security and networking basics security and networking
play

Security and Networking Basics Security and Networking Basics - PowerPoint PPT Presentation

Nov 20, 2022 •260 likes •725 views

Security and Networking Basics Security and Networking Basics Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Outline Introduction and Motivation Security Threats Open

  1. Security and Networking Basics Security and Networking Basics Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at

  2. Outline • Introduction and Motivation • Security Threats • Open Systems Interconnection (OSI)-Reference Model – comparison with TCP/IP protocol suite • Internet Protocol – structure, attributes – IP on local networks – LAN and fragmentation attacks Internet Security 1 2

  3. Basic terminology • Who is a “hacker“ and who is a “cracker“? • What is a script kiddie? • Why do people hack into systems? – Recognition – Admiration – Curiosity – Power & Gain – Revenge Internet Security 1 3

  4. One big problem • System and network administrators are not prepared – Insufficient resources – Lack of training • Intruders are now leveraging the availability of broadband connections – Many connected home computers are vulnerable – Collections of compromised home computers are “good“ weapons (e.g., for distributed denial of service attacks). Internet Security 1 4

  5. Number of Reported Incidents 1988-1989 Year 1988 1989 Incidents 6 132 1990-1999 Year 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 Incidents 252 406 773 1,334 2,340 2,412 2,573 2,134 3,734 9,859 2000-2003 Year 2000 2001 2002 2003 Incidents 21,756 52,658 82,094 137,529 www.cert.org Internet Security 1 5

  6. Vulnerabilities Reported 1995-1999 Year 1995 1996 1997 1998 1999 Vulnerabilities 171 345 311 262 417 2000-2003 Year 2000 2001 2002 2003 Vulnerabilities 1,090 2,437 4,129 3,784 www.cert.org Internet Security 1 6

  7. A little bit of history • “Hacking”, actually, has been around for centuries. – 1870s: teenagers were playing around with the “new” phone system – 1960s: mainframe computers like the MIT’s Artificial Intelligence Lab became staging ground for hackers. Hacker was a positive term – 1970s: hackers start tampering with phones (the largest network back then). “phreaks” emerge (phone hackers) – Early 1980s: The term “cyberspace” is coined in film Neuromancer. First hacker arrests are made. Two hacker groups form: Legion of Doom (US) and Chaos Computer Club (DE) Internet Security 1 7

  8. A little bit of history… • Late 1980s: Computer Fraud and Abuse Act, CERT (Computer Emergency Response Team) is formed, Kevin Mitnick is arrested • Early 1990s: AT&T long distance service crashes, crackdown on hackers in the US, hackers break into Griffith Air Force Base, NASA, etc. • Late 1990s: Hackers deface many government web sites, Defense Department computers receive 250,000 attacks in one year • 2000s: Number of attacks keep rising, “new” attacks emerge (e.g., phishing) Internet Security 1 8

  9. Changing Nature of the Threat • Intruders are more prepared and organized • Internet attacks are easy, low-threat and difficult to trace • Intruder tools are increasingly sophisticated and easy to use (e.g., by kiddies) • Source code is not required to find vulnerabilities • The complexity of Internet-related applications and protocols are increasing – and so is our dependency on them Internet Security 1 9

  10. Security Threats Information Domain • Leakage – acquisition of information by unauthorized recipients. e.g. Password sniffing • Tampering: – unauthorized alteration/creation of information (including programs) – e.g. change of electronic money order, installation of a rootkit Internet Security 1 10

  11. Security Threats Operation Domain: • Resource stealing – (ab)use of facilities without authorization • Vandalism – interference with proper operation of a system without gain Internet Security 1 11

  12. Methods of attacking • Eavesdropping – getting copies of information without authorization • Masquerading – sending messages with other‘s identity • Message tampering – change content of message Internet Security 1 12

  13. Methods of attacking • Replaying – store a message and send it again later, e.g. resend a payment message • Exploiting – using bugs in software to get access to a host • Combinations – Man in the middle attack • emulate communication of both attacked partners (e.g., cause havoc and confusion) Internet Security 1 13

  14. Social Engineering • Before we get into technical stuff – let’s look at a popular non-technical attack method – Remember the film “Sneakers”? – “The art and science of getting someone to comply to your wishes” – Security is all about trust. Unfortunately, the weakest link, the user, is often the target (i.e., “Hit any user to continue” ☺ ) – Social engineering by phone – Dumpster Diving – Reverse social engineering • According to report, secret services often use social engineering techniques for intrusion Internet Security 1 14

