network attacks control
play

Network Attacks & Control CS 161: Computer Security Prof. Vern - PowerPoint PPT Presentation

Nov 27, 2023 •165 likes •538 views

Network Attacks & Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

  1. Network Attacks & Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161 / March 16, 2017

  2. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a ;; global options: +cmd ;; Got answer: “ Answer ” tells us the IP address associated ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 with eecs.mit.edu is 18.62.1.6 and we can ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 cache the result for 21,600 seconds ;; QUESTION SECTION: ;eecs.mit.edu. IN A ;; ANSWER SECTION: eecs.mit.edu. 21600 IN A 18.62.1.6 ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. mit.edu. 11088 IN NS W20NS.mit.edu. mit.edu. 11088 IN NS STRAWB.mit.edu. ;; ADDITIONAL SECTION: STRAWB.mit.edu. 126738 IN A 18.71.0.151 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

  3. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;eecs.mit.edu. IN A ;; ANSWER SECTION: eecs.mit.edu. 21600 IN A 18.62.1.6 ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. In general, a single Resource Record (RR) like this mit.edu. 11088 IN NS W20NS.mit.edu. includes, left-to-right, a DNS name, a time-to-live , a mit.edu. 11088 IN NS STRAWB.mit.edu. family ( IN for our purposes - ignore), a type ( A here, which stands for “Address”), and an associated value ;; ADDITIONAL SECTION: STRAWB.mit.edu. 126738 IN A 18.71.0.151 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

  4. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a “ Authority ” tells us the name servers responsible for ;; global options: +cmd the answer. Each RR gives the hostname of a different ;; Got answer: name server ( “ NS ” ) for names in mit.edu. We should ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 cache each record for 11,088 seconds. ;; QUESTION SECTION: If the “ Answer ” had been empty, then the resolver’s ;eecs.mit.edu. IN A next step would be to send the original query to one of these name servers. ;; ANSWER SECTION: eecs.mit.edu. 21600 IN A 18.62.1.6 ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. mit.edu. 11088 IN NS W20NS.mit.edu. mit.edu. 11088 IN NS STRAWB.mit.edu. ;; ADDITIONAL SECTION: STRAWB.mit.edu. 126738 IN A 18.71.0.151 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

  5. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: “ Additional ” provides extra information to save us from ;eecs.mit.edu. IN A making separate lookups for it, or helps with bootstrapping. ;; ANSWER SECTION: Here, it tells us the IP addresses for the hostnames of the eecs.mit.edu. 21600 IN A 18.62.1.6 name servers. We add these to our cache. ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. mit.edu. 11088 IN NS W20NS.mit.edu. mit.edu. 11088 IN NS STRAWB.mit.edu. ;; ADDITIONAL SECTION: STRAWB.mit.edu. 126738 IN A 18.71.0.151 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

  6. DNS Protocol IP Header Lightweight exchange 16 bits 16 bits of query and reply messages, both SRC port DST port UDP Header with same message checksum length format Identification Flags Primarily uses UDP # Questions # Answer RRs for its transport # Authority RRs # Additional RRs DNS protocol, which is Questions what we’ll assume Query (variable # of resource records) UDP Payload or Answers (variable # of resource records) Frequently, both Reply Authority clients and servers (variable # of resource records) use port 53 Additional information (variable # of resource records)

  7. DNS Protocol IP Header Lightweight exchange 16 bits 16 bits of query and reply messages, both SRC=53 DST=53 UDP Header with same message checksum length format Identification Flags Primarily uses UDP # Questions # Answer RRs for its transport # Authority RRs # Additional RRs DNS protocol, which is Questions what we’ll assume Query (variable # of resource records) UDP Payload or Answers (variable # of resource records) Frequently, both Reply Authority clients and servers (variable # of resource records) use port 53 Additional information (variable # of resource records)

  8. DNS Protocol, con’t IP Header Message header: 16 bits 16 bits SRC=53 DST=53 • Identification: 16 bit # for query, reply to query uses checksum length same # Identification Flags • Along with repeating the Question and providing # Questions # Answer RRs Answer(s), replies can include # Authority RRs # Additional RRs “ Authority ” (name server Questions responsible for answer) and (variable # of resource records) “ Additional ” (info client is Answers (variable # of resource records) likely to look up soon anyway) Authority • Each Resource Record has a (variable # of resource records) Time To Live (in seconds) for Additional information (variable # of resource records) caching (not shown)

