyzing Millions of GitHub Commits WebRTC what makes developers happy, angry, and everything in between? Brian Doll briandoll@github.com @briandoll Ilya Grigorik igrigorik@google.com @igrigorik &lt;facepalm&gt; @briandoll @igrigorik

788 views • 45 slides
WiF iFi security UW Madison CS 642 1 Announcements HW 3 (network security) out today

WiF iFi security UW Madison CS 642 1 Announcements HW 3 (network security) out today

WiF iFi security UW Madison CS 642 1 Announcements HW 3 (network security) out today Due April 2 nd Online classes going forward Testing out BBCollaborate Ultra today Recordings should be available Might use different

1.19k views • 27 slides
Fusing Beliefs of Multi-Layer Metrics for Detecting Security Attacks Konstantinos Kyriakopoulos

Fusing Beliefs of Multi-Layer Metrics for Detecting Security Attacks Konstantinos Kyriakopoulos

Fusing Beliefs of Multi-Layer Metrics for Detecting Security Attacks Konstantinos Kyriakopoulos Francisco J. Aparicio Navarro David Parish Coseners House - July 2011 Wednesday, 6 July 2011 Overview Introduction Aims Metrics -

242 views • 20 slides
SVT DAQ 2019 Physics Run Cameron Bravo (SLAC) Introduction SVT DAQ system underwent a major

SVT DAQ 2019 Physics Run Cameron Bravo (SLAC) Introduction SVT DAQ system underwent a major

SVT DAQ 2019 Physics Run Cameron Bravo (SLAC) Introduction SVT DAQ system underwent a major overhaul before the run FEB bootloader image Rogue framework TI interface on PCIE cards in SVT DAQ blades (clonfarm 2 and 3)

530 views • 10 slides
Conducting Defensive Information Warfare on Open Platforms 23rd October 2013 LinuxCon Europe

Conducting Defensive Information Warfare on Open Platforms 23rd October 2013 LinuxCon Europe

Conducting Defensive Information Warfare on Open Platforms 23rd October 2013 LinuxCon Europe Ben Tullis (formerly of) LinuxIT (Europe) Ltd. Ben Tullis - Background Professional Linux sysadmin (etc.) for 12+ years Worked in

883 views • 59 slides

More recommend