1 / 69

Network Security 2

Network Security 2. Announcements. Physical/Link-Layer Threats: Eavesdropping. TCPDump. Physical/Link-Layer Threats: Eavesdropping. Wireshark: GUI for Packet Capture/Exam. Wireshark: GUI for Packet Capture/Exam. Wireshark: GUI for Packet Capture/Exam.

russella
Télécharger la présentation

Network Security 2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NetworkSecurity2

  2. Announcements

  3. Physical/Link-Layer Threats: Eavesdropping

  4. TCPDump

  5. Physical/Link-Layer Threats: Eavesdropping

  6. Wireshark: GUI for Packet Capture/Exam.

  7. Wireshark: GUI for Packet Capture/Exam.

  8. Wireshark: GUI for Packet Capture/Exam.

  9. Physical/Link-Layer Threats: Eavesdropping

  10. One Cool Toy:DualComm DCGS-2005

  11. Tapping the Whole Planet

  12. Stealing Photons

  13. The Rogue AP...

  14. Wireless Ethernet Security Option:WPA2 Pre Shared Key

  15. The WPA 4-way Handshake SNonce + MIC Ack GTK + MIC ANonce Computed PTK =F(PSK, ANonceSNonce, AP MAC,Client MAC) Computed PTK =F(PSK, ANonceSNonce, AP MAC,Client MAC) Icons made by Freepik and Iconic from www.flaticon.com CC 3.0 BY

  16. Remarks

  17. Rogue APs and WPA2-PSK...

  18. Actually Making it Secure:WPA Enterprise

  19. Actually Making it Secure??WPA Enterprise

  20. MS-CHAPv2 https://www.youtube.com/watch?v=gkPvZDcrLFk

  21. The Latest Hotness:KRACK attack...

  22. GCM...

  23. And Packets Get "Lost"

  24. And A Replay Attack...

  25. Attack Scenario...

  26. Mitigations...

  27. But Broadcast ProtocolsMake It Worse...

  28. Broadcast Protocols And The LAN

  29. 2. Configure your connection Your laptop shouts: HEY, ANYBODY, WHAT BASIC CONFIG DO I NEED TO USE?

  30. Internet Bootstrapping: DHCP ... host host host DHCP = Dynamic Host Configuration Protocol DHCP server

  31. Dynamic Host Configuration Protocol DHCP discover (broadcast) DHCP server DHCP offer newclient “offer” message includes IP address, DNS server, “gateway router”, and how long client can have these (“lease” time) DNS server = system used by client to map hostnames like gmail.com to IP addresses like 74.125.224.149 Gateway router = router that client uses as the first hop for all of its Internet traffic to remote hosts

  32. Dynamic Host Configuration Protocol DHCP discover (broadcast) DHCP server DHCP offer newclient “offer” message includes IP address, DNS server, “gateway router”, and how long client can have these (“lease” time) DHCP request (broadcast) DHCP ACK

  33. Dynamic Host Configuration Protocol DHCP discover (broadcast) DHCP server DHCP offer newclient “offer” message includes IP address, DNS server, “gateway router”, and how long client can have these (“lease” time) DHCP request (broadcast) Threats? DHCP ACK

  34. Dynamic Host Configuration Protocol DHCP discover (broadcast) DHCP server DHCP offer newclient “offer” message includes IP address, DNS server, “gateway router”, and how long client can have these (“lease” time) DHCP request Local attacker on same subnet can hear new host’s DHCP request (broadcast) DHCP ACK

  35. Dynamic Host Configuration Protocol DHCP discover (broadcast) DHCP server DHCP offer newclient “offer” message includes IP address, DNS server, “gateway router”, and how long client can have these (“lease” time) DHCP request This happens even for WPA2-Enterprise, since request is explicitly sent using broadcast (broadcast) DHCP ACK

  36. Dynamic Host Configuration Protocol DHCP discover (broadcast) DHCP server DHCP offer newclient “offer” message includes IP address, DNS server, “gateway router”, and how long client can have these (“lease” time) DHCP request (broadcast) DHCP ACK Attacker can race the actual server; if attacker wins, replaces DNS server and/or gateway router

  37. DHCP Threats Hard, because we lack a trust anchor

  38. DHCP Conclusion

  39. So How DoWe Secure the LAN?

  40. The Switch

  41. Smarter Switches:Clean Up the Broadcast Domain

  42. Smarter Switches:Virtual Local Area Networks (VLANs)

  43. VLANs

  44. Putting It Together:If I Was In Charge of UC networking...

  45. Addressing on the LayersOn The Internet

  46. UDP:Datagrams on the Internet

  47. DNS Overview

  48. DNS Lookups via a Resolver Host at xyz.poly.edu wants IP address for eecs.mit.edu root DNS server (‘.’) 2 3 TLD DNS server (‘.edu’) 4 local DNS server(resolver) dns.poly.edu 5 Caching heavily used to minimize lookups 6 7 1 8 authoritative DNS server(for ‘mit.edu’) dns.mit.edu requesting host xyz.poly.edu eecs.mit.edu

  49. Security risk #1: malicious DNS server

More Related