SlideShare a Scribd company logo
Course 3: Network Security, Section 6 Pascal Meunier, Ph.D., M.Sc., CISSP May 2004;  updated July 30, 2004 Developed thanks to the support of Symantec Corporation, NSF SFS Capacity Building Program (Award Number 0113725) and the Purdue e-Enterprise Center Copyright (2004) Purdue Research Foundation. All rights reserved.
Course 3 Learning Plan Architecture Physical and link layer Network layer Transport layer Application layer: DNS, RPC, NFS Application layer: Routing Wireless networks More secure protocols:  DNSSEC, IPSEC, IPv6
Learning objectives Understand how routing works, and its purpose Understand why the IP source routing option is dangerous Understand the algorithms used by the various routing protocols Understand how the algorithms can be attacked Be able to discuss the advantages and disadvantages of the various algorithms
Routing Outline Distance vector algorithms RIP Intra-domain routing Path vector protocols BGP Inter-domain routing Link State protocols OSPF
Definitions A router connects two or more networks and forwards packets at the network layer (IP) Where to is based on "routes" Routes can be static, or calculated by using a routing protocol Router and gateway are synonyms Autonomous System "A set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs" Encapsulates a set of networks as a single entity, regardless of what happens inside
Secure Routing Requirements Routing information must have: Integrity  Authenticity Authorization Timeliness Resist replay attacks
Source Routing IP option to specify the routes a packet should take  In the IP header Data controlled by sender Options: Strict Source Route Exact sequence of routers to use Loose Source Route Specify some routers packets should go through Record Route Figure out which routes a packet takes Return route must be saved and used on all further communications (e.g., TCP segments)
Source Routing Attacks An attacker can send a packet specifying the return route The attacker may control one of the "routers" on the return route Attacker needs to send a single valid packet for that new route to be used for the entire TCP connection Initial sequence number just has to be guessed correctly once TCP session sniffing Man-in-the-middle attack On-the-fly packet modification Dropping packets selectively, or all packets TCP IP spoofing Three-way handshake possible because the attacker gets the replies through the specified router
Private IP addresses As discussed when presenting the IP protocols, some IP addresses are supposed to be private e.g., 192.168.x.y Source routing could allow contacting hosts on internal networks Even if they are supposedly shielded by NAT devices
Exploit Tools "lsrtunnel" allows spoofing the IP address in a TCP session See http://www.synacklabs.net/projects/lsrtunnel/ "lsrscan" scans hosts to find out which ones do loose source routing See http://www.synacklabs.net/projects/lsrscan/
Defense Most routers now have an option to disregard source routing options Routers decide which route to use Applications can force the overriding of source routing options Good idea for secure programming RFC 1122 Windows 98, 2000, XP respond to source route packets by reversing the route by default Will forward packets if has multiple network interfaces Need to edit registry (possible since Windows NT 4.0, see Microsoft knowledge base article 217336)
ICMP Router Discovery Protocol Already discussed under ICMP "Trust me, I'm a gateway" messages No form of authentication Enabled by default on DHCP clients running Microsoft Windows 95, 98, 98 SE, 2000 machines By spoofing IRDP Router Advertisements, an attacker can remotely add default route entries to a remote system The default route entry added by the attacker will be preferred over the default route obtained from the DHCP server.  Windows2000 is less vulnerable as it is impossible to give it a route that is preferred over the default route obtained via DHCP
ICMP Attacks Hosts trusting ICMP messages are vulnerable to the same kinds of attack enabled by source routing Exploit tool: "rdp" (L0pht) See http://24.237.160.4/files/networking/rdp.txt Download: http://www.zone-h.org/en/download/category=28/
Distance Vector Protocols Routers exchange distance information Routers keep the least expensive routes, and share that information Problems: Trust and robustness issue:  pre-processed second-hand information is accepted Distance-vector algorithms are not robust vs. unreliable (noisy) or malicious information. Loops See next slide
Loops in Distance-Vector Algorithms Imagine Alice, Bob and Charlie connected in a triangle Alice is connected to Dean Bob and Charlie record a cost of two hops to send packets to Dean Alice loses the connection Charlie decides to use the route to Dean through Bob Alice decides to use the route to Dean through Charlie Bob notices the cost to Dean through Alice increased Loop with updated, ever increasing costs Alice Bob Charlie Dean
Avoiding Loops Defense: "Counting to infinity" detection Maximum distance value Infinity is 16 Split horizon Don't advertise a route back to the router that made the route possible Prevents two-computer loops Previous loop example was with split horizon Other heuristics Poisoned reverse Advertise routes back to the router that made the routes possible, but with infinite (16) cost to speed convergence
Distance Vector a.k.a. Routing by rumor Routers are advertising routes they are not directly connected to Slow convergence Doesn’t scale well
RIP: Routing Information Protocol RFC 1058 (version 1) UDP Port 520 0  1  2  3  3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | command (1)  | version (1)  |  must be zero (2)  | +---------------+---------------+-------------------------------+ | address family identifier (2) |  must be zero (2)  | +-------------------------------+-------------------------------+ |  IP address (4)  | +---------------------------------------------------------------+ |  must be zero (4)  | +---------------------------------------------------------------+ |  must be zero (4)  | +---------------------------------------------------------------+ |  metric (4)  | +---------------------------------------------------------------+
Black Hole Routing: Incidents at Purdue and MAI Virginia Students in networking class started advertising that they had the fastest route to anywhere, so internet traffic was redirected to CS Dept! MAI Router bug produced the same effect as above and caused the internet to disconnect (1997) Illustrated the need for increased robustness result:  access control based on IP address was suggested but is not part of the protocol... defeated by IP spoofing (trivial with UDP messages)
Attacks on Distance-Vector Algorithms Malicious router can: Advertise 0-cost to some networks but do not forward DoS for some routes Mallory can create fake messages with UDP spoofing Create loops Send all traffic to one router Make counting to infinity (16) take infinity by resetting the count every so often... Send messages saying that router A is unable to reach its own networks, to other routers...
MIM Routing Attack Send a message to all gateways, saying the gateway to network A has made network A unreachable Send another message advertising that you can reach network A cheaply You will start receiving all traffic for network A Forward the traffic to the original gateway, after doing whatever you want to do with it
FIRP Attack “Faulty Intermediate Router Problem” In distance vector algorithms, a node sends agregated and processed information from other nodes, which subsequent nodes have to trust Router makes faulty calculations, by accident or on purpose How much a single FIRP can affect the routing? Devastating to distance-vector algorithms
RIP V. 2 RFC 2453 Adds authentication via a shared password 16 octets plain text (can be sniffed) Weakest point of failure still brings down the protocol (black hole routing, FIRP problem) Access control recommended but not specified
