Introduction to HP OpenView Project at INAC - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

Introduction to HP OpenView Project at INAC

Description:

Canadian Tire. Bell Canada. Catalog Request. Return Addr: V. V. Boston Pizza. Phonebook Request ... Half-open buffer has limited size. Half-open connection has ... – PowerPoint PPT presentation

Number of Views:195
Avg rating:3.0/5.0
Slides: 28
Provided by: want
Category:

less

Transcript and Presenter's Notes

Title: Introduction to HP OpenView Project at INAC


1

IP Spoofing Attacks Defenses
Tao Wan Digital Security Group School of Computer
Science Carleton University Oct 30, 2003
2
Outline
  • Introduction
  • IP Spoofing Attacks
  • IP Spoofing Defenses
  • Concluding Remarks

3
Introduction
4
Protocol Stacks
HTTP
SNMP
802.3
802.11
others
OSI Model
5
Protocol Stacks
HTTP
SNMP
802.3
802.11
others
6
Data Transmissions
Application
data
data
Application
TCP UDP
TCP UDP
IP
IP
routing
Data link/physical
Data link/physical
A
B
7
IP Header
8
TCP Header
9
Security Services
  • Entity Authentication
  • What do you know
  • What do you have
  • What do you inherit
  • Integrity
  • Message authentication
  • Confidentiality
  • Encryption

10
IP Spoofing Attacks
11
IP Spoofing Attacks
  • IP Spoofing
  • DoS by Ping
  • TCP Sync Flooding
  • Session Hijacking

12
IP Spoofing
http//www.carleton.ca
spoofing
13
IP Spoofing Attacks Smurf IP DoS
A
ICMP Echo Reply Source T1 Dest V
V
14
Mail Address Spoofing Attacks Mail-bombs
Catalog Request Return Addr V
Sears
A
Canadian Tire
Phonebook Request Return Addr V
Pizza orders Return Addr V
Bell Canada
V
Boston Pizza
15
IP Spoofing Attacks TCP 3 Way Handshake
A
TCP SYN
Half-open buffer
TCP SYNACK
A
B
TCP ACK
A
Open buffer
Half-open buffer has limited size
Half-open connection has a timer associated with
16
IP Spoofing Attacks TCP Sync Flooding (DDos)
A
B
C
D
J
V
I
E
Half-open buffer is full
F
G
H
17
IP Spoofing Defenses
18
IP Spoofing Defenses
  • It is a VERY hard problem
  • Ingress/Egress Filtering
  • IP Authentication (IPsec AH)
  • Cryptographic Generated Address (CGA)

19
IP Spoofing Defenses Ingress/Egress Filtering
if src_addr is from 10.10.0.0 then drop else
forward
if src_addr is from 10.10.10.0 then forward else
drop
10.10.0.0
10.10.10.0
if src_addr is from 10.10.0.0 then forward else
drop
20
IP Spoofing Defenses IPSec (???)
  • Two Protocols
  • Authentication Header (AH)
  • Encapsulating Security Payload
  • Two Modes
  • Transport Mode
  • Tunnel Mode

21
IP Spoofing Defenses IP Authentication Header
(AH)
22
IP Spoofing Defenses IP Authentication Header
(AH)
23
IP Spoofing Defenses IPSec (???)
  • Data Origin Authentication
  • IP address is not modified en route
  • Is it a real or spoofed IP ??
  • Message Integrity
  • Replay Prevention

24
IP Spoofing Defenses Cryptographic Generated
Address (CGA)IPv6
25
IP Spoofing Defenses Cryptographic Generated
Address (CGA)IPv6
  • How about IPv4
  • Does everyone have a pair of private/public keys
    (authenticated)?
  • DoS by engaging a recipient into a endless
    process of verifying CGAs

26
Concluding Remarks
  • IP spoofing is a common technique for attacks
  • There is not too much we can do about it

27
Thanks !
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Introduction to HP OpenView Project at INAC" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!