reactions and responses
play

Reactions and Responses 1 IP Spoofing Stimuli Why would an - PowerPoint PPT Presentation

Feb 01, 2023 •366 likes •548 views

Reactions and Responses 1 IP Spoofing Stimuli Why would an attacker spoof his source address? Hide the attackers activity nmap decoy option Hide the attackers identity To be able to view the responses, the attacker

  1. Reactions and Responses 1

  2. IP Spoofing Stimuli • Why would an attacker spoof his source address? – Hide the attacker’s activity • nmap decoy option – Hide the attacker’s identity • To be able to view the responses, the attacker – Positioned between the location of this spoofed IP address and the targeted machine – Subvert one or more intermediate routers 2

  3. IP Spoofing Stimuli - Spoofing ICMP/UDP Datagrams • ICMP and UDP and connectionless and stateless • It is often impossible to determine whether a received UDP or ICMP packet has been forged just by looking at the received packet in isolation 3

  4. Spoofing TCP Connections • TCP – connection-oriented – Maintain state • How will the attacker respond to the SYN-ACK packet? – Switching to promiscuous mode – Predict the TCP sequence numbers used by the target machines – Subvert routers between the attacker’s host and the target host – The attacker might not intend to respond to the SYN-ACK packet • Half-open port scan • SYN flooding attack 4

  5. IP Spoofing Responses – Spoofed ICMP Packets • Attacker sends an ICMP echo request – An ICMP echo reply to the spoofed IP address – An ICMP Destination Unreachable message to the spoofed address if inbound ICMP echo request packets are rejected • For the spoofed machine – Discard the received unwarranted ICMP echo reply 5

  6. Spoofed UDP Packets 6

  7. Response to TCP SYN Packets Should be “RST - ACK” 7

  8. Example Traces • Port closed Spoofed IP address does not exist 8

  9. Example Traces • Port open Spoofed IP address exists What intrusion activities can you derive from this trace? 9

  10. Example Traces • A normal connection attempt to a closed port 10

  11. Example Traces 1 • Port open Spoofed IP does not exist 2 11

  12. Example Traces – Con’t 3 • Port open Spoofed IP does not exist 12

  13. Example Traces – Con’t 4 Finally, the victim host sends a RST packet. 13

  14. Spoofed TCP ACK Packets 14

  15. Third-Party Effects • What if it is your IP address that the attacker chooses to spoof? 15

  16. Third-Party ICMP Packets • If you receive ICMP echo reply packets, without sending ICMP echo requests, your IP address has probably been spoofed. • Smurf attack – You receive ICMP echo reply packets from many hosts at the same time – The attacker sends an ICMP echo request packet to the broadcast address of a suitably exposed network. The source address is spoofed to be yours 16

  17. Third-Party TCP Packets • Unexpected inbound SYN-ACK packets followed by outbound RST packets – Probably, attacker sending a SYN packet using your address as the source address to an open port • Unexpected inbound RST-ACK packets – Probably, the spoofed packet is sent to a closed port 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Chemical Reactions 2020 Arbuiso Chem Stuff to KEEP Chemical Reactions BASICS There are 5

Chemical Reactions 2020 Arbuiso Chem Stuff to KEEP Chemical Reactions BASICS There are 5

Chemical Reactions 2020 Arbuiso Chem Stuff to KEEP Chemical Reactions BASICS There are 5 simple reactions in this chemistry class (but more are coming later in the year). They are synthesis, decomposition, single replacement, double

474 views • 22 slides
Outline for Today Friday, Sept. 28 Chapter 4: Aqueous Reactions and Solution Stoichiometry

Outline for Today Friday, Sept. 28 Chapter 4: Aqueous Reactions and Solution Stoichiometry

Outline for Today Friday, Sept. 28 Chapter 4: Aqueous Reactions and Solution Stoichiometry Precipitation Reactions Acid-Base Reactions Reduction-Oxidation Reactions On your note card, take 2 minutes to write: Name What are

251 views • 8 slides
Bi-Bi Reactions 2 substrates, 2 products Kinetics of Multisubstrate Reactions Contents

Bi-Bi Reactions 2 substrates, 2 products Kinetics of Multisubstrate Reactions Contents

4. Kinetics of Multisubstrate Reactions Bi-Bi Reactions 2 substrates, 2 products Kinetics of Multisubstrate Reactions Contents Terminology Kinetic Mechanisms Ordered sequential Random sequential Ping-pong Effects of [S]

738 views • 27 slides
Chemical Reactions Section 11. 1 Describing Chemical Reactions All chemical reactions Have

Chemical Reactions Section 11. 1 Describing Chemical Reactions All chemical reactions Have

Chapter 11 Chemical Reactions Section 11. 1 Describing Chemical Reactions All chemical reactions Have two parts: Reactants - the substances you start with. Products - the substances you end up with. The reactants turn into the products.