  15. Choosing a good password • Retina checks are currently not possible, so guard your password ;-) – NEVER give your password to anyone – Make your password something you can remember – Make your password difficult for others to guess – DO NOT Change your password because of e-mail • Crackers used might crack following passwords: – Words in any dictionary, Your user name, Your name, Names of people you know, substituting some characters (a 0 (zero) for an o, or a 1 for an l) – http://www.openwall.com/john/ (John, passwd cracker) Internet Security 1 15

  16. Choosing a good password 2 • Guidelines… – a password that is at least six characters long – a good password will have a mix of lower- and upper-case characters, numbers, and punctuation marks, and should be at least 6 characters long – take a phrase and try to squeeze it into eight characters (e.g., this is an interesting lecture == tiail ), Throw in a capital letter and a punctuation mark or a number or two (== 0Tiail4 ) – Something that no one but you would ever think of. The best password is one that is totally random to anyone else except you. It is difficult to tell you how to come up with these, but people are able to do it. Use your imagination! Internet Security 1 16

  17. OSI Reference Model • Developed by the ISO to support open systems interconnection – layered architecture, level n uses service of (n-1) • Host A Host B • 7 Application Layer Application Layer • 6 Presentation Layer Presentation Layer • 5 Session Layer Session Layer • 4 Transport Layer Transport Layer • 3 Network Layer Network Layer • 2 Data Link Layer Data Link Layer • 1 Physical Layer Physical Layer Internet Security 1 17

  18. OSI Reference Model • Physical Layer – connect to channel / used to transmit bytes (= network cable) • Data Link Layer – error control between adjacent nodes • Network Layer – transmission and routing across subnets • Transport Layer – Ordering – Multiplexing – correctness Internet Security 1 18

  19. OSI Reference Model • Session Layer – support for session based interaction – e.g. communication parameters/communication state • Presentation Layer – standard data representation • Application Layer – application specific protocols Internet Security 1 19

  20. Why layering? • openness – as long as upper layers are the same heterogenous networks can interact • fertilizes compatibility of systems • allows vendor specific devices • allows vendor specific protocols • provides independence from one manufacturer • OSI Implementation: MAP (Manufacturing Automation Protocol –GM, Token Ring) Internet Security 1 20

  21. TCP-IP Layering Telnet SSH SMTP RPC DNS TCP UDP IGMP/ Internet Protocol (IP) ICMP ARP/ Hardware Interface=Network Interface Card (NIC) RARP Network Cable Internet Security 1 21

  22. Mapping TCP/IP OSI-Reference Telnet SMTP Application TCP Transport Internet Protocol (IP) Network Ethernet Packet Data Link Layer NIC Physical Layer Internet Security 1 22

  23. The Internet Host Host Internet Host Subnet Host Subnet Host Host PPP Subnet (phone) Internet Security 1 23

  24. IP Addresses • IP addresses in IPv4 are 32 bit numbers – (class+net+host id) • each host has a unique IP address for each NIC • Represented as dotted-decimal notation: – 10000000 10000011 10101100 00000001 =128.131.172.1 • Classes: <starts with> <netbits> <hostbits> <#of possible hosts> • Class A: 0 7 24 16777216 • Class B: 10 14 16 65536 • Class C: 110 21 8 256 • Class D: 1110 special meaning: 28 bit multicast address • Class E: 1111 reserved for future use Internet Security 1 24

  25. IP Subnetting • it is unrealistic to have networks with so many hosts – divide the hostbits into subnet ID and host ID – saves address space • Example: Class C normally has 24 netbits Class C network with subnet mask 255.255.255.240 240=1111 0000 | host ID => 16 hosts within every subnet subnet ID => 16 subnets within this network Internet Security 1 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Computer Security Session 2.1 Networking Basics, TCP, IP and DNS Prof. Nadim

Introduction to Computer Security Session 2.1 Networking Basics, TCP, IP and DNS Prof. Nadim

CSCI-UA.9480 Introduction to Computer Security Session 2.1 Networking Basics, TCP, IP and DNS Prof. Nadim Kobeissi Welcome to Part 2 of the course! Part 2 discusses how computer networks work and security threats their face. Networking

713 views • 33 slides
Networking Don Porter CSE 506 Networking (2 parts) Goals: Review networking basics

Networking Don Porter CSE 506 Networking (2 parts) Goals: Review networking basics

