introduction to network security security
play

Introduction to Network Security Security Chapter 5 Physical - PDF document

Dec 09, 2023 •556 likes •966 views

Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

  1. Introduction to Network Security Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics • Lower Layer Security • Physical Layer Overview • Common attack methods • Ethernet • Ethernet • Wireless Security • General Mitigation Methods Dr. Doug Jacobson - Introduction to 2 Network Security - 2009

  2. Upper Layer Digital Data in bytes Physical Network Service Access Data buffers Points Layer Software Drivers Software Digital Data in bytes Device Interface Medium Access Protocol Medium access Hardware Physical media specific signal Dr. Doug Jacobson - Introduction to 3 Network Security - 2009 Physical Media Common Attack Methods • Spoofing • Sniffing • Physical Attacks Dr. Doug Jacobson - Introduction to 4 Network Security - 2009

  3. Hardware Addressing D2 D4 D6 HW-D2 HW-D4 HW-D6 HW-R1a HW-R1-b HW-R2a HW-R2b R1 R2 Packet Network N1 Network N2 Network N3 HW-D5 HW-D1 HW-D3 HW-D7 D1 D3 D5 D7 Dr. Doug Jacobson - Introduction to 5 Network Security - 2009 Hardware Address Spoofing Computer 1 Computer 2 Router 2 Router 1 HW = A1 HW = C2 HW = B3, C1 HW = A2, B1 Network B Network B Network C Network C Network A Network A Attacker 1 Attacker 2 Attacker 3 Dr. Doug Jacobson - Introduction to 6 Network Security - 2009

  4. Network Sniffing Dr. Doug Jacobson - Introduction to 7 Network Security - 2009 Physical Attacks • Bad network cable • Network cable loop (both ends plugged into the same device) • Bad network controller • Bad network controller • Two network controllers with the same hardware address Dr. Doug Jacobson - Introduction to 8 Network Security - 2009

  5. Wired Network Protocols • Many protocols • Local Area Networks (LAN) – Ethernet is the most common • Wide Area Networks (WAN) • Wide Area Networks (WAN) Dr. Doug Jacobson - Introduction to 9 Network Security - 2009 Ethernet • Developed in 1973 by Xerox • Speeds – 10 Mbps – 100 Mbps – 100 Mbps – 1000 Mbps (gigabit) – 10 Gigabit Dr. Doug Jacobson - Introduction to 10 Network Security - 2009

  6. Ethernet Transmission media Name Cable type Speed Maximum Distance between devices 10Base2 Coax 10 Mbps 185 meters 10BaseF Fiber 10 Mbps 500 meters 10BaseT 10BaseT Twisted Pair Twisted Pair 10 Mbps 10 Mbps 100 meters 100 meters 100BaseT Twisted Pair 100 Mbps 100 meters 100BaseFX Fiber 100 Mbps 1000 meters 1000Base-X Fiber or coax 1000 Mbps Depends on cable type Dr. Doug Jacobson - Introduction to 11 Network Security - 2009 Coaxial Ethernet D4 D3 D2 D1 Packet D7 D5 D6 R1 Dr. Doug Jacobson - Introduction to 12 Network Security - 2009

  7. Ethernet Access Method • CSMA/CD – Listen – Talk if no one else is talking – Back off if more than one talks at a time – Back off if more than one talks at a time – Minimum packet length is used to guarantee that a collision can be seen by all machines. This also puts a limit on the length of the cable Dr. Doug Jacobson - Introduction to 13 Network Security - 2009 Packet to send Listen No Error No quiet N > 16 Yes Yes Send and Wait Listen Increase N Send more data Yes Pick Random Collision Number Between 1 and N No No Done Yes Packet sent Figure 5.5 CSMA/CD Ethernet Protocol Dr. Doug Jacobson - Introduction to 14 Network Security - 2009

  8. Ethernet Collision Domain • The range that is effected when a collision occurs. • 10Mbps Ethernet it is 2500 Meters • This can be changed by using switches • This can be changed by using switches and routers (more later) Dr. Doug Jacobson - Introduction to 15 Network Security - 2009 Connecting Devices • Repeater (physical layer only) • Hub (multi port repeater) • Bridge (layer 2 only) • Router (layer 3) • Router (layer 3) • Layer 2 switch • Layer 3 switch Dr. Doug Jacobson - Introduction to 16 Network Security - 2009

  9. Ethernet Hubs Hub C1 Hub Hub C3 C4 C2 Hub C5 C6 C7 Dr. Doug Jacobson - Introduction to 17 Network Security - 2009 Ethernet switches • Collisions can slow the network down • Switches create multiple collision domains • Typically one machine per leg of the switch • Switches only pass traffic to the leg of the • Switches only pass traffic to the leg of the switch where the destination is located • Switches reduce the traffic on each leg – Problem with network monitoring Dr. Doug Jacobson - Introduction to 18 Network Security - 2009

