Internet Security:
How the Internet works and
some basic vulnerabilities
*Slides borrowed from Dan Boneh
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidelines and tips
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Internet Security: How the Internet works and some basic vulnerabilities, Lecture notes of Computer Networks
An overview of how the internet works and some basic vulnerabilities. It covers topics such as internet infrastructure, backbone, ISP, local and interdomain routing, TCP/IP for routing and messaging, BGP for routing announcements, and domain name system. It also discusses IP protocol functions, TCP header, basic security problems, interdomain routing, routing protocols, OSPF, and security features. slides borrowed from Dan Boneh Internet Infrastructure.
Typology: Lecture notes
2021/2022
1 / 39
This page cannot be seen from the preview
Don't miss anything!
Related documents
Partial preview of the text
Download Internet Security: How the Internet works and some basic vulnerabilities and more Lecture notes Computer Networks in PDF only on Docsity!
Internet Security:
How the Internet works and
some basic vulnerabilities
*Slides borrowed from Dan Boneh
Backbone ISP
ISP
Internet Infrastructure
Local and interdomain routing
n TCP/IP for routing and messaging n BGP for routing announcements
Domain Name System
n Find IP address from symbolic name (www.cs.columbia.edu)
Data Formats
Application Transport (TCP, UDP) Network (IP) Link Layer Application message - data TCP data TCP data TCP data TCP Header IP TCP data IP Header ETH IP TCP data ETF Link (Ethernet) Header Link (Ethernet) Trailer segment packet frame message
Internet Protocol
Connectionless
n Unreliable
n Best effort
Notes:
n src and dest ports
not parts of IP hdr
IP
Version Header Length Type of Service Total Length Identification Flags Time to Live Protocol Header Checksum Source Address of Originating Host Destination Address of Target Host Options Padding IP Data Fragment Offset
IP Protocol Functions (Summary)
Routing
n IP host knows location of router (gateway) n IP gateway must know route to other networks
Fragmentation and reassembly
n If max-packet-size less than the user-data-size
Error reporting
n ICMP packet to source if packet is dropped
TTL field: decremented after every hop
n Packet dropped if TTL=0. Prevents infinite loops.
Problem: no src IP authentication
Client is trusted to embed correct source IP
n Easy to override using raw sockets
n Libnet : a library for formatting raw packets with
arbitrary IP headers
Anyone who owns their machine can send packets
with arbitrary source IP
§ … response will be sent back to forged source IP
§ Implications:
§ Anonymous DoS attacks;
§ Anonymous infection attacks (e.g. slammer worm)
TCP Header (protocol=6)
Source Port Dest port SEQ Number (SN) ACK Number (AN) Other stuff
U
R
G
P
S
R
A
C
K
P
S
H
S
Y
N
F
I
N
TCP Header
Review: TCP Handshake
Client Server
SYN :
SYN/ACK :
ACK :
Listening
Store SN
C
, SN
S
Wait
Established
SNC⟵randC ANC⟵ 0 SNS⟵randS ANS⟵SNC SN⟵SNC+ AN⟵SNS Received packets with SN too far out of window are dropped
Why random initial sequence numbers?
Suppose initial seq. numbers (SN
C
, SN
S
) are predictable:
n Attacker can create TCP session on behalf of forged source IP
n Breaks IP-based authentication (e.g. SPF, /etc/hosts )
w Random seq. num. do not prevent attack, but make it harder Victim Server
SYN/ACK
dstIP=victim SN=server SNS
ACK
srcIP=victim AN=predicted SNS command server thinks command is from victim IP addr attacker
TCP SYN
srcIP=victim
Routing Security
ARP, OSPF, BGP
Routing Protocols
ARP (addr resolution protocol): IP addr ⟶ eth addr
Security issues: (local network attacks)
n Node A can confuse gateway into sending it traffic for Node B n By proxying traffic, node A can read/inject packets into B’s session (e.g. WiFi networks)
OSPF: used for routing within an AS
BGP: routing between Autonomous Systems
Security issues: unauthenticated route updates
n Anyone can cause entire Internet to send traffic for a victim IP to attacker’s address w Example: Youtube-Pakistan mishap n Anyone can hijack route to victim (next slides)
BGP example [D. Wetherall]
7 7 2 7 2 7 2 7 3 2 7 6 2 7 2 6 5 2 6 5 2 6 5 3 2 6 5 7 2 6 5 6 5 5 5
Example path hijack (source: Renesys 2013)
Feb 2013: Guadalajara ⟶ Washington DC via Belarus
Normally: Alestra (Mexico) ⟶ PCCW (Texas) ⟶ Qwest (DC)
Reverse route (DC ⟶ Guadalajara) is unaffected:
• Person browsing the Web in DC cannot tell by traceroute
that HTTP responses are routed through Moscow
route in effect for several hours