Networking Don Porter CSE 506 Networking (2 parts) Goals: Review networking basics Discuss APIs Trace how a packet gets from the network device to the application (and back) Understand Receive livelock and NAPI 4

761 views • 48 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
(IN)SECURITY , RISK &amp; THE LIFECYCLE OF VULNERABILITIES Dr. Stefan Frei Security Architect at

(IN)SECURITY , RISK &amp; THE LIFECYCLE OF VULNERABILITIES Dr. Stefan Frei Security Architect at

(IN)SECURITY , RISK &amp; THE LIFECYCLE OF VULNERABILITIES Dr. Stefan Frei Security Architect at Swisscom frei@techzoom.net Twitter @stefan_frei Cyber &amp; Networking Security Networking security has become critical issue for all types

788 views • 66 slides
CS683 - Security and Privacy: Reviewing Computer Networking (2/2) Karim Eldefrawy

CS683 - Security and Privacy: Reviewing Computer Networking (2/2) Karim Eldefrawy

CS683 - Security and Privacy: Reviewing Computer Networking (2/2) Karim Eldefrawy keldefrawy@usfca.edu Universit of San Francisco Overview of Networking, TCP/IP Stack, ARP, IP 1 Networking Concepts Protocol Architecture (Stack or Suite)

1.59k views • 57 slides
Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack

Software Defjned Networking Security Outline Introduction What is SDN? SDN attack surface Recent vulnerabilities Security response Defensive technologies Next steps Introduction Security nerd, recovering

790 views • 39 slides
This time Starting with Networking Basics A whirlwind tour of networking What is a

This time Starting with Networking Basics A whirlwind tour of networking What is a

This time Starting with Networking Basics A whirlwind tour of networking What is a protocol? What are the abstractions / mental models? Network stack (1) Protocols Agreement on how to communicate Syntax: How the

491 views • 46 slides
Networking &amp; Security Networking &amp; Security each packet is routed individually (internet,

Networking &amp; Security Networking &amp; Security each packet is routed individually (internet,

One-Slide Summary Bandwidth is the throughput of a communication resource, measured in bits per second. Latency is the time delay between the moment when communication is initiated and the moment the first bit arrives, measured in seconds.

359 views • 10 slides
Networking &amp; Security Networking &amp; Security each packet is routed individually (internet,

Networking &amp; Security Networking &amp; Security each packet is routed individually (internet,

One-Slide Summary Bandwidth is the throughput of a communication resource, measured in bits per second. Latency is the time delay between the moment when communication is initiated and the moment the first bit arrives, measured in seconds.

482 views • 11 slides
Security as an App and Security as a Service: New

Security as an App and Security as a Service: New

Security as an App and Security as a Service: New Killer Applica6ons for So9ware Defined Networking? Guofei Gu SUCCESS Lab, Texas A&amp;M

447 views • 42 slides
CS683- Security and Privacy: Overview of Computer Networking (1/2) Karim Eldefrawy

CS683- Security and Privacy: Overview of Computer Networking (1/2) Karim Eldefrawy

CS683- Security and Privacy: Overview of Computer Networking (1/2) Karim Eldefrawy keldefrawy@usfca.edu University of San Francisco A Good Text Book (if you need one) 1/24/18 Introduction 1-2 Networking Overview: Roadmap overview : our

1.34k views • 76 slides
Authorization: Firewalls Prof. Tom Austin San Jos State University Networking Basics Network

Authorization: Firewalls Prof. Tom Austin San Jos State University Networking Basics Network

CS 166: Information Security Authorization: Firewalls Prof. Tom Austin San Jos State University Networking Basics Network Includes Computers Servers Routers Wireless devices Etc. Purpose is to transmit data

839 views • 64 slides
Demystifying the Network Networking 101 for Security Peeps RVASec 2019 Rick Lull Agenda Intro

Demystifying the Network Networking 101 for Security Peeps RVASec 2019 Rick Lull Agenda Intro

Bits, Frames and Packets Demystifying the Network Networking 101 for Security Peeps RVASec 2019 Rick Lull Agenda Intro Why this Talk What this Talk isnt Networking what, where, why, how Securing networks Network Security

433 views • 40 slides
Using Your Network 10-07-16 Networking &amp; You What is networking? Benefits of