Path Vector Protocols Add policies (rules) on top of distance vector algorithms, to dynamically vary the costs, reject paths, or even choose a non-optimal path Cost is number of Autonomous Systems, not number of routers as for distance-vector protocols (RIP) Can diverge due to reactionary changes in policies, resulting in unstable routes
BGP:  Border Gateway Protocol Inter-Autonomous System routing protocol Uses TCP (or any reliable transport mechanism) Port 179 RFC 1771 (BGP-4) Optional authentication field Various authentication options Authentication is only in the "OPEN" message Connection can be hijacked afterwards TCP session hijacking
BGP Connections Once a connection to another BGP router has been established, it is expected to remain open and stable If it closes: All resources for that BGP connection are deallocated.  Routing table entries associated with the remote peer are marked as invalid.  The fact that the routes have become invalid is passed to other BGP peers before the routes are deleted from the system. TCP RST attacks can be very damaging! Cause routing instabilities Must use the TCP MD5 signature option (RFC 2385) Or IPSEC, etc...
BGP Limitations BGP (Border Gateway Protocol) has all the issues of Distance Vector algorithms New issues due to unsafe policies Reference: “Policy Disputes in Path-Vector Protocols”  Timothy G. Griffin, F. Bruce Shepherd, and Gordon Wilfong Works well in practice Popular Quite vulnerable in theory
Link State Protocols Each router is responsible for meeting neighbors and learning their names Each router constructs a packet called a Link State Advertisement (LSA) List of neighbors Cost of link LSAs are reliably “flooded” to all routers;  everyone gets the same consistent  information, so there is no “counting to infinity” or memory. Each router computes the best routes on its own -- no need to trust your neighbor’s calculations.
OSPF: Open Shortest Path First It’s an authenticated link state protocol (RFC 2328) running directly on top of IP (proto 89) and using multicasts instead of broadcasts Alternative to RIP Each node advertises only the information it knows first-hand (no hearsay)  Every node calculates the paths independently, requiring matching information from both sides of a link to validate it!  A single rogue router can’t claim inexistent links.
"Fight Back" Phenomenon Because LSAs (Link State Advertisements) are flooded, an LSA produced by a malicious router is sent to all A router that knows better will respond and try to correct a tainted LSA Malicious router has to keep attacking:  “persistent” attack is needed More costly to attacker, and less stealthy Better route integrity Real security requires cryptographic signatures
Authentication in OSPF Methods: 1. Password (plain text), vulnerable to sniffers 2. Keyed MD5 (a.k.a. HMAC-MD5) K is a shared secret key (padded with zeros) T is the message H() is a hash function like MD5 F(K, T) is a function that pre-mixes T and K Idea: Along with message, send also H(F(K,T)).  Routers that know K can verify the integrity of T, as well as authenticate the message. See RFC 1828 Similar to TCP MD5 signature option (RFC 2385)
OSPF in IPSEC and IPv6 No authentication at the OSPF level Uses IPSEC/IPv6 to provide security Does not protect against the faulty intermediate router problem (FIRP) Intermediate router is man-in-the-middle MIM protection judged too expensive Must ultimately rely on intrusion detection
More on OSPF RFC 2328 "Seven of Nine" Lectures On OSPF http://routergod.com/sevenofnine/
IGRP Interior Gateway Routing Protocol  also used externally in practice Cisco protocol (1980's) Distance vector algorithm Metric is weighted formula using internetwork delay, bandwidth, reliability, and load Has a "holddown" period for keeping bad routes down and increasing routing information consistency Useful for route stability and against race conditions between routing updates
EIGRP Enhanced IGRP (1990's) Distance vector algorithm Uses "Diffusing Update Algorithm (DUAL)" to prevent loops State machine Timers More complex
Question Which is an advantage of link state protocols over distance vector algorithms? a) Distance vector algorithms can’t verify the results of calculations presented to them by other routers b) link state protocols are less complex c) link state protocols count to infinity faster than distance vector algorithms d) link state protocols are authenticated
Question Which is an advantage of link state protocols over distance vector algorithms? a) Distance vector algorithms can’t verify the results of calculations presented to them by other routers b) link state protocols are less complex c) link state protocols count to infinity faster than distance vector algorithms d) link state protocols are authenticated They are not authenticated by definition OSPF relies on IPSEC/IPv6
Question If a router is “lying” (i.e., giving incorrect information) is it easier to find which router is doing so with: a) BGP b) OSPF c) RIP
Question If a router is “lying” (i.e., giving incorrect information) is it easier to find which router is doing so with: a) BGP b) OSPF c) RIP
Question The goal of authentication in routing protocols is primarily to guarantee which one of these? a) Confidentiality b) Integrity c) Auditability d) Privacy
Question The goal of authentication in routing protocols is primarily to guarantee which one of these? a) Confidentiality b) Integrity c) Auditability d) Privacy
Discussion Which routing protocol, if any (static routes are also a choice) would you use in: a) A company network with a few subnets What if you wish to provide visitors with internet access? b) In the routers between engineering and company networks c) In an ISP
Discussion Which routing protocol, if any (static routes are also a choice) would you use in: a) A company network with a few subnets Static routes b) In the routers between engineering and company networks Routing firewalls c) In an ISP OSPF (and BGP to communicate with upstream internet routers)
Mini-Lab The class will design a set of policies for a routing firewall Instructor will write them on whiteboard Define needed functionality Without needed functionality, firewall could just block everything e.g., Web server on other side of firewall Outbound DNS, ssh, ftp (or other update mechanism) Inbound ssh, http, https Define security requirements Which threats do we want to counter? Define network topology e.g., the server behind the firewall is on a separate physical segment Define policies for each network layer ARP, ICMP, etc...
Mini-Lab Implement the rules Instructor must decide on which firewall to use and have it ready before this step e.g., SGS appliance Firewall already setup and ready to go If iptables, need setup instructions Setup and run a packet sniffer to verify the effectiveness of rules Bonus activity: Try to break through the firewall e.g., using Firewalk (see http://www.packetfactory.net/Projects/firewalk/)
Questions or Comments?
About These Slides You are free to copy, distribute, display, and perform the work; and to make derivative works, under the following conditions. You must give the original author and other contributors credit The work will be used for personal or non-commercial educational uses only, and not for commercial activities and purposes For any reuse or distribution, you must make clear to others the terms of use for this work Derivative works must retain and be subject to the same conditions, and contain a note identifying the new contributor(s) and date of modification For other uses please contact the Purdue Office of Technology Commercialization.  Developed thanks to the support of Symantec Corporation
Pascal Meunier [email_address] Contributors: Jared Robinson, Alan Krassowski, Craig Ozancin, Tim Brown, Wes Higaki, Melissa Dark, Chris Clifton, Gustavo Rodriguez-Rivera

