network 1 ethernet dhcp arp and wifi
play

Network #1: Ethernet, DHCP , ARP , and WiFi 1 Meme of the Day - PowerPoint PPT Presentation

Nov 22, 2023 •219 likes •571 views

Computer Science 161 Fall 2016 Popa and Weaver Network #1: Ethernet, DHCP , ARP , and WiFi 1 Meme of the Day Computer Science 161 Fall 2016 Popa and Weaver 2 Meme of the Day (True: Its called "Machine Learning")

  1. Computer Science 161 Fall 2016 Popa and Weaver Network #1: 
 Ethernet, DHCP , ARP , and WiFi 1

  2. Meme of the 
 Day Computer Science 161 Fall 2016 Popa and Weaver 2

  3. Meme of the 
 Day (True: It’s called "Machine Learning") Computer Science 161 Fall 2016 Popa and Weaver 3

  4. Outline Computer Science 161 Fall 2016 Popa and Weaver • Today's Focus, the low level LAN: Physical and Link Layer • Ethernet • And then Wireless Ethernet • Broadcast networks and packet injection • Wireless security and (in)security • The Key Broadcast Protocols: • DHCP: • How do I know what I should be • ARP: • How do I find out who to talk to? • Fixing Broadcast: Smart Switches 4

  5. So What Happens When 
 You Search Google on Wifi... Computer Science 161 Fall 2016 Popa and Weaver • Step 1, join the Wireless Network: • Your computer shouts out: • "Hey, does Wireless Network X exist?" • Wireless points continually shout out: • "Hey, I'm Wireless Network Y, Join Me" • If either match up... • Your computer then joins the network • Optionally performs a cryptographic negotiation 5

  6. So What Happens When 
 You Search Google on Wifi... Computer Science 161 Fall 2016 Popa and Weaver • Step 2, Configure Your Connection: • Your computer shouts out on the local network: • "Hey, anybody, what basic configuration do I need to use?" • Internet address (IP address) • Gateway (where should I send packets destined to the Internet) • DNS server (the system which maps "www.google.com" to an IP address (eg, 102.14.183.12 for IPv4 (32b value, presented as 4 integers from 0-255), cafe:f00d:f00d:000f:02:21:1a:2 (128b value, presented as 8 hex groups of 16b each) for IPv6 • Some system on the local network says back: • Here is your configuration, enjoy 6

  7. So What Happens When 
 You Search Google on Wifi... Computer Science 161 Fall 2016 Popa and Weaver • Step 3, Generate DNS request • DNS uses the UDP Internet Protocol: Unreliable datagrams • Your computer sends a message to the configured DNS server (Recursive Resolver) • Hey, what is the IP address for "www.google.com"? • The DNS server then searches the general Internet • In an annoying disturbed process I'll talk about on Thursday • The DNS server than answers back: • "www.google.com" is here.... 7

  8. So What Happens When 
 You Search Google on Wifi... Computer Science 161 Fall 2016 Popa and Weaver • Step 4, Establish a TCP connection to the remote host • TCP is an in-order, reliable Internet protocol with congestion control • Your machine sends a TCP "SYN" request to the Google server • Google's server responds with a "SYN/ACK" • Your machine then replies with an "ACK" • After this 3-way handshake, your computer then starts to talk to the web server 8

  9. So What Happens When 
 You Search Google on Wifi... Computer Science 161 Fall 2016 Popa and Weaver • Step 5: Negotiate an encrypted TLS session over the TCP connection • Your computer says: • "I want to use an encrypted connection to this host" • Google replies with: • "OK, here's a certificate that proves my public key belongs to me, let's start talking" • Handshake continues back and forth until the two sides agree on a common cryptographic key 9

  10. So What Happens When 
 You Search Google on Wifi... Computer Science 161 Fall 2016 Popa and Weaver • Step 6: Now its HTTP requests • Your computer says: • I want to fetch the url / for the host www.google.com • Google replies with: • "OK, here you go..." • Now your browser starts running on the data • And this gets into the web security stu ff much later in the course... 10

  11. Layers And The 
 Network Computer Science 161 Fall 2016 Popa and Weaver • The network breaks things up into abstraction layers • High level layers avoid having to know much about the lower level layers • Your computer sees just high level operations • Open a network connection • Open an encrypted network connection • Layers isolate things • Major layers: • TCP or UDP • IP • Ethernet 11

  12. Packets and The 
 Network Computer Science 161 Fall 2016 Popa and Weaver • Modern networks break communications up into packets • For our purposes, packets contain a variable amount of data up to a maximum specified by the particular network • The sending computer breaks up the message and the receiving computer puts it back together • So the software doesn’t actually see the packets per-se • Network itself is packet switched : sending each packet on towards its next destination • Other properties: • Packets are received correctly or not at all in the face of random errors • The network does not enforce correctness in the face of adversarial inputs: 
 They are checksums not cryptographic MACs. • Packets may be unreliable and “dropped” • Its up to higher-level protocols to make the connection reliabls 12

  13. The Basic Ethernet 
 Packet Computer Science 161 Fall 2016 Popa and Weaver • An Ethernet Packet contains: • A preamble to synchronize data on the wire • We normally ignore this when talking about Ethernet • 6 bytes of destination MAC address • In this case, MAC means media access control address, not message authentication code! • 6 bytes of source MAC address • Optional 4-byte VLAN tag • 2 bytes length/type field • 46-1500B of payload DST MAC SRC MAC VLAN Type PAYLOAD 13

  14. The MAC Address Computer Science 161 Fall 2016 Popa and Weaver • The MAC acts as a device identifier • The upper 3 bytes are assigned to a manufacturer • Can usually identify product with just the MAC address • The lower 3 bytes are assigned to a specific device • Making the MAC a de-facto serial # • Usually written as 6 bytes in hex: • e.g. 13:37:ca:fe:f0:0d • A device should ignore all packets that aren't to itself or to the broadcast address ( ff:ff:ff:ff:ff:ff ) • But almost all devices can go into promiscuous mode • This is also known as "sni ffi ng tra ffi c" • A device generally should only send with its own address • But this is enforced with software and can be trivially bypassed when you need to write "raw packets" 14

  15. The Hub... Computer Science 161 Fall 2016 Popa and Weaver • In the old days, Ethernet was simply a shared broadcast medium • Every system on the network could hear every sent packet • Implemented by either a long shared wire or a “hub” which repeated every message to all other systems on the network • Thus the only thing preventing every other computer from listening in is simply the network card’s default to ignore anything not directed at it • The hub or wire is incapable of enforcing senders either • Any sender could simply lie about it’s MAC address when constructing a packet 15

  16. The Hub Yet Lives! Computer Science 161 Fall 2016 Popa and Weaver • WiFi is e ff ectively “Ethernet over Wireless” • With optional encryption which we will cover later • Open wireless networks are just like the old Ethernet hub: • Any recipient can hear all the other sender’s tra ffi c • Any sender can use any MAC address it desires • With the added bonus of easy to hijack connections • By default, your computer sends out “hey, is anyone here” looking for networks it knows • For open networks, anybody can say “Oh, yeah, here I am” and your computer connects to them 16

  17. Rogue Access Points... Computer Science 161 Fall 2016 Popa and Weaver • Since unsecured wireless has no authentication... • And since devices by default shout out "hey, is anyone here network X" • You can create an AP that simply responds with "of course I am" • The mana toolkit: https://github.com/sensepost/mana • Now simply relay the victim's tra ffi c onward • And do whatever you want to any unencrypted requests that either happen automatically or when the user actually does something • I suspect I've seen this happening around Berkeley • Seen an occasional unencrypted version of a password protected network I'd normally use • Recommendations: • Do not remember unsecured networks • Do not have your computer auto-join open networks 17

  18. tcpdump Computer Science 161 Fall 2016 Popa and Weaver • The tcpdump program allows you to see packets on the network • It puts your computer’s card into promiscuous mode so it ignores MAC addresses • You can add additional filters to isolate things • EG, only to and from your own IP • sudo tcpdump -i en0 host {myip} • Note: this is wiretapping • DO NOT RUN on a random open wireless network without a filter to limit the tra ffi c you see • Only run without filters when connected to your own network • But do run it when you get home! 18

  19. Broadcast is Dangerous: 
 Packet Injection Computer Science 161 Fall 2016 Popa and Weaver • If your attacker can see your packets… • It isn’t just an information leakage • Instead, an attacker can also inject their own packets • The low level network does not enforce any integrity or authenticity • So unless the high level protocol uses cryptographic checks… • The target simply accepts the first packet it receives as valid! • This is a “race condition attack”, whichever packet arrives first is accepted 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ethernet and WiFi h-p://xkcd.com/466/ CSCI 466: Networks

Ethernet and WiFi h-p://xkcd.com/466/ CSCI 466: Networks

Ethernet and WiFi h-p://xkcd.com/466/ CSCI 466: Networks Keith Vertanen Fall 2011 Overview Mul?ple access networks Ethernet Long

730 views • 25 slides
WiFi Session 17 INST 346 Goals for Today H5 Switched Ethernet WiFi Analysis