  10. Ethernet Router R1 P1 Switch Switch 1 P2 P3 P4 C1 P1 P1 Switch 2 Switch 3 P3 P2 P3 P2 P1 C3 C4 C2 Switch 4 Switch 4 P2 P3 P4 C5 C6 C7 Port table, switch 2 Port table, switch 4 Port HW Address Port HW Address P1 Uplink P1 Uplink P2 C5 P2 C2 P3 C6 P3 Multiple P4 C7 Dr. Doug Jacobson - Introduction to 19 Network Security - 2009 Ethernet Tap Points Router Router Hub OR Tap P1 Spanning or Monitoring mirrored port mirrored port Switch Switch Switch 1 Switch 1 Point Point P2 P3 P4 C1 P1 P1 Switch 2 Switch 3 P3 P2 P3 P2 C3 C4 C5 C2 Dr. Doug Jacobson - Introduction to 20 Network Security - 2009

  11. Ethernet - Frame Preamble (on wire only) 7 bytes Start Frame Delimiter 1 bytes Destination Address Destination Address 6 Bytes 6 Bytes Source Address 6 Bytes Type or Length 2 Bytes Data 46-1500 Bytes FCS 4 Bytes Dr. Doug Jacobson - Introduction to 21 Network Security - 2009 Ethernet Addresses • Goal is to have all addresses globally unique • 6 bytes – Upper 3 bytes vendor code – Upper 3 bytes vendor code – Lower 3 bytes independent • All 1’s = broadcast address Dr. Doug Jacobson - Introduction to 22 Network Security - 2009

  12. Ethernet Type/length • If value < 0x800 then it is a length field otherwise it is a protocol type field. Some common types are: Hex • 0800 DoD Internet Protocol (IP) • 0800 DoD Internet Protocol (IP) • 0805 X.25 level 3 • 0806 Address Resolution Protocol (ARP) • 6003 DECNET Phase IV • 6004 Dec LAT • 809B EtherTalk • 80F3 AppleTalk ARP Dr. Doug Jacobson - Introduction to 23 Network Security - 2009 Attacks and vulnerabilities • Header-based • Protocol-based • Authentication-based • Traffic-based • Traffic-based Dr. Doug Jacobson - Introduction to 24 Network Security - 2009

  13. Header-Based • Attacks – Setting the destination address as a broadcast address can cause traffic problems problems – Setting the source can cause switches to get confused • Mitigation – Very difficult to mitigate Dr. Doug Jacobson - Introduction to 25 Network Security - 2009 Protocol-Based • Protocol is simple and is in hardware Dr. Doug Jacobson - Introduction to 26 Network Security - 2009

  14. Authentication-Based • You can set the hardware address • Hardware address is used to authenticate in switches • Hardware addresses can be used to • Hardware addresses can be used to authenticate devices in a network Dr. Doug Jacobson - Introduction to 27 Network Security - 2009 Authentication-Based • Destination address spoofing • Destination address is obtained dynamically via a protocol • Trick a device into thinking you are the • Trick a device into thinking you are the destination (ARP Poisoning) • No good mitigation method Dr. Doug Jacobson - Introduction to 28 Network Security - 2009

  15. ARP Poisoning D1 Attacker R2 Switch Dr. Doug Jacobson - Introduction to 29 Network Security - 2009 Authentication-Based • Source Address Spoofing • Source address if not used for authentication by default • New security and network management • New security and network management methods are starting to use the source methods are starting to use the source address to authenticate the device. (Network Access Control [NAC]) • More on NAC as a general countermeasure later Dr. Doug Jacobson - Introduction to 30 Network Security - 2009

  16. Traffic-Based • Attack – Ethernet controllers can be set in promiscuous mode which enables them to sniff traffic • Mitigation • Mitigation – Encryption, VLAN (more later) • Broadcast traffic can cause flooding, hard to flood unless directly connected to the LAN • No good mitigation for flooding Dr. Doug Jacobson - Introduction to 31 Network Security - 2009 Wireless Security Topics • Standards • Devices • Protocol • Packet Format • Packet Format • Vulnerabilities • Mitigation Dr. Doug Jacobson - Introduction to 32 Network Security - 2009

  17. Wireless Standards Name Frequency Data Rate Max Distance 802.11a 5 GHz 54Mbps 30 meters 802.11b 2.4 GHz 11Mbps 30 meters 802.11g 2.4 GHz 11-54 Mbps 30 meters 802.11n 2.4 GHz 200-500 Mbps 50 meters Dr. Doug Jacobson - Introduction to 33 Network Security - 2009 Signal Reflection Dr. Doug Jacobson - Introduction to 34 Network Security - 2009