More Related Content

What's hot

Netzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPNetzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IP
Maximilan Wilhelm
 
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Maximilan Wilhelm
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013
Cumulus Networks
 
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Maximilan Wilhelm
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ng
Maximilan Wilhelm
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...
Maximilan Wilhelm
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and python
Maximilan Wilhelm
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data Center
Cumulus Networks
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
Maximilan Wilhelm
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local Networks
Andriy Berestovskyy
 
The Spectre of Meltdowns
The Spectre of MeltdownsThe Spectre of Meltdowns
The Spectre of Meltdowns
Andriy Berestovskyy
 
Why my network does not work? Networking Quiz 2017
Why my network does not work? Networking Quiz 2017Why my network does not work? Networking Quiz 2017
Why my network does not work? Networking Quiz 2017
Andriy Berestovskyy
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)
Andriy Berestovskyy
 
CCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesCCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick Notes
Eng. Emad Al-Atoum
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
julianlz
 
CCNA Dec, 2015 Questions
CCNA Dec, 2015 QuestionsCCNA Dec, 2015 Questions
CCNA Dec, 2015 Questions
Eng. Emad Al-Atoum
 
MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Traffic
alco
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
balamurugan N
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)
Netwax Lab
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
Eng. Emad Al-Atoum
 

What's hot (20)

Netzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPNetzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IP
 
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
 
Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013Morphology of Modern Data Center Networks - YaC 2013
Morphology of Modern Data Center Networks - YaC 2013
 
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ng
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and python
 
Operationalizing VRF in the Data Center
Operationalizing VRF in the Data CenterOperationalizing VRF in the Data Center
Operationalizing VRF in the Data Center
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
 
Networking Fundamentals: Local Networks
Networking Fundamentals: Local NetworksNetworking Fundamentals: Local Networks
Networking Fundamentals: Local Networks
 
The Spectre of Meltdowns
The Spectre of MeltdownsThe Spectre of Meltdowns
The Spectre of Meltdowns
 
