IP Protocol Functions (Summary)

فهرست عناوین اصلی در این پاورپوینت

فهرست عناوین اصلی در این پاورپوینت

● Network Protocols and Vulnerabilities
● Outline
● Internet Infrastructure
● TCP Protocol Stack
● Data Formats
● Internet Protocol
● IP Routing
● IP Protocol Functions (Summary)
● User Datagram Protocol
● Transmission Control Protocol
● Internet Control Message Protocol
● Basic Security Problems
● Packet Sniffing
● Smurf DoS Attack
● TCP Handshake
● SYN Flooding
● Protection against SYN Attacks
● TCP Connection Spoofing
● IP Spoofing Attack
● TCP Sequence Numbers
● Recent DoS vulnerability [Watson’04] ● Cryptographic network protection
● Wireless Threats
● Evolution of Wireless Security
● What Went Wrong With WEP
● IEEE 802.11i – WPA2
● Security issues in development of 802.11i
● TCP Congestion Control
● Competition
● Routing Vulnerabilities
● Source Routing Attacks
● Routing Table Update Protocols
● Routing Information Protocol (RIP)
● Interdomain Routing
● BGP overview
● BGP example [D. Wetherall] ● Issues
● BGP Route Instability
● Domain Name System
● DNS Root Name Servers
● DNS Lookup Example
● Caching
● Lookup using cached DNS server
● DNS Implementation Vulnerabilities
● Inherent DNS Vulnerabilities
● DNS cache poisoning
● Pharming
● DNS Rebinding Attack
● DNS Rebinding Defenses
● Summary (I)
● Summary (II)

نوع زبان: انگلیسی حجم: 1.11 مگا بایت
نوع فایل: اسلاید پاورپوینت تعداد اسلایدها: 55 صفحه
سطح مطلب: نامشخص پسوند فایل: ppt
گروه موضوعی: زمان استخراج مطلب: 2019/05/17 02:21:26

لینک دانلود رایگان لینک دانلود کمکی

اسلایدهای پاورپوینت مرتبط در پایین صفحه

عبارات مهم استفاده شده در این مطلب

عبارات مهم استفاده شده در این مطلب

packet, ip, tcp, datum, network, attack, connection, ., protocol, number, route, message,

توجه: این مطلب در تاریخ 2019/05/17 02:21:26 به صورت خودکار از فضای وب آشکار توسط موتور جستجوی پاورپوینت جمع آوری شده است و در صورت اعلام عدم رضایت تهیه کننده ی آن، طبق قوانین سایت از روی وب گاه حذف خواهد شد. این مطلب از وب سایت زیر استخراج شده است و مسئولیت انتشار آن با منبع اصلی است.

https://crypto.stanford.edu/cs155old/cs155-spring08/lectures/12-tcp-dns.ppt

در صورتی که محتوای فایل ارائه شده با عنوان مطلب سازگار نبود یا مطلب مذکور خلاف قوانین کشور بود لطفا در بخش دیدگاه (در پایین صفحه) به ما اطلاع دهید تا بعد از بررسی در کوتاه ترین زمان نسبت به حدف با اصلاح آن اقدام نماییم. جهت جستجوی پاورپوینت های بیشتر بر روی اینجا کلیک کنید.

عبارات پرتکرار و مهم در این اسلاید عبارتند از: packet, ip, tcp, datum, network, attack, connection, ., protocol, number, route, message,