WiFi Session 17 INST 346 Goals for Today H5 Switched Ethernet WiFi Analysis

WiFi Session 17 INST 346 Goals for Today H5 Switched Ethernet WiFi Analysis Team 3 LAN addresses and ARP each adapter on LAN has unique LAN address 1A-2F-BB-76-09-AD LAN (wired or adapter wireless) 71-65-F7-2B-08-53

325 views • 20 slides
Simple Internetworking Network 1 (Ethernet) Internetworking Network 2 (Ethernet) H1 H2 H3 H7

Simple Internetworking Network 1 (Ethernet) Internetworking Network 2 (Ethernet) H1 H2 H3 H7

Simple Internetworking Network 1 (Ethernet) Internetworking Network 2 (Ethernet) H1 H2 H3 H7 R3 H8 Network 4 (point-to-point) R1 R2 Kameswari Chebrolu H4 Network 3 (FDDI) Router Dept. of Electrical Engineering, IIT Kanpur H6 H5

543 views • 4 slides
WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home

WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home

Advanced Network Security (2019-2020) WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home WiFi network IEEE 802.11 WEP WPA/WPA2/WPA3 Personal/Enterprise Eduroam Attacks 2

674 views • 45 slides
Ultra-Low Latency Ethernet Ethernet Everywhere Network Technology Lab of 2012 Labs

Ultra-Low Latency Ethernet Ethernet Everywhere Network Technology Lab of 2012 Labs

Ultra-Low Latency Ethernet Ethernet Everywhere Network Technology Lab of 2012 Labs www.huawei.com James.huang@huawei.com HUAWEI TECHNOLOGIES CO., LTD. What is Required for 5G X-Haul Network? Integra rated Fronthaul / Backhaul Unified

249 views • 11 slides
DHCP (RFC 2131) Deliver host-specific configuration parameters from DHCP server to host.

DHCP (RFC 2131) Deliver host-specific configuration parameters from DHCP server to host.

DHCP (RFC 2131) Deliver host-specific configuration parameters from DHCP server to host. Allocate network address to nodes: Automatic allocation: permanent assignment. Dynamic allocation: for a limited period of time. Manual

387 views • 9 slides
WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi

WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi

Advanced Network Security WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi IEEE 802.11 standard Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications original

721 views • 48 slides
... sclass1 sclass10 Net-linux Net-linux DHCP DHCP The lab has 10 dell systems. Each dell

... sclass1 sclass10 Net-linux Net-linux DHCP DHCP The lab has 10 dell systems. Each dell

Notes on Running Dsniff and the Lab Network Environment Cyber Security Lab 2/16/10 1 General Overview 1.1 Initial machine configuration Outside World DMZ Management 192.168.50.50 192.168.50.60 Dmz 192.168.50.0/24 FW1 Outside =

182 views • 4 slides
IPsec, BGPsec, DNSSEC Lecture 20 Internet Protocol Suite Link layer: ethernet, wifi etc. Internet

IPsec, BGPsec, DNSSEC Lecture 20 Internet Protocol Suite Link layer: ethernet, wifi etc. Internet

IPsec, BGPsec, DNSSEC Lecture 20 Internet Protocol Suite Link layer: ethernet, wifi etc. Internet layer: addressing and routing Transport layer: Setting up channels (between ports), with traffic control, error-correction etc. TCP/IP for

676 views • 16 slides
WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise

WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise

Advanced Network Security WiFi security Joeri de Ruiter Agenda WiFi security WPA(2) Personal Enterprise WPA3 Key reinstallaton aaacas 2 WiFi IEEE 802.11 standard Some terminology: Staton (STA) is a

479 views • 46 slides
Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction & wireshark workshop @ KirilsSolovjovs wireshark +4fd9 ISO/OSI+DoD model wireshark +4fd9 T opics for our workshop Network layer models Ethernet, WiFi Layer3: ARP, ICMP, IPv4, IPv6 Layer4:

812 views • 44 slides
Ethernet broadband or baseband signalling Hub and repeaters Ethernet switches and

Ethernet broadband or baseband signalling Hub and repeaters Ethernet switches and

Ethernet broadband or baseband signalling Hub and repeaters Ethernet switches and bridges: Ethernet packets Ethernet topologies Bus, star, tree. Carrier-Sense Multiple Access with Collision Detection (CSMA/CD) All nodes

499 views • 27 slides
Distributed Mobility Management Protocol for WiFi Users in Fixed Network Behcet

Distributed Mobility Management Protocol for WiFi Users in Fixed Network Behcet

Distributed Mobility Management Protocol for WiFi Users in Fixed Network Behcet Sarikaya(sarikaya@ieee.org) Li Xue (xueliucb@gmail.com) IETF 95 draft-sarikaya-dmm-for-wifi-04 1 DMM for WiFi i2rs Client Netconf i2rs Agent OpenFlow 2