  9. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 What if the mit.edu server ;; QUESTION SECTION: is untrustworthy? Could its ;eecs.mit.edu. IN A operator steal, say, all of our ;; ANSWER SECTION: web surfing to Facebook? eecs.mit.edu. 21600 IN A 18.62.1.6 ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. mit.edu. 11088 IN NS W20NS.mit.edu. mit.edu. 11088 IN NS STRAWB.mit.edu. ;; ADDITIONAL SECTION: STRAWB.mit.edu. 126738 IN A 18.71.0.151 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

  10. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 Let’s look at a flaw in the ;; QUESTION SECTION: original DNS design ;eecs.mit.edu. IN A (since fixed) ;; ANSWER SECTION: eecs.mit.edu. 21600 IN A 18.62.1.6 ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. mit.edu. 11088 IN NS W20NS.mit.edu. mit.edu. 11088 IN NS STRAWB.mit.edu. ;; ADDITIONAL SECTION: STRAWB.mit.edu. 126738 IN A 18.71.0.151 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

  11. dig eecs.mit.edu A ; ; <<>> DiG 9.6.0-APPLE-P2 <<>> eecs.mit.edu a ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19901 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 What could happen if the mit.edu ;; QUESTION SECTION: ;eecs.mit.edu. IN A server returns the following to us instead? ;; ANSWER SECTION: eecs.mit.edu. 21600 IN A 18.62.1.6 ;; AUTHORITY SECTION: mit.edu. 11088 IN NS BITSY.mit.edu. mit.edu. 11088 IN NS W20NS.mit.edu. mit.edu. 30 IN NS www.facebook.com. ;; ADDITIONAL SECTION: www.facebook.com 30 IN A 18.6.6.6 BITSY.mit.edu. 166408 IN A 18.72.0.3 W20NS.mit.edu. 126738 IN A 18.70.0.160

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

184 views • 7 slides
Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of Control Methods of Taking Control Common Points of Attack Multifront Attacks Chapter 12 Auditing to Recognize Attacks Malicious

535 views • 7 slides
Network Threats &amp; Attacks 1 Internet Structure backbone ISP local network Internet

Network Threats &amp; Attacks 1 Internet Structure backbone ISP local network Internet

CS 134 Winter 2018 Lecture 16 Network Threats &amp; Attacks 1 Internet Structure backbone ISP local network Internet service Autonomous system (AS) is a provider (ISP) collection of IP networks under control local network of a single

769 views • 54 slides
Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet

Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet

Lecture 17 CS 134 Spring 2019 Network/Internet Threats/Attacks 1 Internet Structure backbone ISP local network Internet service Autonomous system (AS) is a provider (ISP) local network collection of IP networks under control of a

643 views • 25 slides
Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol except data

751 views • 51 slides
Control Hijacking Attacks C t lin Hri cu May 15, 2009 1 Substituting Prof. Backes 2

Control Hijacking Attacks C t lin Hri cu May 15, 2009 1 Substituting Prof. Backes 2

Practical Aspects of Security Prof. Michael Backes Control Hijacking Attacks C t lin Hri cu May 15, 2009 1 Substituting Prof. Backes 2 Control hijacking attacks Attackers goal: Take over target machine (e.g. web server)

921 views • 57 slides
Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network Coding Based Systems Vahid N. Talooki, University of Aveiro, Portugal Network Coding (NC) allows intermediate nodes not only to store and forward

307 views • 4 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu Materials adopted from Prof. David Wagner 2019 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication

876 views • 60 slides
CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

804 views • 31 slides
Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control

Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control

Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control Control Flow Flow Integrity Integrity Attacks Attacks 2 http://propercourse.blogspot.com/2010/05/i-believe-in-duct-tape.html CFI: Goal Provably

744 views • 41 slides
Out of Control: Stealthy Attacks on Robotic Vehicles Protected by Control-Based Techniques Pritam

Out of Control: Stealthy Attacks on Robotic Vehicles Protected by Control-Based Techniques Pritam

Out of Control: Stealthy Attacks on Robotic Vehicles Protected by Control-Based Techniques Pritam Dash, Mehdi Karimi, and Karthik Pattabiraman University of British Columbia, Vancouver, Canada 1 Robotic Vehicle (RV) in Industrial Sector

441 views • 23 slides
CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020

CSE 127: Introduction to Security Lecture 10: Network Attacks Deian Stefan UCSD Winter 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

585 views • 36 slides
CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020

CSE 127: Introduction to Security Lecture 13: Network Attacks Deian Stefan UCSD Fall 2020 Material from Nadia Heninger, Stefan Savage, David Wagner, and Nick Weaver Threat modeling for network attacks Basic security goals:

1.11k views • 39 slides
Attacks in SDN Domains Kostas Giotis , Maria Apostolaki, Vasilis Maglaris IEEE/IFIP Network

Attacks in SDN Domains Kostas Giotis , Maria Apostolaki, Vasilis Maglaris IEEE/IFIP Network

NATIONAL TECHNICAL UNIVERSITY OF ATHENS - NTUA SCHOOL OF ELECTRICAL &amp; COMPUTER ENGINEERING NETWORK MANAGEMENT &amp; OPTIMAL DESIGN LABORATORY (NETMODE) A Reputation-based Collaborative Schema for the Mitigation of Distributed Attacks in SDN

631 views • 9 slides
SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose Purpose To tie SLAC control points to existing coordinate system &amp; datum. (ie. NAD 83 CA State Plane Zone 3, UTM Zone 10, WGS84) Network

372 views • 14 slides
Media Briefing 13th November 2020 #GuernseyTogether Gov.gg/coronavirus COVID-19 New cases in

Media Briefing 13th November 2020 #GuernseyTogether Gov.gg/coronavirus COVID-19 New cases in

Coronavirus Media Briefing 13th November 2020 #GuernseyTogether Gov.gg/coronavirus COVID-19 New cases in the Negative Positive Awaiting Results Bailiwick 21,831 282 79 Since we started Phase 5c on Wednesday 28th October we have

118 views • 10 slides
Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network

Computer Security http://security.di.unimi.it/sicurezza1819/ Chapter 3: 1 Chapter 17: Network Security Chapter 17: 2 Agenda Net adversary TCP attacks DNS attacks Firewalls Intrusion detection Honeypots Chapter 17: 3

792 views • 62 slides
Mnemonic Devices Can Exemplar Case Make you a Better Clinician! Ms J is a 57 yo

Mnemonic Devices Can Exemplar Case Make you a Better Clinician! Ms J is a 57 yo

Finding the Sweet Spot Disclosures When Caring for Vulnerable Patients While I am a deeply conflicted person, I have no conflicts of interest to disclose Dean Schillinger MD, UCSF Professor of Medicine in Residence Chief, Division of

282 views • 9 slides
Software Engineering and Architecture Writing Clean Code Motivation Code is written to

Software Engineering and Architecture Writing Clean Code Motivation Code is written to

Software Engineering and Architecture Writing Clean Code Motivation Code is written to Be compiled, deployed, and executed by users in order to serve their need So we make money, get salaries and can buy presents for our spouses (or

684 views • 35 slides
Subject Access Request vs Suspicious Activity Report Richard Field www.aicp.im SARS &amp; DSARS

Subject Access Request vs Suspicious Activity Report Richard Field www.aicp.im SARS &amp; DSARS

Subject Access Request vs Suspicious Activity Report Richard Field www.aicp.im SARS &amp; DSARS WHAT A DIFFERENCE A D MAKES Richard Field Partner, Appleby (Guernsey) LLP applebyglobal.com SARS &amp; DSARs What a difference a

626 views • 25 slides
BIND Part 2 pschiu Computer Center, CS, NCTU BIND Configuration named.conf view (1) q The

BIND Part 2 pschiu Computer Center, CS, NCTU BIND Configuration named.conf view (1) q The

BIND Part 2 pschiu Computer Center, CS, NCTU BIND Configuration named.conf view (1) q The &quot;view&quot; statement Create a different view of DNS naming hierarchy for internal machines Restrict the external view to few well-known

753 views • 62 slides
BIND configuration Computer Center, CS, NCTU BIND BIND the Berkeley Internet Name

BIND configuration Computer Center, CS, NCTU BIND BIND the Berkeley Internet Name

BIND configuration Computer Center, CS, NCTU BIND BIND the Berkeley Internet Name Domain system Main versions BIND4 Announced in 1980s Based on RFC 1034, 1035 Deprecated in 2001 BIND8 Released in 1997

765 views • 72 slides
Exelon Corporation (EXC) Jack Thayer, Sr. Executive Vice President and CFO Wolfe e Res esea

Exelon Corporation (EXC) Jack Thayer, Sr. Executive Vice President and CFO Wolfe e Res esea

Exelon Corporation (EXC) Jack Thayer, Sr. Executive Vice President and CFO Wolfe e Res esea earch ch Power er &amp; Ga &amp; Gas Lea eade ders Confer eren ence ce September 18, 2014 Cautionary Statements Regarding Forward-Looking

112 views • 8 slides

More recommend