Professional Documents
Culture Documents
Network Security
Network Security
Network Security
Security Services
Confidentiality
Authentication
Integrity
Non Repudiation
Access Control
Availability
Network Security
Model
Trusted
Third Party
Information Channel
Security Security
Related Related
Transmition Transmition
Opponent
Network Security
Introduction
Session hijacking
When a TCP connection is established between a
client and a server, all information is transmitted
in clear and this can be exploited to hijack the
session
Network Security/ Protocols and vulnerabilities
Attacks on TCP/IP Networks
140.252.13
arp req | target IP: 140.252.13.5 | target eth: ?
Reply
08:00:20:03:F6:42 00:34:CD:C2:9F:A0 00:00:C0:C2:9B:26
.1 .2 .3 .4 .5
140.252.13
Benefits of IPSec
Transparent to applications (below transport layer)
(TCP, UDP)
Provide security for individual users
Access Control
Connectionless integrity
Data origin authentication
Rejection of replayed packets
Confidentiality (encryption)
Network Security/ Protocols and vulnerabilities
Network Layer: IP security scenario …
Network Security/ Protocols and vulnerabilities
Network Layer: IPSec - Security Associations (SA)
(a) Before AH
Network Security/ Protocols and vulnerabilities
Network Layer: IPSec AH Authentication …
* Implements IPSec
Network Security/ Protocols and vulnerabilities
Network Layer: Combination of Security Associations …
* Implements IPSec
Network Security/ Protocols and vulnerabilities
Network Layer: Combination of Security Associations …
* Implements IPSec
Network Security/ Protocols and vulnerabilities
Network Layer: Combination of Security Associations …
* Implements IPSec
Network Security/ Protocols and vulnerabilities
IPSec ESP Encryption and Authentication… Summary
IPSec provides authentication, confidentiality, and key management at
the level of IP packets.
IP-level authentication is provided by inserting an Authentication
Header (AH) into the packets.
IP-level confidentiality is provided by inserting an Encapsulating
Security Payload (ESP) header into the packets. An ESP header can also
do the job of the AH header by providing authentication in addition to
confidentiality.
Before ESP can be used, it is necessary for the two ends of a
communication link to exchange the secret key that will be used for
encryption. Similarly, AH needs an authentication key. Keys are
exchanged with a protocol named as the Internet Key Exchange (IKE).
IPSec is a specification for the IP-level security features that are built
into the IPv6 internet protocol. These security features can also be used
with the IPv4 internet protocol.
IPSec is transparent to applications (functions below transport layer)
Network Security/ Protocols and vulnerabilities
Transport Layer : TCP SYNC attack
client server
SYN = ISNC
SYN = ISNS, ACK(ISNC)
ISN – Initial Sequence Number
ACK(ISNS)
data transfer
attacker server
SYN = ISNX, SRC_IP = T trusted host (T)
ACK(ISNS), SRC_IP = T
SRC_IP = T, nasty_data
Network Security/ Protocols and vulnerabilities
Application layer: DNS spoofing