DOC PREVIEW
DREXEL ECES 490 - Lec41d

This preview shows page 1-2-3 out of 9 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Slide 1Network Denial-of-Service Attacks and Other Network-Application-Based AttacksNetwork Denial-of-Service AttacksSlide 4Slide 5Slide 6Sequence Number AttacksSlide 8Other Network-based AttacksTelecommunications Networking IILecture 41dDenial-of-Service AttacksNetwork Denial-of-Service AttacksandOther Network-Application-Based AttacksNetwork Denial-of-Service Attacks•Attacker’s objectiveTo interrupt or reduce the quality of services…as experienced by legitimate users•Many attacks have innocent counterparts (e.g., someone sends me a very large E-mail attachment, and blocks my access to other messages)Network Denial-of-Service Attacks•The “SYN” Flooding attack:-In TCP, one establishes a connection by sending a synchronization (SYN) message to the host one wishes to communicate with-The attack: send a large number of SYN messages (with phony source addresses) to a host. This overloads the buffer in the host that keeps track of TCP connections (and half-connections) in progressTCP SYN Flooding AttackSYN(500)SYN(1024), ACK(501)No acknowledgement of prior SYN segment…....More new SYN segmentsMore SYN acknowledgements ...Network Denial-of-Service Attacks•The “SYN” Flooding attack:-Some protection can be gained by configuring networks so that they will not accept IP packets from external (to the network) sources whose source addresses are internal to the network; and which will not allow internal sources to send IP packets to external destinations if the source addresses used are not internal addressesSequence Number Attacks•Disable a host that is trusted by the target (intended victim) machine•Initiate a TCP connection by impersonating the disabled host (I.e., use it’s IP address) and sending a SYN message.•Guess the initial sequence number that the target system will use; and respond with an acknowledgement.TCP Sequence Number AttackSYN(500)SYN(800), ACK(501)ACK(801)ACK(801), dataACK(801), FIN(1012)ACK(1013)ACK(1013), FIN(800) ACK(801)ACK( )Ref: “Firewalls and Internet Security”Other Network-based Attacks•See Cheswick and Bellovin Chapter 2•Many network-based attacks are caused by the lack of strong authentication of sources (e.g., it is easy to impersonate another machine by using its IP address) and lack of encryption on IP network


View Full Document

DREXEL ECES 490 - Lec41d

Download Lec41d
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lec41d and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lec41d 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?