Why my network does not work? Networking Quiz 2017
Why my network does not work? Networking Quiz 2017Why my network does not work? Networking Quiz 2017
Why my network does not work? Networking Quiz 2017
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)Networking Fundamentals: Transport Protocols (TCP and UDP)
Networking Fundamentals: Transport Protocols (TCP and UDP)
 
CCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick NotesCCNA 200-120 Exam Quick Notes
CCNA 200-120 Exam Quick Notes
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
CCNA Dec, 2015 Questions
CCNA Dec, 2015 QuestionsCCNA Dec, 2015 Questions
CCNA Dec, 2015 Questions
 
MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Traffic
 
Ipv6 cheat sheet
Ipv6 cheat sheetIpv6 cheat sheet
Ipv6 cheat sheet
 
VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)VRF (virtual routing and forwarding)
VRF (virtual routing and forwarding)
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 

Viewers also liked

Kết nối linux đến linux bằng ssh
Kết nối linux đến linux bằng sshKết nối linux đến linux bằng ssh
Kết nối linux đến linux bằng ssh
phanleson
 
Mobile Computing
Mobile ComputingMobile Computing
Mobile Computing
Trinity Dwarka
 
Adhoc routing protocols
Adhoc routing protocolsAdhoc routing protocols
Adhoc routing protocols
Senthil Kanth
 
Mobile IP 2
Mobile IP 2Mobile IP 2
Mobile IP 2
NULL CREATION
 
Digital Cellular Technologies
Digital Cellular TechnologiesDigital Cellular Technologies
Digital Cellular Technologies
T. L. Singal
 
Gprs architecture ppt
Gprs architecture pptGprs architecture ppt
Gprs architecture ppt
Arpita Sanghani
 
Gprs ppt
Gprs pptGprs ppt
Gprs ppt
Shams Tabrez
 

Viewers also liked (7)

Kết nối linux đến linux bằng ssh
Kết nối linux đến linux bằng sshKết nối linux đến linux bằng ssh
Kết nối linux đến linux bằng ssh
 
Mobile Computing
Mobile ComputingMobile Computing
Mobile Computing
 
Adhoc routing protocols
Adhoc routing protocolsAdhoc routing protocols
Adhoc routing protocols
 
Mobile IP 2
Mobile IP 2Mobile IP 2
Mobile IP 2
 
Digital Cellular Technologies
Digital Cellular TechnologiesDigital Cellular Technologies
Digital Cellular Technologies
 
Gprs architecture ppt
Gprs architecture pptGprs architecture ppt
Gprs architecture ppt
 
Gprs ppt
Gprs pptGprs ppt
Gprs ppt
 

Similar to 6.Routing

Exterior Routing Protocols And Multi casting Chapter 16
Exterior Routing Protocols And Multi casting Chapter 16Exterior Routing Protocols And Multi casting Chapter 16
Exterior Routing Protocols And Multi casting Chapter 16
daniel ayalew
 
Tcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport LayerTcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport Layer
tmavroidis
 
Transport Layer
Transport LayerTransport Layer
Transport Layer
tmavroidis
 
Network Layer & Transport Layer
Network Layer & Transport LayerNetwork Layer & Transport Layer
Network Layer & Transport Layer
Sweta Kumari Barnwal
 
TCP Model
TCP ModelTCP Model
TCP Model
manojkum22
 
Tcp
TcpTcp
Tcp
giaolvq
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2
githe26200
 
Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
DAVID RAUDALES
 
Bt0072 computer networks 2
Bt0072 computer networks  2Bt0072 computer networks  2
Bt0072 computer networks 2
Techglyphs
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
SMC Networks Europe
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
adam_merritt
 
CCNA
CCNACCNA
3.Network
3.Network3.Network
3.Network
phanleson
 
Networking in college
Networking in collegeNetworking in college
Networking in college
Harpreet Gaba
 
Firewall
FirewallFirewall
Firewall
Manikyala Rao
 
Pathlet routing CS513
Pathlet routing CS513Pathlet routing CS513
Pathlet routing CS513
Gauri Pulekar
 
Lesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing ALesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing A
Mahmmoud Mahdi
 
Your app lives on the network - networking for web developers
Your app lives on the network - networking for web developersYour app lives on the network - networking for web developers
Your app lives on the network - networking for web developers
Wim Godden
 
Lec21 22
Lec21 22Lec21 22
Chapter_6_ Network Layer.pptx
Chapter_6_ Network Layer.pptxChapter_6_ Network Layer.pptx
Chapter_6_ Network Layer.pptx
duotchol
 

Similar to 6.Routing (20)

Exterior Routing Protocols And Multi casting Chapter 16
Exterior Routing Protocols And Multi casting Chapter 16Exterior Routing Protocols And Multi casting Chapter 16
Exterior Routing Protocols And Multi casting Chapter 16
 
Tcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport LayerTcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport Layer
 
Transport Layer
Transport LayerTransport Layer
Transport Layer
 
Network Layer & Transport Layer
Network Layer & Transport LayerNetwork Layer & Transport Layer
Network Layer & Transport Layer
 