مشاهده محتوای متنیِ این اسلاید ppt

مشاهده محتوای متنیِ این اسلاید ppt

network protocols and vulnerabilities john mitchell cs ۱۵۵ spring ۲ ۸ outline basic networking network attacks attacking host to host datagram protocols syn flooding tcp spoofing … attacking network infrastructure routing domain name system this lecture is about the way things work now and how they are not perfect. next lecture – some security improvements still not perfect backbone isp isp internet infrastructure local and interdomain routing tcp ip for routing connections bgp for routing announcements domain name system find ip address from symbolic name www.cs.stanford.edu tcp protocol stack application transport network link application protocol tcp protocol ip protocol data link ip network access ip protocol data link application transport network link data formats application transport tcp udp network ip link layer application message data tcp data tcp data tcp data tcp header data tcp ip ip header data tcp ip eth etf link ethernet header link ethernet trailer segment packet frame message internet protocol connectionless unreliable best effort transfer datagram header data ip ip routing internet routing uses numeric ip address typical route uses several hops meg tom isp office gateway ۱۲۱.۴۲.۳۳.۱۲ ۱۲۱.۴۲.۳۳.۱ ۱۳۲.۱۴.۱۱.۵۱ ۱۳۲.۱۴.۱۱.۱ ip protocol functions summary routing ip host knows location of router gateway ip gateway must know route to other networks fragmentation and reassembly if max packet size less than the user data size error reporting icmp packet to source if packet is dropped user datagram protocol ip provides routing ip address gets datagram to a specific machine udp separates traffic by port destination port number gets udp datagram to particular application process e.g. ۱۲۸.۳.۲۳.۳ ۵۳ source port number provides return address minimal guarantees no acknowledgment no flow control no message continuation udp transmission control protocol connection oriented preserves order sender break data into packets attach packet numbers receiver acknowledge receipt lost packets are resent reassemble packets in correct order tcp book mail each page reassemble book ۱۹ ۵ ۱ ۱ ۱ internet control message protocol provides feedback about network operation error reporting reachability testing congestion control example message types destination unreachable time to live exceeded parameter problem redirect to better gateway echo echo reply reachability test timestamp request reply measure transit delay icmp basic security problems network packets pass by untrusted hosts eavesdropping packet sniffing e.g. ngrep ip addresses are public smurf tcp connection requires state syn flooding attack tcp state can be easy to guess tcp spoofing attack packet sniffing promiscuous nic reads all packets read all unencrypted data e.g. ngrep ftp telnet send passwords in clear alice bob eve network prevention encryption improved routing another lecture ipsec sweet hall attack installed sniffer on local machine smurf dos attack send ping request to broadcast addr icmp echo req lots of responses every host on target network generates a ping reply icmp echo reply to victim ping reply stream can overload victim prevention reject external packets to broadcast address gateway dos source dos target ۱ icmp echo req src dos target dest brdct addr ۳ icmp echo reply dest dos target tcp handshake c s sync syns ackc ۱ acks ۱ listening store data wait connected syn flooding c s sync۱ listening store data sync۲ sync۳ sync۴ sync۵ syn flooding attacker sends many connection requests spoofed source addresses victim allocates resources for each request connection requests exist until timeout fixed bound on half open connections resources exhausted  requests rejected protection against syn attacks client sends syn server responds to client with syn ack cookie sqn f src addr src port dest addr dest port rand normal tcp response but server does not save state honest client responds with ack sqn server checks response if matches syn ack establishes connection rand is top ۵ bits of ۳۲ bit time counter server checks client response against recent values see http cr.yp.to syncookies.html bernstein schenk tcp connection spoofing each tcp connection has an associated state client ip and port number same for server sequence numbers for client server flows problem easy to guess state port numbers are standard sequence numbers often chosen in predictable way ip spoofing attack a b trusted connection send packets with predictable seq numbers e impersonates b to a opens connection to a to get initial seq number syn floods b’s queue sends packets to a that resemble b’s transmission e cannot receive but may execute commands on a server a b e attack can be blocked if e is outside firewall. tcp sequence numbers need high degree of unpredictability if attacker knows initial seq and amount of traffic sent can estimate likely current values send a flood of packets with likely seq numbers attacker can inject packets into existing connection some implementations are vulnerable recent dos vulnerability watson’ ۴ suppose attacker can guess seq. number for an existing connection attacker can send reset packet to close connection. results in dos. naively success prob. is ۱ ۲۳۲ ۳۲ bit seq. ’s . most systems allow for a large window of acceptable seq. ’s much higher success probability. attack is most effective against long lived connections e.g. bgp. cryptographic network protection solutions above the transport layer examples ssl and ssh protect against session hijacking and injected data do not protect against denial of service attacks caused by spoofed packets solutions at network layer use cryptographically random isns rfc ۱۹۴۸ more generally ipsec can protect against session hijacking and injection of data denial of service attacks using session resets wireless threats passive eavesdropping traffic analysis easy most wireless nics have promiscuous mode message injection active eavesdropping easy some techniques to gen. any packet with common nic message deletion and interception possible interfere packet reception with directional antennas masquerading and malicious ap easy mac address forgeable and s w available hostap session hijacking man in the middle denial of service cost related evaluation wireless networks are vulnerable to many threats. i will not go over all of them in details. what i want to emphasize is message injection is easy and message interception is possible comparing to wired networks. these might cause security problems. also denial of service attack is inevitable in wireless networks however we will only consider the attacks that only require the adversary to do little work. evolution of wireless security ۸ ۲.۱۱ wired equivalent protocol authentication open system ssid and shared key authorization some vendors use mac address filtering confidentiality integrity rc۴ crc wpa wi fi protected access authentication ۸ ۲.۱x confidentiality integrity tkip reuse legacy hardware still problematic ieee ۸ ۲.۱۱i ratified ۲ ۴ wpa۲ mutual authentication data confidentiality and integrity ccmp key management availability what went wrong with wep no key management long lived keys fix use ۸ ۲.۱x standard for user device authentication crypto issues rc۴ cipher stream key size ۴ bit keys initialization vector too small ۲۴ bit integrity check value based on crc ۳۲ authentication messages can be forged ieee ۸ ۲.۱۱i wpa۲ rsna involves three entities the supplicant the authenticator and the authentication server. in an general infrastructure network the supplicant …

کلمات کلیدی پرکاربرد در این اسلاید پاورپوینت: packet, ip, tcp, datum, network, attack, connection, ., protocol, number, route, message,

این فایل پاورپوینت شامل 55 اسلاید و به زبان انگلیسی و حجم آن 1.11 مگا بایت است. نوع قالب فایل ppt بوده که با این لینک قابل دانلود است. این مطلب برگرفته از سایت زیر است و مسئولیت انتشار آن با منبع اصلی می باشد که در تاریخ 2019/05/17 02:21:26 استخراج شده است.

https://crypto.stanford.edu/cs155old/cs155-spring08/lectures/12-tcp-dns.ppt

  • جهت آموزش های پاورپوینت بر روی اینجا کلیک کنید.
  • جهت دانلود رایگان قالب های حرفه ای پاورپوینت بر روی اینجا کلیک کنید.

رفتن به مشاهده اسلاید در بالای صفحه


دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *