network control
play

Network Control CS 161: Computer Security Prof. Vern Paxson TAs: - PowerPoint PPT Presentation

Sep 08, 2023 •185 likes •880 views

Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate

  1. Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161 / March 21, 2017

  2. Review: Sniffing & Spoofing

  4. A & B can see everything each other sends if they’re on the same open or WPA-Personal WiFi network

  5. Because of this, B can spoof DHCP offers to A, and vice versa. But no one else can, because the requests stay within A’s subnet.

  6. R can see anything A, B or C send out to the Internet … and any replies sent back to them

  7. Thus, R can do successful TCP or DNS injection on them … … other than for local traffic such as between A & B

  8. … since R can’t see what A sends to B or vice versa

  9. C can’t see any of A or B’s traffic since C is on a different subnet. C likewise can’t see R’s traffic.

  10. D can’t see E’s traffic nor any traffic from the Berkeley Network unless it happens to be directed to D

  11. Like all Internet hosts, D can spoof whatever packet fields D desires … BUT

  12. BUT it’s a separate question whether those spoofs will succeed. The use of randomized fields in TCP & DNS make this very hard.

  13. Controlling Networks Using Firewalls

  14. Controlling Networks … On The Cheap • Motivation: How do you harden a set of systems against external attack? – Key Observation: • The more network services your machines run, the greater the risk – Due to larger attack surface • One approach: on each system, turn off unnecessary network services – But you have to know all the services that are running – And sometimes some trusted remote users still require access • Plus key question of scaling – What happens when you have to secure 100s/1000s of systems? – Which may have different OSs, hardware & users … – Which may in fact not all even be identified …

  15. Taming Management Complexity • Possibly more scalable defense: Reduce risk by blocking in the network outsiders from having unwanted access your network services – Interpose a firewall that traffic to/from the outside must traverse – Chokepoint can cover 1000s of hosts Internal Internet Network

  16. Selecting a Security Policy • Effectiveness of firewall relies on deciding what policy it should implement: – Who is allowed to talk to whom, accessing what service? • Distinguish between inbound & outbound connections – Inbound: attempts by external users to connect to services on internal machines – Outbound: internal users to external services – Why? Because fits with a common threat model

  17. Selecting a Security Policy • Effectiveness of firewall relies on deciding what policy it should implement: – Who is allowed to talk to whom, accessing what service? • Distinguish between inbound & outbound connections – Inbound: attempts by external users to connect to services on internal machines – Outbound: internal users to external services – Why? Because fits with a common threat model • Conceptually simple access control policy : – Permit inside users to connect to any service – External users restricted: • Permit connections to services meant to be externally visible • Deny connections to services not meant for external access

  18. How To Treat Traffic Not Mentioned in Policy? • Default Allow : start off permitting external access to services – Shut them off as problems recognized

  19. How To Treat Traffic Not Mentioned in Policy? • Default Allow : start off permitting external access to services – Shut them off as problems recognized • Default Deny : start off permitting just a few known, well-secured services – Add more when users complain (and mgt. approves)

  20. How To Treat Traffic Not Mentioned in Policy? • Default Allow : start off permitting external access to services – Shut them off as problems recognized ✓ • Default Deny : start off permitting just a few known, well-secured services – Add more when users complain (and mgt. approves) In general, use Default Deny • Pros & Cons? – Flexibility vs. conservative design – Flaws in Default Deny get noticed more quickly / less painfully

  21. Packet Filters • Most basic kind of firewall is a packet filter – Router with list of access control rules – Router checks each received packet against security rules to decide to forward or drop it – Each rule specifies which packets it applies to based on a packet’s header fields (stateless) • Specify source and destination IP addresses, port numbers, and protocol names, or wild cards

  22. 4-bit 8-bit 4-bit 16-bit Total Length (Bytes) Header Type of Service Version Length (TOS) 3-bit 16-bit Identification 13-bit Fragment Offset Flags IP Header 8-bit Time to 8-bit Protocol 16-bit Header Checksum Live (TTL) 32-bit Source IP Address 32-bit Destination IP Address Source port Destination port Sequence number TCP Header Acknowledgment HdrLen Advertised window Flags 0 Checksum Urgent pointer Data