733 views • 6 slides
iLab NAT / DHCP Florian Wohlfart Minoo Rouhi lastname @in.tum.de Chair of Network Architectures

iLab NAT / DHCP Florian Wohlfart Minoo Rouhi lastname @in.tum.de Chair of Network Architectures

iLab NAT / DHCP Florian Wohlfart Minoo Rouhi lastname @in.tum.de Chair of Network Architectures and Services Department of Informatics Technical University of Munich Lab 6 17ws 1 / 39 Outline Meta IPv4 Address Scarcity NAT IPv6

957 views • 59 slides
Summary Chapter 4 q IP Addressing v Network prefixes and Subnets v IP datagram format q DHCP

Summary Chapter 4 q IP Addressing v Network prefixes and Subnets v IP datagram format q DHCP

Smith College, CSC 249 March 2, 2018 1 Summary Chapter 4 q IP Addressing v Network prefixes and Subnets v IP datagram format q DHCP dynamic addressing v Obtain: own IP address Subnet mask, DNS server & first-hop v router IP address q

205 views • 20 slides
Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP

1/24/2012 Recap and overview Looking at security of TCP/IP IP, Ethernet, ARP TCP/IP: ICMP, UDP Sniffing the network and forging packets tcpdump, wireshark Today: ICMP and UDP Network Security Lecture 5 Eike Ritter Network

281 views • 7 slides
A First Step towards the Automatic Generation of Security Protocols Adrian Perrig and Dawn Song

A First Step towards the Automatic Generation of Security Protocols Adrian Perrig and Dawn Song

A First Step towards the Automatic Generation of Security Protocols Adrian Perrig and Dawn Song CMU, UCB Adrian Perrig and Dawn Song NDSS - APG 1 Difficulties in the Design of Security Protocols Usually ad-hoc, lacking formalism. Hidden

324 views • 19 slides
Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security Symposium, 2008 Many Protocols Authentication and key exchange SSL/TLS, Kerberos, IKE, JFK, IKEv2, Wireless and mobile computing Mobile IP, WEP,

959 views • 71 slides
Protocol Layering An Engineering Approach to Computer Networking An Engineering Approach to

Protocol Layering An Engineering Approach to Computer Networking An Engineering Approach to

Protocol Layering An Engineering Approach to Computer Networking An Engineering Approach to Computer Networking Peer entities Customer A and B are peers peers Customer A and B are Postal worker A and B are peers peers Postal worker

343 views • 31 slides
eMASS, the True Story Todays Presenter: Rebecca Onuskanich, Cybersecurity Consultant June 29,

eMASS, the True Story Todays Presenter: Rebecca Onuskanich, Cybersecurity Consultant June 29,

https://www.csiac.org/ eMASS, the True Story Todays Presenter: Rebecca Onuskanich, Cybersecurity Consultant June 29, 2017 Moderator: Steve Warzala swarzala@quanterion.com The Risk Management Framework Process Step 6: Step 1:

575 views • 34 slides
Some applications and protocols Internet Casino Identity-based encryption Commitment

Some applications and protocols Internet Casino Identity-based encryption Commitment

Some applications and protocols Internet Casino Identity-based encryption Commitment Functional encryption Shared coin flips Fully-homomorphic encryption APPLICATIONS AND PROTOCOLS Threshold cryptography Searchable

399 views • 11 slides
Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements intermission More crypto protocols and failures Stephen McCamant More causes of crypto failure University of Minnesota, Computer Science &

430 views • 4 slides
Evaluating PoW Consensus Protocols' Security Ren Zhang Bart Preneel ren@nervos.org

Evaluating PoW Consensus Protocols' Security Ren Zhang Bart Preneel ren@nervos.org

Lay Down the Common Metrics Evaluating PoW Consensus Protocols' Security Ren Zhang Bart Preneel ren@nervos.org bart.preneel@esat.kuleuven.be @nirenzang PUBLISH OR PERISH SUBCHAINS BYZCOIN GOSHAWK TORTOISE AND HARES BITCOIN-NG (AETERNITY,

446 views • 27 slides
Restful Application Protocol Babita Saini Outline Introduction What Is a Domain

Restful Application Protocol Babita Saini Outline Introduction What Is a Domain

Restful Application Protocol Babita Saini Outline Introduction What Is a Domain Application Protocol? Design Steps A RESTful Procurement Application References Domain Application Protocol A domain application protocol is

1.31k views • 59 slides

More recommend