  18. Wireless Ethernet 802.11 • Two topologies – IBSS Independent Basic Service Set • Ad-hoc, all stations are peers – ESS Extended Service Set – ESS Extended Service Set • AP – Access points connected to a network • Station plus the AP form a BSS Dr. Doug Jacobson - Introduction to 35 Network Security - 2009 Wireless Network Environment A B C D E Access point A Access point B Access point C SSID = LAB SSID = OFFICE SSID = SERVER ROOM Switch Router Dr. Doug Jacobson - Introduction to 36 Network Security - 2009

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1

Introduction to Network Security Chapter 10 Web Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics WWW HTTP: Hyper Text Transfer Protocol HTTP Security HTML Protocol HTML Security

1.09k views • 74 slides
Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug

Introduction to Network Security Security Chapter 7 Transport Layer Protocols Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics TCP Layer Responsible for reliable end-to-end transfer of application data.

632 views • 32 slides
INTRODUCTION COMPUTER &amp; NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER &amp; NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER &amp; NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

374 views • 13 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

932 views • 55 slides
Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

1.12k views • 92 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson -

Introduction to Network Security Chapter 5 Physical Network Layer Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Lower Layer Security Physical Layer Overview Common attack methods Ethernet

1.01k views • 80 slides
Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson -

Introduction to Network Security Security Chapter 1 Network Architecture Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Chapter Topics Introduction Layered architecture Key terms Key terms Protocol

464 views • 19 slides
Balancing on the edge Transport affinity without network state Joo Taveira Arajo, Lorenzo

Balancing on the edge Transport affinity without network state Joo Taveira Arajo, Lorenzo

Balancing on the edge Transport affinity without network state Joo Taveira Arajo, Lorenzo Saino, Raul Landa and Lennert Buytenhek NSDI 2018 | this is the last slide (sort of) Faild decomposes load balancing as a division of labour

1.14k views • 103 slides
Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process Service Untrusted (IAS) Enclave Enclave Code Trusted Process Process Enclave Other Data Enclave OS and/or Hypervisor Off-chip devices 2

531 views • 24 slides
Experience with MAC Address Randomization in Windows 10 Christian Huitema Huitema@microsoft.com

Experience with MAC Address Randomization in Windows 10 Christian Huitema Huitema@microsoft.com

Experience with MAC Address Randomization in Windows 10 Christian Huitema Huitema@microsoft.com IETF 93, Prague, July 2015 MAC Randomization in WIndows 10 - 7/20/2015 1 IETF 93 MAC Address Randomization controlled from Windows 10 Wi-Fi UI

311 views • 6 slides
1 Reflection Equation Reflection Equation i i r r x x Sum over all light

1 Reflection Equation Reflection Equation i i r r x x Sum over all light

Illumination Models Foundations of Computer Graphics So far considered mainly local illumination (Spring 2012) Light directly from light sources to surface CS 184, Lecture 22: Global Illumination Global Illumination: multiple bounces

232 views • 5 slides
Har Hardw dware are box? Whats inside the Inside the case Motherboard Ethernet

Har Hardw dware are box? Whats inside the Inside the case Motherboard Ethernet

Har Hardw dware are box? Whats inside the Inside the case Motherboard Ethernet Card CPU Optical Drive Hard Disk Power Supply Memory Fan Video Card Sound Card

643 views • 26 slides
MySQL High Availability Solutions Alex Poritskiy Percona The Five 9s of Availability

MySQL High Availability Solutions Alex Poritskiy Percona The Five 9s of Availability

MySQL High Availability Solutions Alex Poritskiy Percona The Five 9s of Availability Clustering &amp; disasters Geographical Redundancy power failures network failures Clustering Technologies hardware failures software failures

593 views • 47 slides
Replication and Consistency Setting: Concurrent threads accessing shared data Roland Meyer (TU

Replication and Consistency Setting: Concurrent threads accessing shared data Roland Meyer (TU

Replication and Consistency in and hardware general memory consistency models in particular Roland Meyer Technische Universit at Kaiserslautern Roland Meyer (TU KL) Replication and Consistency IFIP WG 2.2 09/2016 1 / 32

1.76k views • 150 slides
Reconfigurable hardware for big ig data Gustavo Alonso Systems Group Department of Computer

Reconfigurable hardware for big ig data Gustavo Alonso Systems Group Department of Computer

Reconfigurable hardware for big ig data Gustavo Alonso Systems Group Department of Computer Science ETH Zurich, Switzerland www.systems.ethz.ch Systems Group 7 faculty ~40 PhD ~8 postdocs Researching all aspects of system

588 views • 27 slides

More recommend