  23. Packet Filters • Most basic kind of firewall is a packet filter – Router with list of access control rules – Router checks each received packet against security rules to decide to forward or drop it – Each rule specifies which packets it applies to based on a packet’s header fields (stateless) • Specify source and destination IP addresses, port numbers, and protocol names, or wild cards • Each rule specifies the action for matching packets: ALLOW or DROP (aka DENY) <ACTION> <PROTO> <SRC:PORT> -> <DST:PORT> – First listed rule has precedence

  24. Examples of Packet Filter Rules allow tcp 4.5.5.4:1025 -> 3.1.1.2:80 • States that the firewall should permit any TCP packet that’s: – from Internet address 4.5.5.4 and – using a source port of 1025 and – destined to port 80 of Internet address 3.1.1.2 deny tcp 4.5.5.4:* -> 3.1.1.2:80 • States that the firewall should drop any TCP packet like the above, regardless of source port

  25. Examples of Packet Filter Rules deny tcp 4.5.5.4:* -> 3.1.1.2:80 allow tcp 4.5.5.4:1025 -> 3.1.1.2:80 • In this order , the rules won’t allow any TCP packets from 4.5.5.4 to port 80 of 3.1.1.2 allow tcp 4.5.5.4:1025 -> 3.1.1.2:80 deny tcp 4.5.5.4:* -> 3.1.1.2:80 • In this order , the rules allow TCP packets from 4.5.5.4 to port 80 of 3.1.1.2 only if they come from source port 1025

  26. Firewall Considerations • Firewalls can have 1000s of filtering rules like these – Easy to introduce subtle errors 😖 • Provide not only security but also policy enforcement – E.g. do not allow company systems to access file-sharing sites • Modern firewalls operate in a stateful fashion – Make Yes/No decisions upon establishment of a connection/flow • For Yes decisions, add 4-tuple to a connection table consulted for future traffic • Drop arriving non-establishment packet if not in table • An important example of a reference monitor

  27. Security Principle: Reference Monitors • Firewalls embody useful principles that are applicable elsewhere in computer security – Optimized for enforcing particular kind of access control policy – Chokepoint notion makes enforcement possible • A reference monitor examines every request to access a controlled resource (an object ) and determines whether to allow request Reference Object Subject Monitor Request

  28. Reference Monitor Security Properties • Always invoked – Complete mediation property: all security-relevant operations must be mediated by RM – RM should be invoked on every operation controlled by access control policy • Tamper-resistant – Maintain RM integrity (no code/state tampering) • Verifiable – Can verify RM operation (correctly enforces desired access control policy) • Requires extremely simple RM • We find we can’t verify correctness for systems with any appreciable degree of complexity

  29. Considering Firewalls as Reference Monitors • Always invoked? – Place Packet Filter as an in-path element on chokepoint link for all internal-external communications – Packets only forwarded across link if firewall explicitly decides to do so after inspection

  30. Potential Problems? • What if a user hooks up an unsecured wireless access point to their internal machine? • Anyone who drives by with wireless-enabled laptop can gain access to internal network – Bypasses packet filter! • Or: what if user brings an infected device onto the premises? • To use a firewall safely, must ensure we’ve covered all links between internal and external/ untrusted networks with firewalls – Set of links known as the security perimeter

  31. RM Property: Tamper-Resistant • Will this hold? • Do not allow management access to firewall other than from specific hosts – I.e., firewall itself needs firewalling • Protect firewall’s physical security • Must also secure storage & propagation of configuration data

  32. RM Property: Verifiable • Will this hold? • Current practice: – Packet filter software too complex for feasible systematic verification … – … and rulesets with 1,000s (!) of rules • Result: – Bugs that allowed attackers to defeat intended security policy by sending unexpected packets that packet filter doesn’t handle as desired • In addition: challenging to ensure network topology does not allow internal access by untrusted devices

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose Purpose To tie SLAC control points to existing coordinate system &amp; datum. (ie. NAD 83 CA State Plane Zone 3, UTM Zone 10, WGS84) Network

372 views • 14 slides
Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane traditional (intra-domain) routing algorithms SDN controllers and their instantiation, implementation in the Internet: OSPF, RIP, OpenFlow, ODL

1.31k views • 75 slides
Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K.

Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K.

Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K. Mukerjee Computer Science PhD Thesis Defense May 1st, 2018 Network Control CDN server selection Routing Congestion Control VM migration Network

1.71k views • 131 slides
CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019

CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019

CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019 annika@sensortransport.com THE PROBLEM Status of Cargo Status of Shipment $100 BILL LOST ANNUALLY FROM DAMAGE Manual Delivery AND THEFT THE SOLUTION A

2.74k views • 9 slides
Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control Systems Research Philipp Mieden &amp; Rutger Beltman, 2020 Supervisor: Bartosz Czaszynski, Deloitte Industrial Network VS Corporate Network 2

379 views • 35 slides
The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization

The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization

The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization @ Work 2020 The Gas Network Control Problem General description Optimization of short-term transient gas network control of large real-world

917 views • 39 slides
Tiny%Packet%Programs% for%low4latency%network%control% Vimal %

Tiny%Packet%Programs% for%low4latency%network%control% Vimal %

Tiny%Packet%Programs% for%low4latency%network%control% Vimal % Mohammad%Alizadeh,%Yilong%Geng,%Changhoon%Kim,%David%Mazires% Timescales%of%Network%FuncFons% Network% Load%Balancing% Virtual%Network% CongesFon% Forwarding%% Provisioning%

567 views • 29 slides
Session #4: Transport Network Control (ASON, Session #4: Transport Network Control (ASON, GMPLS

Session #4: Transport Network Control (ASON, Session #4: Transport Network Control (ASON, GMPLS

I nternational Telecom m unication Union ITU-T Session #4: Transport Network Control (ASON, Session #4: Transport Network Control (ASON, GMPLS and Control plane management) GMPLS and Control plane management) Highlights &amp; Conclusions

420 views • 7 slides
Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File Systems Network File Systems Stephen Smaldone, Vinod Ganapathy, and Liviu Iftode DiscoLab - Department of Computer Science Rutgers, The State University

667 views • 23 slides
Management of ASON- -capable capable Management of ASON Network and its Control Plane Network

Management of ASON- -capable capable Management of ASON Network and its Control Plane Network

I nternational Telecom m unication Union ITU-T Management of ASON- -capable capable Management of ASON Network and its Control Plane Network and its Control Plane H. Kam LAM Lucent Technologies I TU-T W orkshop NGN and its Transport

449 views • 28 slides
Network Control As usual, thanks to Vern Paxson and David Wagner 1 Focus of This Lecture

Network Control As usual, thanks to Vern Paxson and David Wagner 1 Focus of This Lecture

Network Control As usual, thanks to Vern Paxson and David Wagner 1 Focus of This Lecture Begin discussion of approaches for controlling network traffic: Firewalls: restricting allowed communication NATs: Network Address

1.03k views • 44 slides
Ground Control to Major Faults: Towards Fault Tolerant and Adaptive SDN Control Network Liron

Ground Control to Major Faults: Towards Fault Tolerant and Adaptive SDN Control Network Liron

Ground Control to Major Faults: Towards Fault Tolerant and Adaptive SDN Control Network Liron Schiff (Tel Aviv University) Stefan Schmid (TU Berlin, Germany &amp; Aalborg University, Denmark) Marco Canini (Universit catholique de Louvain)

524 views • 28 slides
KYTCs Real Time Network and its role in GPS Machine Control Machine Control Pilot Project

KYTCs Real Time Network and its role in GPS Machine Control Machine Control Pilot Project