TCP Model
TCP ModelTCP Model
TCP Model
 
Tcp
TcpTcp
Tcp
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2
 
Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
 
Bt0072 computer networks 2
Bt0072 computer networks  2Bt0072 computer networks  2
Bt0072 computer networks 2
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
CCNA
CCNACCNA
CCNA
 
3.Network
3.Network3.Network
3.Network
 
Networking in college
Networking in collegeNetworking in college
Networking in college
 
Firewall
FirewallFirewall
Firewall
 
Pathlet routing CS513
Pathlet routing CS513Pathlet routing CS513
Pathlet routing CS513
 
Lesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing ALesson.7: Configuring IP Routing A
Lesson.7: Configuring IP Routing A
 
Your app lives on the network - networking for web developers
Your app lives on the network - networking for web developersYour app lives on the network - networking for web developers
Your app lives on the network - networking for web developers
 
Lec21 22
Lec21 22Lec21 22
Lec21 22
 
Chapter_6_ Network Layer.pptx
Chapter_6_ Network Layer.pptxChapter_6_ Network Layer.pptx
Chapter_6_ Network Layer.pptx
 

More from phanleson

Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
phanleson
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
phanleson
 
Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
phanleson
 
Authentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless ProtocolsAuthentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless Protocols
phanleson
 
E-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server AttacksE-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server Attacks
phanleson
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
phanleson
 
HBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table designHBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table design
phanleson
 
HBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - OperationsHBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - Operations
phanleson
 
Hbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBaseHbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBase
phanleson
 
Learning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlibLearning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlib
phanleson
 
Learning spark ch10 - Spark Streaming
Learning spark ch10 - Spark StreamingLearning spark ch10 - Spark Streaming
Learning spark ch10 - Spark Streaming
phanleson
 
Learning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQLLearning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQL
phanleson
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Cluster
phanleson
 
Learning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark ProgrammingLearning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark Programming
phanleson
 
Learning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your DataLearning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your Data
phanleson
 
Learning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value PairsLearning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value Pairs
phanleson
 
Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
phanleson
 
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about LibertagiaHướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
phanleson
 
Lecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLLecture 1 - Getting to know XML
Lecture 1 - Getting to know XML
phanleson
 
Lecture 4 - Adding XTHML for the Web
Lecture  4 - Adding XTHML for the WebLecture  4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the Web
phanleson
 

More from phanleson (20)

Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
 
Authentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless ProtocolsAuthentication in wireless - Security in Wireless Protocols
Authentication in wireless - Security in Wireless Protocols
 
E-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server AttacksE-Commerce Security - Application attacks - Server Attacks
E-Commerce Security - Application attacks - Server Attacks
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
HBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table designHBase In Action - Chapter 04: HBase table design
HBase In Action - Chapter 04: HBase table design
 
HBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - OperationsHBase In Action - Chapter 10 - Operations
HBase In Action - Chapter 10 - Operations
 
Hbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBaseHbase in action - Chapter 09: Deploying HBase
Hbase in action - Chapter 09: Deploying HBase
 
Learning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlibLearning spark ch11 - Machine Learning with MLlib
Learning spark ch11 - Machine Learning with MLlib
 
Learning spark ch10 - Spark Streaming
Learning spark ch10 - Spark StreamingLearning spark ch10 - Spark Streaming
Learning spark ch10 - Spark Streaming
 
Learning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQLLearning spark ch09 - Spark SQL
Learning spark ch09 - Spark SQL
 
Learning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a ClusterLearning spark ch07 - Running on a Cluster
Learning spark ch07 - Running on a Cluster
 
Learning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark ProgrammingLearning spark ch06 - Advanced Spark Programming
Learning spark ch06 - Advanced Spark Programming
 
Learning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your DataLearning spark ch05 - Loading and Saving Your Data
Learning spark ch05 - Loading and Saving Your Data
 
Learning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value PairsLearning spark ch04 - Working with Key/Value Pairs
Learning spark ch04 - Working with Key/Value Pairs
 
Learning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with SparkLearning spark ch01 - Introduction to Data Analysis with Spark
Learning spark ch01 - Introduction to Data Analysis with Spark
 
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about LibertagiaHướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
Hướng Dẫn Đăng Ký LibertaGia - A guide and introduciton about Libertagia
 
Lecture 1 - Getting to know XML
Lecture 1 - Getting to know XMLLecture 1 - Getting to know XML
Lecture 1 - Getting to know XML
 
Lecture 4 - Adding XTHML for the Web
Lecture  4 - Adding XTHML for the WebLecture  4 - Adding XTHML for the Web
Lecture 4 - Adding XTHML for the Web
 

Recently uploaded

Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
shanihomely
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
Priyanka Aash
 
What's new in android: jetpack compose 2024
What's new in android: jetpack compose 2024What's new in android: jetpack compose 2024
What's new in android: jetpack compose 2024
Toru Wonyoung Choi
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
Ivanti
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
Priyanka Aash
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc
 
Tailored CRM Software Development for Enhanced Customer Insights
Tailored CRM Software Development for Enhanced Customer InsightsTailored CRM Software Development for Enhanced Customer Insights
Tailored CRM Software Development for Enhanced Customer Insights
SynapseIndia
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Networks
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
Steven Carlson
 
WhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring AppsWhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring Apps
HackersList
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in LibrariesUncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in Libraries
Brian Pichman
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
Ivanti
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
Baishakhi Ray
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 

Recently uploaded (20)

Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
(CISOPlatform Summit & SACON 2024) Cyber Insurance & Risk Quantification.pdf
 
What's new in android: jetpack compose 2024
What's new in android: jetpack compose 2024What's new in android: jetpack compose 2024
What's new in android: jetpack compose 2024
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
(CISOPlatform Summit & SACON 2024) Gen AI & Deepfake In Overall Security.pdf
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
 
Tailored CRM Software Development for Enhanced Customer Insights
Tailored CRM Software Development for Enhanced Customer InsightsTailored CRM Software Development for Enhanced Customer Insights
Tailored CRM Software Development for Enhanced Customer Insights
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
 
Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
 
WhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring AppsWhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring Apps
 
Uncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in LibrariesUncharted Together- Navigating AI's New Frontiers in Libraries
Uncharted Together- Navigating AI's New Frontiers in Libraries
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
 
Semantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software DevelopmentSemantic-Aware Code Model: Elevating the Future of Software Development
Semantic-Aware Code Model: Elevating the Future of Software Development
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 

6.Routing

  • 1. Course 3: Network Security, Section 6 Pascal Meunier, Ph.D., M.Sc., CISSP May 2004; updated July 30, 2004 Developed thanks to the support of Symantec Corporation, NSF SFS Capacity Building Program (Award Number 0113725) and the Purdue e-Enterprise Center Copyright (2004) Purdue Research Foundation. All rights reserved.
  • 2. Course 3 Learning Plan Architecture Physical and link layer Network layer Transport layer Application layer: DNS, RPC, NFS Application layer: Routing Wireless networks More secure protocols: DNSSEC, IPSEC, IPv6
  • 3. Learning objectives Understand how routing works, and its purpose Understand why the IP source routing option is dangerous Understand the algorithms used by the various routing protocols Understand how the algorithms can be attacked Be able to discuss the advantages and disadvantages of the various algorithms
  • 4. Routing Outline Distance vector algorithms RIP Intra-domain routing Path vector protocols BGP Inter-domain routing Link State protocols OSPF
  • 5. Definitions A router connects two or more networks and forwards packets at the network layer (IP) Where to is based on "routes" Routes can be static, or calculated by using a routing protocol Router and gateway are synonyms Autonomous System "A set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs" Encapsulates a set of networks as a single entity, regardless of what happens inside
  • 6. Secure Routing Requirements Routing information must have: Integrity Authenticity Authorization Timeliness Resist replay attacks
  • 7. Source Routing IP option to specify the routes a packet should take In the IP header Data controlled by sender Options: Strict Source Route Exact sequence of routers to use Loose Source Route Specify some routers packets should go through Record Route Figure out which routes a packet takes Return route must be saved and used on all further communications (e.g., TCP segments)
  • 8. Source Routing Attacks An attacker can send a packet specifying the return route The attacker may control one of the "routers" on the return route Attacker needs to send a single valid packet for that new route to be used for the entire TCP connection Initial sequence number just has to be guessed correctly once TCP session sniffing Man-in-the-middle attack On-the-fly packet modification Dropping packets selectively, or all packets TCP IP spoofing Three-way handshake possible because the attacker gets the replies through the specified router
  • 9. Private IP addresses As discussed when presenting the IP protocols, some IP addresses are supposed to be private e.g., 192.168.x.y Source routing could allow contacting hosts on internal networks Even if they are supposedly shielded by NAT devices
  • 10. Exploit Tools "lsrtunnel" allows spoofing the IP address in a TCP session See http://www.synacklabs.net/projects/lsrtunnel/ "lsrscan" scans hosts to find out which ones do loose source routing See http://www.synacklabs.net/projects/lsrscan/
  • 11. Defense Most routers now have an option to disregard source routing options Routers decide which route to use Applications can force the overriding of source routing options Good idea for secure programming RFC 1122 Windows 98, 2000, XP respond to source route packets by reversing the route by default Will forward packets if has multiple network interfaces Need to edit registry (possible since Windows NT 4.0, see Microsoft knowledge base article 217336)
  • 12. ICMP Router Discovery Protocol Already discussed under ICMP "Trust me, I'm a gateway" messages No form of authentication Enabled by default on DHCP clients running Microsoft Windows 95, 98, 98 SE, 2000 machines By spoofing IRDP Router Advertisements, an attacker can remotely add default route entries to a remote system The default route entry added by the attacker will be preferred over the default route obtained from the DHCP server. Windows2000 is less vulnerable as it is impossible to give it a route that is preferred over the default route obtained via DHCP
