CSCE 465 Lecture 2

From Notes
Jump to navigation Jump to search

« previous | Thursday, January 17, 2013 | next »


Lecture Slides


Homework 1

Packet sniffing and spoofing

Sniffing

  1. Install VMware Player on Windows or Linux
  2. Install Ubuntu guest OS (accounts root:seedubuntu and seed:dees)
  3. Follow pcap tutorial to build sniffex program.
  4. Answer problems based on tutorial
  5. Find telnet password in network trace


Spoofing

Use a raw socket to send a packet with arbitrarily-set fields


Security Overview

A state of well-being and adapting of information and infrastructures in which the possibility of successful yet undetected and detected theft, tampering, and disruption of information and services is kept low or tolerable

Rests on CIA

  • Confidentiality (keep data and resources hidden)
  • Integrity (data and origin/authentication)
  • Availability (enable access to data and resources)


Computer security ∩ Communication security = Information Security

Security is important: technology, computers, and networks are nerves and critical infrastructure of society.

…but it is hard

  • If system not designed with security in mind, there will always be loopholes
  • often not considered until an enterprise has been penetrated by an attacker
  • historical reluctance to invest in security due to higher cost
  • Most TCP/IP protocols not built with security in mind (but that's changing quickly: HTTPS, SSH)
  • Software vulnerabilities (human mistakes, buffer overflow)
  • increasing hardware complexity
  • User ignorance (social engineering)
  • attackers only need to break the weakest link, while defense applies to entire systems


Threats and Attacks

threat
potential violation of security
design flaws, etc.
attack
an action that violates security
can be active or passive
all very dangerous

Attacks on Confidentiality

Eavesdropping (message interception)

  • Hardware
  • tcpdump with promiscuous network interface
  • DNS lookups, IP packets without payloads (headers only), payload

Attacks on Integrity

  • Tampering: intercepting and resending data
  • Fabrication: masquerade/spoof identity of other's identity
  • Man-in-the-middle
    • passive tap: viewing information as it goes through
    • active tap: modify data being transmitted

Attacks on Availability

  • Destroy hardware (cut fiber/wire) or software
  • Corrupt packets in transit
  • Crash server
  • Overwhelm server


Retrieved from "https://notes.komputerwiz.net/w/index.php?title=CSCE_465_Lecture_2&oldid=2594"