Scribd Logo
Upload

Welcome to Scribd!

  • Module 8.5: Weaknesses in The Internet Protocol Suite

    Uploaded by

    Harpreet Singh
    21 views4 pages
    This document discusses weaknesses in common internet protocols like IP, TCP, UDP, BGP, and DNS. It outlines issues like lack of source authentication in IP allowing packet spoofing, sniffing of sequence numbers in TCP, and cache poisoning or rebinding attacks against DNS. The document also introduces IPSEC and some of its key exchange mechanisms using IKE to establish shared secrets between two parties.

    Original Description:

    Original Title

    Module 8.5.pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses weaknesses in common internet protocols like IP, TCP, UDP, BGP, and DNS. It outlines issues like lack of source authentication in IP allowing packet spoofing, sniffing of sequence numbers in TCP, and cache poisoning or rebinding attacks against DNS. The document also introduces IPSEC and some of its key exchange mechanisms using IKE to establish shared secrets between two parties.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views4 pages

    Module 8.5: Weaknesses in The Internet Protocol Suite

    Uploaded by

    Harpreet Singh
    This document discusses weaknesses in common internet protocols like IP, TCP, UDP, BGP, and DNS. It outlines issues like lack of source authentication in IP allowing packet spoofing, sniffing of sequence numbers in TCP, and cache poisoning or rebinding attacks against DNS. The document also introduces IPSEC and some of its key exchange mechanisms using IKE to establish shared secrets between two parties.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Module 8.

    5: Weaknesses in the
    Internet Protocol Suite
    More on Networking
    Security
    Network protocol security
    Wireless access 802.11i/WPA2
    IPSEC
    BGP instability and S-BGP
    DNS rebinding and DNSSEC
    Standard network defenses
    Firewall
    Packet filter (stateless, stateful), Application layer proxies
    Intrusion detection
    Anomaly and misuse detection
    So far what we have seen
    Basic network protocols
    IP, TCP, UDP, BGP, DNS
    Problems with them
    TCP/IP
    No SRC authentication: cant tell where packet is from
    Packet sniffing
    Connection spoofing, sequence numbers
    BGP: advertise bad routes or close good ones
    DNS: cache poisoning, rebinding
    Web security mechanisms rely on DNS
    Key management
    IKE subprotocol from IPSEC
    am1
    A, (g mod p)
    , signB(m1,m2)
    A B, (gb mod p)
    B
    m2
    signA(m1,m2)

    Result: A and B share secret gab mod p

    You might also like