  • 13. ICMP Attacks Hosts trusting ICMP messages are vulnerable to the same kinds of attack enabled by source routing Exploit tool: "rdp" (L0pht) See http://24.237.160.4/files/networking/rdp.txt Download: http://www.zone-h.org/en/download/category=28/
  • 14. Distance Vector Protocols Routers exchange distance information Routers keep the least expensive routes, and share that information Problems: Trust and robustness issue: pre-processed second-hand information is accepted Distance-vector algorithms are not robust vs. unreliable (noisy) or malicious information. Loops See next slide
  • 15. Loops in Distance-Vector Algorithms Imagine Alice, Bob and Charlie connected in a triangle Alice is connected to Dean Bob and Charlie record a cost of two hops to send packets to Dean Alice loses the connection Charlie decides to use the route to Dean through Bob Alice decides to use the route to Dean through Charlie Bob notices the cost to Dean through Alice increased Loop with updated, ever increasing costs Alice Bob Charlie Dean
  • 16. Avoiding Loops Defense: "Counting to infinity" detection Maximum distance value Infinity is 16 Split horizon Don't advertise a route back to the router that made the route possible Prevents two-computer loops Previous loop example was with split horizon Other heuristics Poisoned reverse Advertise routes back to the router that made the routes possible, but with infinite (16) cost to speed convergence
  • 17. Distance Vector a.k.a. Routing by rumor Routers are advertising routes they are not directly connected to Slow convergence Doesn’t scale well
  • 18. RIP: Routing Information Protocol RFC 1058 (version 1) UDP Port 520 0 1 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | command (1) | version (1) | must be zero (2) | +---------------+---------------+-------------------------------+ | address family identifier (2) | must be zero (2) | +-------------------------------+-------------------------------+ | IP address (4) | +---------------------------------------------------------------+ | must be zero (4) | +---------------------------------------------------------------+ | must be zero (4) | +---------------------------------------------------------------+ | metric (4) | +---------------------------------------------------------------+
  • 19. Black Hole Routing: Incidents at Purdue and MAI Virginia Students in networking class started advertising that they had the fastest route to anywhere, so internet traffic was redirected to CS Dept! MAI Router bug produced the same effect as above and caused the internet to disconnect (1997) Illustrated the need for increased robustness result: access control based on IP address was suggested but is not part of the protocol... defeated by IP spoofing (trivial with UDP messages)
  • 20. Attacks on Distance-Vector Algorithms Malicious router can: Advertise 0-cost to some networks but do not forward DoS for some routes Mallory can create fake messages with UDP spoofing Create loops Send all traffic to one router Make counting to infinity (16) take infinity by resetting the count every so often... Send messages saying that router A is unable to reach its own networks, to other routers...
  • 21. MIM Routing Attack Send a message to all gateways, saying the gateway to network A has made network A unreachable Send another message advertising that you can reach network A cheaply You will start receiving all traffic for network A Forward the traffic to the original gateway, after doing whatever you want to do with it
  • 22. FIRP Attack “Faulty Intermediate Router Problem” In distance vector algorithms, a node sends agregated and processed information from other nodes, which subsequent nodes have to trust Router makes faulty calculations, by accident or on purpose How much a single FIRP can affect the routing? Devastating to distance-vector algorithms
  • 23. RIP V. 2 RFC 2453 Adds authentication via a shared password 16 octets plain text (can be sniffed) Weakest point of failure still brings down the protocol (black hole routing, FIRP problem) Access control recommended but not specified
  • 24. Path Vector Protocols Add policies (rules) on top of distance vector algorithms, to dynamically vary the costs, reject paths, or even choose a non-optimal path Cost is number of Autonomous Systems, not number of routers as for distance-vector protocols (RIP) Can diverge due to reactionary changes in policies, resulting in unstable routes
  • 25. BGP: Border Gateway Protocol Inter-Autonomous System routing protocol Uses TCP (or any reliable transport mechanism) Port 179 RFC 1771 (BGP-4) Optional authentication field Various authentication options Authentication is only in the "OPEN" message Connection can be hijacked afterwards TCP session hijacking
  • 26. BGP Connections Once a connection to another BGP router has been established, it is expected to remain open and stable If it closes: All resources for that BGP connection are deallocated. Routing table entries associated with the remote peer are marked as invalid. The fact that the routes have become invalid is passed to other BGP peers before the routes are deleted from the system. TCP RST attacks can be very damaging! Cause routing instabilities Must use the TCP MD5 signature option (RFC 2385) Or IPSEC, etc...
  • 27. BGP Limitations BGP (Border Gateway Protocol) has all the issues of Distance Vector algorithms New issues due to unsafe policies Reference: “Policy Disputes in Path-Vector Protocols” Timothy G. Griffin, F. Bruce Shepherd, and Gordon Wilfong Works well in practice Popular Quite vulnerable in theory
  • 28. Link State Protocols Each router is responsible for meeting neighbors and learning their names Each router constructs a packet called a Link State Advertisement (LSA) List of neighbors Cost of link LSAs are reliably “flooded” to all routers; everyone gets the same consistent information, so there is no “counting to infinity” or memory. Each router computes the best routes on its own -- no need to trust your neighbor’s calculations.