KYTCs Real Time Network and its role in GPS Machine Control Machine Control Pilot Project Evaluate use of RTN in place of on site GPS Base Station Additional Cost Downtime for setup Communication Issues Accuracy Comparison

635 views • 21 slides
Evaluation of TCP BBR v2 Congestion Control Using Network Emulation Intermediate talk for the

Evaluation of TCP BBR v2 Congestion Control Using Network Emulation Intermediate talk for the

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Evaluation of TCP BBR v2 Congestion Control Using Network Emulation Intermediate talk for the Masters Thesis by Juliane Aulbach advised by

591 views • 18 slides
Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed

Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed

Network Control CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed &amp; Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 10, 2011 1 Network Control: Firewalls Motivation: How do you harden a

838 views • 35 slides
Control Protocol and OAM in MPLS-TP Network UTStarcom Inc. Broadband Business Unit System

Control Protocol and OAM in MPLS-TP Network UTStarcom Inc. Broadband Business Unit System

Control Protocol and OAM in MPLS-TP Network UTStarcom Inc. Broadband Business Unit System Architect, Senior Manager Dr. Wang Yong MPLS Japan 2008 1 Agenda 1. MPLS-TP Based Metro Network 2. Functions of Control Protocol and OAM 3.

641 views • 20 slides
Public Safety Working Group Update 20 October 2020 Speakers: Laureen Kapin , Federal Trade

Public Safety Working Group Update 20 October 2020 Speakers: Laureen Kapin , Federal Trade

Public Safety Working Group Update 20 October 2020 Speakers: Laureen Kapin , Federal Trade Commission, United States - PSWG Co-chair Chris Lewis-Evans , National Crime Agency, UK ICANN69 PSWG Work Plan Reminder: PSWG Terms of Reference (June

601 views • 11 slides
Security Measurement Professor Adam Bates Fall 2018 Security &amp; Privacy Research at Illinois

Security Measurement Professor Adam Bates Fall 2018 Security &amp; Privacy Research at Illinois

CS 563 - Advanced Computer Security: Security Measurement Professor Adam Bates Fall 2018 Security &amp; Privacy Research at Illinois (SPRAI) Administrative Learning Objectives : Discuss two recent studies that use measurement methods

925 views • 54 slides
Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense e Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter Powell Presented by Surya Mani Content u Motivation u Related Work u

262 views • 23 slides
Source Framework for Io IoT Greg Zaverucha Microsoft Real World Cryptography Conference 2016

Source Framework for Io IoT Greg Zaverucha Microsoft Real World Cryptography Conference 2016

Cry ryptography in in AllJ llJoyn, an Open Source Framework for Io IoT Greg Zaverucha Microsoft Real World Cryptography Conference 2016 Internet of Things Things are devices that have one or more sensors/functions and network connectivity

937 views • 32 slides
Table of Contents

Table of Contents

Table of Contents Agenda............................................................................................................................................................2

1.32k views • 103 slides
Secure by Design

Secure by Design

Secure by Design Jason Yang Secure by Design

496 views • 33 slides
Web Security Computer Security Peter Reiher December 9, 2014 Lecture 15 Page 1 CS 136, Fall

Web Security Computer Security Peter Reiher December 9, 2014 Lecture 15 Page 1 CS 136, Fall

Web Security Computer Security Peter Reiher December 9, 2014 Lecture 15 Page 1 CS 136, Fall 2014 Web Security Lots of Internet traffic is related to the web Much of it is financial in nature Also lots of private information flow

859 views • 70 slides
Government to Citizen Mass Scale Government to Citizen Mass Scale Authorised Alerting, Alerting,

Government to Citizen Mass Scale Government to Citizen Mass Scale Authorised Alerting, Alerting,

Government to Citizen Mass Scale Government to Citizen Mass Scale Authorised Alerting, Alerting, Authorised by Cell Broadcasting Cell Broadcasting . . by Its about time Its about time . . By By Mark Wood,

656 views • 26 slides

More recommend