We talk about octets and not bytes. Internet is used by computers with different word sizes than multiples of 8. Numbers 0 and 255 are always reserved. The Internet numbering scheme is very wasteful. The A networks don’t use nearly the 16 million numbers they have allocated to them. B networks also do not use their 64516 numbers. The TUE is a B network (131.155) but only has 3500 employees and around 6000 students. It will use only 10000 to 15000 IP numbers. It is currently almost impossible to get a B network (and absolutely impossible to allocate an A network). The numbering scheme is important because the IP numbers reveal the size of the network. A large organization has a B network and is probably more interesting to try to penetrate than an organization with only a C network.
Through the sequence number the receiving end can detect missing datagrams or datagrams that arrive in the wrong order. It can request a retransmission of missing or corrupted datagrams.
The time to live is decremented each time the datagram passes through a site. When the counter reaches zero the datagram is discarded. This method ensures that should the routing result in a loop no datagram will be in the loop forever.
Routing is a strong and a weak point: A strong point is that the redundant paths allow the network to continue functioning when some gateways go down. A theoretical strong point for security, but in reality pretty weak, is that the data for a single connection may flow through different gateways and is then hard to intercept. Unfortunately, this flow seldom happens. In most cases routing is pretty straightforward. Datagrams are all sent over the same line and in the same order they were sent in, thus making it easy to intercept them. A weak path is that by creating a fast gateway one can teach other gateways to send data through that gateways, which can then intercept all data. The only thing that makes this approach difficult is that creating such a fast gateway has become prohibitively expensive.
The translation is both a strong and weak point. It is strong because there are redundant servers (although there really are master servers). It is weak because a server can temporarily start giving out false addresses. The root server that was also the server for the “com” domain has failed some time ago, and caused major problems in reaching Internet sites.
Text-based protocols are a security risk because it is very easy to read information that is passing by using a packet sniffer.
Snooping is easier on a local network than on Internet, because on the local net one can be assured about packets passing by a certain machine. Snooping does not require great skill: network diagnostic software already provides basic snooping facilities. Snooping can be defeated at the hardware level by means of a switched ethernet (with star geometry).
Spoofing requires more skill than snooping. It requires you to understand the network topology. The likelihood of getting caught is greater than with snooping. Spoofing can be defeated by networks with static routes . Network traffic cannot be diverted through a spoofing machine.
This technique is even more difficult to implement, but it reduces the risk of getting caught. Most of the work in keeping up the appearance of being the real server is done by the real server. Communication is only altered when the spoofing machine considers it interesting.
Three can keep a secret if two of them are dead. (Which is the weak point in secret key encryption.)
Simply encrypting each subsequent 64-bit block with the same DES key is not very safe. A more secure approach is “CBC”, cipher block chaining. Each 64 bit plaintext block is bitwise exclusive-ORed with the previous ciphertext block before being encrypted with the DES key. Thus, the encryption of each block depends on the previous blocks and the same 64 bit plaintext block can encrypt to different ciphertext blocks depending on its context in the overall message.
There is also Secure HTTP for secure Web communication. The problem with Secure HTTP is that it is restricted to HTTP communication. SSL is a more general approach.
A potential weakness in SSL is the fact that the client generates a master key. There was a problem in some version of Netscape Navigator that the generated master keys were not sufficiently random. The security depends on the impossibility to guess the master key.
Information about IPsec at http://www.ietf.org/html.charters/ipsec-charter.html Later viewgraphs will explain more about IPsec!
A packet filter or a dual-homed host (acting as a packet filter) can be used to make sure Intranet computers cannot reach Internet directly.
A screening router is generally simpler than a bastion host, thus easier to defend. One cannot try to break into the router to gain access to the software that performs the proxy services because they are not in the router.
The bastion may offer more services to hosts on the Intranet than on Internet. A site on Internet could forge its address to pretend that it’s on the Intranet. In the screened host setup this could lead to a situation where that site gets more services. In the screened subnet setup this would not work because the forged address would be blocked by the exterior router.
An essential property of PPTP is that the communication between client and its dial-up gateway is really tunneled, so anyone tapping into the communication cannot see IP headers or data. But further communication towards Internet (from the gateway on) is of course no longer tunneled using PPTP.
Note that when IPsec is used between a pair of security gateways the communication between hosts and the gateway on their respective sides is not secured.
Traffic flow confidentiality means that the real source and destination (beyond the secured connection) are hidden. Access control depends on the distribution of cryptographic keys and the management of traffic flows relative to the security protocols. Each protocol can be used in transport mode or tunnel mode . In transport mode they concentrate on protecting upper layer protocols (i.e. they do not hide IP headers but only higher level headers); in tunnel mode the protocols are applied to tunneled IP packets (i.e. they hide the complete packets including headers).
Creating a separate encrypted tunnel for each TCP connection can be prohibitively expensive when used in combination with HTTP (1.0). Public-key cryptography is normally used to communicate a secret key. But if public-key cryptography has to be used for each HTTP request it becomes very expensive. (Example: Jim’s Bloomberg incident)
Proxy packages include Wingate and Sygate. Windows 98 and Windows 2000 include “internet connection sharing” possibilities.
Information Security Internet, Intranet, Extranet Prof. dr. P.M.E. De Bra Department of Computing Science Eindhoven University of Technology
An ARP request is used to find out which ethernet address corresponds to an IP number.
ARP is needed to talk to Internet hosts on the local ethernet.
(Local) ethernet routers can block packets that originate from machines with an unknown ethernet address. (It is easier to pretend to have a different IP number than to pretend to have a different ethernet number.)