428 views • 42 slides
Reactions of Alkenes Chapter 6 1 Reactions Mechanisms A reaction mechanism describes how a

Reactions of Alkenes Chapter 6 1 Reactions Mechanisms A reaction mechanism describes how a

Reactions of Alkenes Chapter 6 1 Reactions Mechanisms A reaction mechanism describes how a reaction occurs and explains the following. Which bonds are broken and which new ones are formed. The order and relative rates of the

857 views • 32 slides
Chemical Reactions Slide 3 / 142 Table of Contents: Chemical Reactions Chemical Equations Click

Chemical Reactions Slide 3 / 142 Table of Contents: Chemical Reactions Chemical Equations Click

Slide 1 / 142 Slide 2 / 142 Chemical Reactions Slide 3 / 142 Table of Contents: Chemical Reactions Chemical Equations Click on the topic to go to that section Balancing Equations Types of Chemical Reactions Precipitation Reactions

529 views • 48 slides
Redox reactions & metabolism Lecture 6 Principles of Microbiology for Engineers Dr Charles

Redox reactions & metabolism Lecture 6 Principles of Microbiology for Engineers Dr Charles

Redox reactions & metabolism Lecture 6 Principles of Microbiology for Engineers Dr Charles W. Knapp Redox Oxidation reduction reactions All chemical reactions where an atom has its oxidative state changed i.e., CO 2 versus

360 views • 23 slides
Responses Immediately after the Accident Outline of the Accident Responses by Tokyo Electric

Responses Immediately after the Accident Outline of the Accident Responses by Tokyo Electric

Responses Immediately after the Accident Outline of the Accident Responses by Tokyo Electric Power Company Responses by the national government Time Event (TEPCO) (Nuclear and Industrial Safety Agency) The government established the

210 views • 4 slides
Electrochemistry reactions and electricity In electrochemical reactions, electrons are

Electrochemistry reactions and electricity In electrochemical reactions, electrons are

Slide 1 / 144 Slide 2 / 144 Electrochemistry Electrochemistry deals with relationships between Electrochemistry reactions and electricity In electrochemical reactions, electrons are transferred from one species to another. Provide

526 views • 24 slides
Chemistry 2000 Slide Set 18: Reactions of organic compounds Marc R. Roussel March 13, 2020

Chemistry 2000 Slide Set 18: Reactions of organic compounds Marc R. Roussel March 13, 2020

Reactions of organic compounds Chemistry 2000 Slide Set 18: Reactions of organic compounds Marc R. Roussel March 13, 2020 Reactions of organic compounds Reactions of organic compounds Organic chemists carry a lot of reactions in their heads.

465 views • 27 slides
Chemical Reactions and Enzymes Chemical Reactions A process that changes, or transforms one

Chemical Reactions and Enzymes Chemical Reactions A process that changes, or transforms one

Chemical Reactions and Enzymes Chemical Reactions A process that changes, or transforms one set of chemicals into another Reactant (+ Reactants) Product or Products Reactants on the left Products on the right CO 2 +H 2 O H 2 CO 3

483 views • 7 slides
Mal de Debarquement Survey, 2007 Total number of responses= 101 96 responses with

Mal de Debarquement Survey, 2007 Total number of responses= 101 96 responses with

Mal de Debarquement Survey, 2007 Total number of responses= 101 96 responses with positive answers to Questions 1-3 Survey conducted at an online site with one response per person being controlled. All slides after the second

133 views • 10 slides
Antigen Antibody Reactions The interactions between antigens and antibodies are known as

Antigen Antibody Reactions The interactions between antigens and antibodies are known as

Antigen Antibody Reactions The interactions between antigens and antibodies are known as antigen antibody reactions . The reactions are highly specific, and an antigen reacts only with antibodies produced by itself or with closely

122 views • 8 slides
Metabolis lism is the totality of an organism s chemical reactions Metabolic lic Pathway:

Metabolis lism is the totality of an organism s chemical reactions Metabolic lic Pathway:

7/25/2016 Chemical Reactions of Life Metabolis lism is the totality of an organism s chemical reactions Metabolic lic Pathway: linked reactions where end product of one reaction becomes reactant of next reaction until final end product is

593 views • 6 slides
Responses to Homeless Encampments: A Look at Four City Responses in 2019 HPRI Research

Responses to Homeless Encampments: A Look at Four City Responses in 2019 HPRI Research

Responses to Homeless Encampments: A Look at Four City Responses in 2019 HPRI Research Symposium May 26, 2020 Lauren Dunton Study background Funded by HHS/ASPE and HUD/PD&R to learn more about encampments and cities

533 views • 24 slides
Katsuhisa

Katsuhisa

Fission Study using Multi-nucleon Transfer Reactions ( Surrogate Reactions ) Katsuhisa Nishio Advanced Science Research Center Japan Atomic Energy Agency

417 views • 30 slides
Network Security: Scan Seungwon Shin, KAIST some slides from Dr. Brett Tjaden More about Scan

Network Security: Scan Seungwon Shin, KAIST some slides from Dr. Brett Tjaden More about Scan

Network Security: Scan Seungwon Shin, KAIST some slides from Dr. Brett Tjaden More about Scan Scan Techniques Network scanning where is a target? which service is available on a target? can I have more information? Vulnerability scanning

675 views • 30 slides
Dataset Coverage Deployed MCA on 4 different cloud providers 31 vantage points in 5 continents

Dataset Coverage Deployed MCA on 4 different cloud providers 31 vantage points in 5 continents

Dataset Coverage Deployed MCA on 4 different cloud providers 31 vantage points in 5 continents 1 Dataset Coverage Deployed MCA on 4 different cloud providers 31 vantage points in 5 continents MCA measurements to 19866 IPv4

342 views • 11 slides
UDP Scanning John Kristoff jtk@depaul.edu +1 312 362-5878 DePaul University Chicago, IL 60604

UDP Scanning John Kristoff jtk@depaul.edu +1 312 362-5878 DePaul University Chicago, IL 60604

UDP Scanning John Kristoff jtk@depaul.edu +1 312 362-5878 DePaul University Chicago, IL 60604 FIRST 2002 John Kristoff - DePaul University 1 What are we talking about? Remotely probing hosts using UDP messages Comparing UDP, ICMP

346 views • 12 slides
Project 4 - Linux iptables CSE497b - Spring 2007 Introduction Computer and Network Security

Project 4 - Linux iptables CSE497b - Spring 2007 Introduction Computer and Network Security

Project 4 - Linux iptables CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Project

481 views • 15 slides
Building LLVM-IR Johannes Doerfert and Christoph Mallon Saarbr ucken Graduate School of

Building LLVM-IR Johannes Doerfert and Christoph Mallon Saarbr ucken Graduate School of

Building LLVM-IR Johannes Doerfert and Christoph Mallon Saarbr ucken Graduate School of Computer Science Saarland University Saarbr ucken, Germany December 18, 2013 C4 2 / 14 C4 Frontend Lexer Parser C-Code Token Stream AST 2 /

907 views • 43 slides
Outline basic ideas ICMP header format message types ICMP related command (ping

Outline basic ideas ICMP header format message types ICMP related command (ping

1 /20 ICMP: Internet Control Message Protocol Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: Aug 8, 2002 Applied Network Research Group Department of Computer Engineering,

981 views • 9 slides
New Results for the PTB-PTS Attack on Tunneling Gateways Vincent Roca Ludovic Jacquin Saikou

New Results for the PTB-PTS Attack on Tunneling Gateways Vincent Roca Ludovic Jacquin Saikou

New Results for the PTB-PTS Attack on Tunneling Gateways Vincent Roca Ludovic Jacquin Saikou Fall Jean-Louis Roch GreHack15, Grenoble, November 20 th 2015 1 New Results for the PTB-PTS Attack on Tunneling Gateways Packet Too Big (PTB) or

597 views • 20 slides
Firewalls with iptables Linux Sirindhorn International Institute of Technology Thammasat

Firewalls with iptables Linux Sirindhorn International Institute of Technology Thammasat

Linux Firewalls with iptables Concepts Examples Firewalls with iptables Linux Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 14 October 2013 Common/Reports/iptables-introduction.tex, r715

469 views • 14 slides

More recommend