1 / 28

Project in Computer Security OSPF Attacks Project Summary

By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly. Project in Computer Security OSPF Attacks Project Summary. Outline. Project Objectives OSPF Routing Protocol Protocol Overview Known Attacks Description Project Accomplishments Fake Adjacency Attack

wenzel
Télécharger la présentation

Project in Computer Security OSPF Attacks Project Summary

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. By Alex Kirshon and Dima Gonikman Under the Guidance of Gabi Nakibly Project in Computer SecurityOSPF AttacksProject Summary

  2. Outline • Project Objectives • OSPF Routing Protocol • Protocol Overview • Known Attacks Description • Project Accomplishments • Fake Adjacency Attack • Adjacency Corruption Attack • Project Summary

  3. OSPF AttacksProject Objectives • Study of vulnerabilities of OSPF from the protocol perspective • Exploitation of vulnerabilities to attack an OSPF network in new and improved ways • Prove effectiveness of attacks by collecting network statistics in simulated environment

  4. OSPF Routing Protocol Open Shortest Path First • A Second Generation Internal Routing Protocol • Main Purpose – Internal Gateway Protocol – establishment an maintenance of routes within an Autonomous System • Dijkstra Algorithm based routing topology

  5. OSPF Routing Protocol Open Shortest Path First • Link State Advertisement Protocol • Hello Protocol - discovery of neighbors and forming adjacencies (~Every 10 seconds) • Most protocol data is exchanged exclusively over adjacencies • Areas – an administrative abstraction

  6. OSPF Routing ProtocolSecurity Features • Simple Encryption • MD5 based Message Authentication Code • ‘Natural Fightback’ mechanism • False LSAs are updated or flushed by legitimate router • Areas as a Security Measure • Flooding of false information is limited to area of origin

  7. OSPF Routing ProtocolThe Link State Database

  8. OSPF Routing ProtocolSome Known Attacks • Max Sequence Number Attack • Prevents Fightback • False Forwarding Address Attack • Creates data loops • False Designated Router Attack • Impacts AS connectivity

  9. Project AccomplishmentsNew Attacks • Fake Adjacency Attack • Adjacency Corruption Attack

  10. Fake Adjacency Attack • Attack Goal – Establishing an adjacency with a phantom router • Motivation – Being Adjacent is a powerful position • Link State Databases are synchronized over adjacencies, being adjacent means being able to change other LSDBs at will

  11. Hello Protocol And Adjacency Bring-Up

  12. Fake Adjacency AttackDescription • Send Spoofed Hello Packet to Victim Network Designated Router • Perform the Adjacency Bring-Up Procedure Without Hearing Victim Response (Send “next packet” every RTT) • Inject False Routing Information Via Spoofed LSU Packets (~ Every 30 minutes) • Maintain Attack By Periodically Sending Spoofed Hello Packets (~Every 10 seconds)

  13. Fake Adjacency Attack

  14. Fake Adjacency Attack

  15. Fake Adjacency Attack

  16. Fake Adjacency Attack

  17. Fake Adjacency Attack • Advantages • Not Dependent On Network Topology • Easy Maintenance – generating messages for maintenance is easy, and not frequent • Powerful – can cause information loss, not bothered by limitations caused by areas • Disadvantages • Exposed and requires High Maintenance – The attacker sends a false message every 10 seconds, this is traceable

  18. Adjacency Corruption Attack • Attack Goal – Controlling The Fightback Mechanism • Motivation – Knowing When Fightback Occurs Helps to Overcome It • Lack of Fightback Means False Information Stays in the System Longer

  19. Adjacency Corruption AttackDescription • Send Spoofed LSU to Victim Router • Immediately Send Same Spoofed LSU to Network Designated Router (After RTT) • The DR will fight the injected information but it will be rejected by the victim • Send Spoofed LSA Ack to Network DR (After RTT) • Maintain Attack By Periodically Repeating it (~Every 30 minutes)

  20. Adjacency Corruption Attack

  21. Adjacency Corruption Attack

  22. Adjacency Corruption Attack

  23. Adjacency Corruption Attack

  24. Adjacency Corruption Attack

  25. Adjacency Corruption Attack

  26. Adjacency Corruption Attack • Advantages • Powerful – can cause information loss or routing loops, not bothered by limitations caused by areas • Low Maintenance – Attacker sends 3 protocol messages every 30 minutes • Disadvantages • Dependent On Network Topology

  27. OSPF AttacksProject Summary • What We Accomplished: • Found 2 New Major Security Weaknesses in OSPFv2 RFC • Exploited Said Weaknesses to Gain Positions of Power • Proved Applicability of Exploits Using OMNET++

  28. Thanks for Listening • Any Questions?

More Related