  • 29. OSPF: Open Shortest Path First It’s an authenticated link state protocol (RFC 2328) running directly on top of IP (proto 89) and using multicasts instead of broadcasts Alternative to RIP Each node advertises only the information it knows first-hand (no hearsay) Every node calculates the paths independently, requiring matching information from both sides of a link to validate it! A single rogue router can’t claim inexistent links.
  • 30. "Fight Back" Phenomenon Because LSAs (Link State Advertisements) are flooded, an LSA produced by a malicious router is sent to all A router that knows better will respond and try to correct a tainted LSA Malicious router has to keep attacking: “persistent” attack is needed More costly to attacker, and less stealthy Better route integrity Real security requires cryptographic signatures
  • 31. Authentication in OSPF Methods: 1. Password (plain text), vulnerable to sniffers 2. Keyed MD5 (a.k.a. HMAC-MD5) K is a shared secret key (padded with zeros) T is the message H() is a hash function like MD5 F(K, T) is a function that pre-mixes T and K Idea: Along with message, send also H(F(K,T)). Routers that know K can verify the integrity of T, as well as authenticate the message. See RFC 1828 Similar to TCP MD5 signature option (RFC 2385)
  • 32. OSPF in IPSEC and IPv6 No authentication at the OSPF level Uses IPSEC/IPv6 to provide security Does not protect against the faulty intermediate router problem (FIRP) Intermediate router is man-in-the-middle MIM protection judged too expensive Must ultimately rely on intrusion detection
  • 33. More on OSPF RFC 2328 "Seven of Nine" Lectures On OSPF http://routergod.com/sevenofnine/
  • 34. IGRP Interior Gateway Routing Protocol also used externally in practice Cisco protocol (1980's) Distance vector algorithm Metric is weighted formula using internetwork delay, bandwidth, reliability, and load Has a "holddown" period for keeping bad routes down and increasing routing information consistency Useful for route stability and against race conditions between routing updates
  • 35. EIGRP Enhanced IGRP (1990's) Distance vector algorithm Uses "Diffusing Update Algorithm (DUAL)" to prevent loops State machine Timers More complex
  • 36. Question Which is an advantage of link state protocols over distance vector algorithms? a) Distance vector algorithms can’t verify the results of calculations presented to them by other routers b) link state protocols are less complex c) link state protocols count to infinity faster than distance vector algorithms d) link state protocols are authenticated
  • 37. Question Which is an advantage of link state protocols over distance vector algorithms? a) Distance vector algorithms can’t verify the results of calculations presented to them by other routers b) link state protocols are less complex c) link state protocols count to infinity faster than distance vector algorithms d) link state protocols are authenticated They are not authenticated by definition OSPF relies on IPSEC/IPv6
  • 38. Question If a router is “lying” (i.e., giving incorrect information) is it easier to find which router is doing so with: a) BGP b) OSPF c) RIP
  • 39. Question If a router is “lying” (i.e., giving incorrect information) is it easier to find which router is doing so with: a) BGP b) OSPF c) RIP
  • 40. Question The goal of authentication in routing protocols is primarily to guarantee which one of these? a) Confidentiality b) Integrity c) Auditability d) Privacy
  • 41. Question The goal of authentication in routing protocols is primarily to guarantee which one of these? a) Confidentiality b) Integrity c) Auditability d) Privacy
  • 42. Discussion Which routing protocol, if any (static routes are also a choice) would you use in: a) A company network with a few subnets What if you wish to provide visitors with internet access? b) In the routers between engineering and company networks c) In an ISP
  • 43. Discussion Which routing protocol, if any (static routes are also a choice) would you use in: a) A company network with a few subnets Static routes b) In the routers between engineering and company networks Routing firewalls c) In an ISP OSPF (and BGP to communicate with upstream internet routers)
  • 44. Mini-Lab The class will design a set of policies for a routing firewall Instructor will write them on whiteboard Define needed functionality Without needed functionality, firewall could just block everything e.g., Web server on other side of firewall Outbound DNS, ssh, ftp (or other update mechanism) Inbound ssh, http, https Define security requirements Which threats do we want to counter? Define network topology e.g., the server behind the firewall is on a separate physical segment Define policies for each network layer ARP, ICMP, etc...
  • 45. Mini-Lab Implement the rules Instructor must decide on which firewall to use and have it ready before this step e.g., SGS appliance Firewall already setup and ready to go If iptables, need setup instructions Setup and run a packet sniffer to verify the effectiveness of rules Bonus activity: Try to break through the firewall e.g., using Firewalk (see http://www.packetfactory.net/Projects/firewalk/)
  • 47. About These Slides You are free to copy, distribute, display, and perform the work; and to make derivative works, under the following conditions. You must give the original author and other contributors credit The work will be used for personal or non-commercial educational uses only, and not for commercial activities and purposes For any reuse or distribution, you must make clear to others the terms of use for this work Derivative works must retain and be subject to the same conditions, and contain a note identifying the new contributor(s) and date of modification For other uses please contact the Purdue Office of Technology Commercialization. Developed thanks to the support of Symantec Corporation
  • 48. Pascal Meunier [email_address] Contributors: Jared Robinson, Alan Krassowski, Craig Ozancin, Tim Brown, Wes Higaki, Melissa Dark, Chris Clifton, Gustavo Rodriguez-Rivera

Editor's Notes

  1. Confidentiality : sự cẩn mật, sự tín mật Audit : sự kiểm toán, kiểm định Privacy : sự bí mật, sự kín đáo