Using Your Network 10-07-16 Networking &amp; You What is networking? Benefits of

Jordan Borrell Networking &amp; Bioengineering Program Using Your Network 10-07-16 Networking &amp; You What is networking? Benefits of networking. Who do I network with? Family/Friends/Neighbors School Connections

395 views • 14 slides
Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security Announcements intermission Day 13: Network, etc., security overview Some classic network attacks Stephen McCamant University of Minnesota, Computer Science

504 views • 5 slides
ECE590 Computer and Information Security Fall 2018 Networking Overview Tyler Bletsch Duke

ECE590 Computer and Information Security Fall 2018 Networking Overview Tyler Bletsch Duke

ECE590 Computer and Information Security Fall 2018 Networking Overview Tyler Bletsch Duke University Some slides adapted from Brian Rogers (Duke) Network fundamentals This course isnt a networking course, so well just hit the highlights

682 views • 65 slides
Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications C. Faloutsos

Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications C. Faloutsos

Faloutsos CMU SCS 15-415 CMU SCS Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications C. Faloutsos Lecture#7 (contd): Rel. model - SQL part3 CMU SCS General Overview - rel. model Formal query languages rel

373 views • 20 slides
Turning C into Machine Code CSAPP book is very useful and well-aligned with class for the remainder

Turning C into Machine Code CSAPP book is very useful and well-aligned with class for the remainder

Turning C into Machine Code CSAPP book is very useful and well-aligned with class for the remainder of the course. C Code void sumstore(long x, long y, long *dest) { long t = x + y; C to Machine Code and x86 Basics Generated x86 Assembly Code

680 views • 4 slides
Prefix Delegation in 4V6 draft-chen-softwire-4v6-pd-00 G. Chen, chengang@chinamobile.com; T.

Prefix Delegation in 4V6 draft-chen-softwire-4v6-pd-00 G. Chen, chengang@chinamobile.com; T.

Prefix Delegation in 4V6 draft-chen-softwire-4v6-pd-00 G. Chen, chengang@chinamobile.com; T. Sun, suntao@chinamobile.com; H. Deng, huideng@chinamobile.com The goals Elaborating IPv6 prefix delegation scenario in mobile network

537 views • 7 slides
Status of Disposal Capabilities for Greater-Than-Class C (GTCC) Low-Level Radioactive Waste Frank

Status of Disposal Capabilities for Greater-Than-Class C (GTCC) Low-Level Radioactive Waste Frank

Status of Disposal Capabilities for Greater-Than-Class C (GTCC) Low-Level Radioactive Waste Frank Marcinowski Deputy Assistant Secretary for Waste Management Office of Environmental Management August 13, 2015 www.energy.gov/EM 1 Relevant

303 views • 11 slides
Variable and Address Variable = Storage in computer Memory memory 0 70 char 1 31

Variable and Address Variable = Storage in computer Memory memory 0 70 char 1 31

2/25/14 Variable and Address Variable = Storage in computer Memory memory 0 70 char 1 31 Pointers o Contains some value 2 4 int 3 6 o Must reside at a specific location 4 30 called address 5 1 6 10 o Basic unit byte

628 views • 3 slides
The Noisy Channel Model CMSC 473/673 UMBC Some slides adapted from 3SLP Outline Recap:

The Noisy Channel Model CMSC 473/673 UMBC Some slides adapted from 3SLP Outline Recap:

Classification &amp; The Noisy Channel Model CMSC 473/673 UMBC Some slides adapted from 3SLP Outline Recap: language modeling Classification Why incorporate uncertainty Posterior decoding Noisy channel decoding Evaluation Chain Rule +

1.08k views • 70 slides
Titanium Performance and Potential: an NPB Experimental Study Kaushik Datta, Dan Bonachea, and

Titanium Performance and Potential: an NPB Experimental Study Kaushik Datta, Dan Bonachea, and

Titanium Performance and Potential: an NPB Experimental Study Kaushik Datta, Dan Bonachea, and Katherine Yelick http://titanium.cs.berkeley.edu LCPC 2005 U.C. Berkeley October 20, 2005 1 http://titanium.cs.berkeley.edu Kaushik Datta, Dan

382 views • 26 slides
Cla lass hierarcies inheritance method overriding super multiple inheritance Call

Cla lass hierarcies inheritance method overriding super multiple inheritance Call

Cla lass hierarcies inheritance method overriding super multiple inheritance Call lling methods of a cla lass X.py class X: def set_x(self, x): If an object obj of class C has a self.x = x method method , then usually you

624 views • 17 slides

More recommend