1

บทที่ 2: THE SECURITY REVIEW OF PROTOCOLS

ขอบเขตของเนื้อหา

Upper

Lower

Upper Layer

Layer

2

COMPLEXITY OF THE COMMUNICATIONUpper Layer

HTTP, SMTP, FTP, Telnet, IM, RSS, …..

Lower LayerARP ,IP, TCP, UDP, ICMP, DNS, DHCP, …..

Client and ServerClient initially connect to Server by using Ports depends on Application

http: 80SMTP: 25DNS: 53SSh: 22

BASIC PROTOCOL

ARPS di MAC dd f E h h h i Sending MAC address of Ethernet to other hosts in the network48 bits

IPUsing a set of numbers to identify a hostg yIPV4, IPV6

TCP VS UDP VS ICMP

3

BASIC PROTOCOL

ARPO D li k lOperate on Data-link layerSending MAC address of Ethernet to other hosts in the network (48 bits)Can be faked, called ARP Spoofing, using MAC-SPOOFINGPOPULAR attack on WIFI, using MAC filter

INTERNET PROTOCOL

IPU i f b id if hUsing a set of numbers to identify a hostCan limit the set of groups by using netmaskIPV4, IPV6Can be easily spoofedNo Transmission Sequenceq

4

TCP TCP

Operate on Transport LayerTCP P k t i d g t t tTCP Packet required segment structure

TCP (ตอ)TCP (ตอ)

Having Flow Control

5

UDPUDP

Having No Flow Control

TCP VS UDP

6

ICMP

Used to send the control message onlyNo Port number requiredNo guaranty of deliveryCan be boardcasted

Ex: Ping

ICMP TYPE CODES

7

BASIC CONCEPTS

DNS

Domain Name SystemU d h i h IP ddUsed to map host name with IP addressUsing UDP Packet with Port 53Common Implement called “Bind”

Name ServerRoot serverRoot serverLocal Name Server

Zone Transfer

8

DNS

IPV4 VS IP V6

128 bit IPMA Address use to communicate with multiple access called anycastReplace ARP with Neighbor Discovery using Authentication HeaderCommunicate with IPV4 using NAT Box to Communicate with IPV4 using NAT Box to convert

9

ATTACK ON LOWER LAYER

ARP: SpoofingIP: SpoofingTCP: DDoSICMP and UDP: FloodDNS : Forward name

UPPER LAYER

SMTPPOP version 3IMAP version 4Instant Messaging

10

SMTP

Simple Mail Transfer Protocol (SMTP)7-bits Send-Recv packet (ASCII)7 bits Send Recv packet (ASCII)Sendmail Application on unix work as root.

Denial of Service (DoS) attackOpen-relays

POP VERSION 3 AND IMAP VERSION 4

POP version 3Post Office Protocol Post Office Protocol Download mail from host, save to PCDelete mail in mailbox after finish downloadWork with SMTP; POP3 Authentication prevent Open relays on SMTP

IMAP Version 4Remote access to mail serverSMTP is used to Send mail.Support Challenge/Response authentication

11

INSTANT MESSAGING

American Online (AOL)ICQMicrosoft MessengerJabber : SSL supported

RPC-BASED PROTOCOLS

RPC and Rpc-bindNFSNFSAndrew

12

REMOTE PROCEDURE CALL (RPC)

Compile stub or glue routine by precompilerW k b h TCP d UDPWork on both TCP and UDP

Data will lost on UDP

Support DES algorithm with Diffie-hellmanNow use DES-Authenticated RPC with Kerberos on OSF’s distributed computing Environmenton OSF s distributed computing EnvironmentRPCbind is port mapper

Network File System by SUN Microsystem

NFS

Work on UDP RPCStateless ServerStandard port 2049RPCBind has used in new version

13

ANDREW

Andrew File System (AFS) work with NFSK b i dKerboros is usedAFS more secure than NFS

FTP

TFTP: Trival File Transfer ProtocolUDPUDPUse for Diskless workstation and X11 terminalSuch as RouterEasy to Dictionary attack

FTP: File Transfer ProtocolFTP: File Transfer Protocol

14

REMOTE LOGIN

TelnetThe “r” Commands

BSD AuthenticationVia TCP

SNMPControl device ex RouterControl device ex. Router

SSHReplace rlogin, rdist, rsh, rcp

WEB PROTOCOL

httpPort 80URLCookies

15

SSL

Operate over httpTransmit DataRequired Certificate

RISK TO CLIENT

Active XJava and Applet : CGI ScriptJavaScriptBrowser

16

RISK TO SERVER

Access ControlB i A h i iBasic AuthenticationDigest Authentication

Server-Side ScriptWeb Server and Firewall

WEB SERVER AND FIREWALL

17

WEB DATABASE

Using SQL and ScriptAPI S i

www.themegallery.com

API Script

จบ บทที่ 2จบ บทท 2