tcp/ip: ethernet, ip, and arp (and a pgp refresher) · tcp/ip: ethernet, ip, and arp (and a pgp...
Post on 28-May-2018
253 Views
Preview:
TRANSCRIPT
TCP/IP: Ethernet, IP, and ARP
(and a PGP refresher)
Network Security
Lecture 2
Any questions on…
• Administrativia, organizational matters?
• Historical/cultural overview?
Eike Ritter Network Security - Lecture 2 1
Today
• PGP in 6 slides
• IP
• Ethernet
• ARP
• Attacks: sniffing
Eike Ritter Network Security - Lecture 2 2
PGP
Eike Ritter Network Security - Lecture 2 3
Pretty Good Privacy (PGP)
• Application for data encryption and
decryption created by Phil Zimmermann
• Message format used by PGP is standardized
(RFC 4880), so that interoperability among
different programs is possible
• Here we will use GnuPG
Eike Ritter Network Security - Lecture 2 4
Generating a key
• $ gpg --gen-key
• Every user has one (or more) key pairs,
consisting of a private key and a public key
– The private key can be encrypted using a
passphrase
– All keys are stored in a keyring
• This command generates a new key pair and
stores it in the keyring
Eike Ritter Network Security - Lecture 2 5
Publishing the public key
• $ gpg --export –a ‘Eike Ritter (Test key)’-----BEGIN PGP PUBLIC KEY BLOCK-----Version: GnuPG v1.4.10 (GNU/Linux)
mQENBE8KvXUBCADGTet/EQF0qPeaG5IkwWzGfRxc2XT7I6KvOKI4NverNxC8JijFZKMf0RSZ5himtEVGjXTmc0hyMzuYlDzg/oVM70tygqEEC28IpppdINJVtyUfNYwu……=aGju-----END PGP PUBLIC KEY BLOCK-----
• Public key can be upload it to web site or to keyserver, such as pgp.mit.edu
Eike Ritter Network Security - Lecture 2 6
Encrypting a message
• $ gpg -r <recipient-key> -e secret.txt
• Encrypts the file secret.txt so that the recipient having public key <recipient-key> can recover its plain text content
• In practice, a session key is generated randomly and is used to encrypt (symmetrically) the file
• The session key is encrypted with the public key of the recipient(s) and attached to the file
• Decrypting:$ gpg -d secret.gpg
Eike Ritter Network Security - Lecture 2 7
Signing a message
• $ gpg -s -a secret.txt
• Generates a signature for the given file (in
ASCII format) using the private key of the user
• The signature can be verified by using the
public key of the signer:
$ gpg --verify secret.ascgpg: Signature made Mon 09 Jan 2012 10:43:15 GMT using
RSA key ID AA226670
gpg: Good signature from "Eike Ritter (Test key)
<test@rittere.co.uk>"
Eike Ritter Network Security - Lecture 2 8
Other common operations
• Generating a detached signature
• Signing and encrypting a message
• Web of trust: sign a public key
• Revoking a key
Eike Ritter Network Security - Lecture 2 9
TCP/IP
Eike Ritter Network Security - Lecture 2 10
TCP/IP Protocol Suite
• Network protocols– IP (Internet Protocol)
– ICMP (Internet Control Message Protocol)
• Transport protocols– TCP (Transmission Control Protocol)
– UDP (User Datagram Protocol)
• Application protocols– HTTP (HyperText Transfer Protocol)
– SSH
– DNS
• Other protocols– ARP (Address Resolution Protocol)
Eike Ritter 11Network Security - Lecture 2
TCP/IP layering
Eike Ritter Network Security - Lecture 2 12
Ethernet, WirelessEthernet, Wireless
Network cardNetwork card
IPIP
TCPTCP
SSHSSH
UDPUDP
HTTPHTTPDNSDNSRPCRPC FTPFTP Application
• Application-specific
protocols
Transport
• Ordering, multiplexing,
correctness
Network
• Transmission and routing
across subnets
Data link
• Error control between
adjacent nodes
Physical
• Connect to channel
• Send/receive bytes
ICMPICMP
IP addresses
• Each host has one or more IP addresses for each network interface
• IPv4 addresses are composed of 32 bit (class+netid+hostid)
• Represented in dotted-decimal notation: 147.188.193.82
• Classes (up to ~1993)
Eike Ritter Network Security - Lecture 2 13
Class Starts with Netid bits Hostid bits # hosts
A 0 7 24 16,777,21
4B 10 14 16 65,534
C 110 21 8 254
D 1110 Multicast address
E 1111 Reserved for future use
Special addresses
• 127.0.0.0 – 127.255.255.255: loopback interface
• Private networks (RFC 1597):– 10.0.0.0 - 10.255.255.255
– 172.16.0.0 - 172.31.255.255
– 192.168.0.0 - 192.168.255.255
• Network– hostid bits set to 0
• Broadcast– All bits set to 1: local broadcast
– Netid+hostid with all bits to 1: net-directed broadcast to netid (147.188.255.255)
Eike Ritter Network Security - Lecture 2 14
Classless Inter-Domain Routing (CIDR)
• Classes lead to inefficient use of IP space and to large routing tables– Not enough class B
– Little opportunity for route aggregation (many class C networks geographically dispersed)
• Solution: variable-length subnet masking, i.e., the netid/hostid boundary can be placed on arbitrary bit
• Notation: /N gives the number of bits interpreted as network number (“prefix”)– /24: legacy class C
– /16: legacy class B
– /8: legacy class A
Eike Ritter Network Security - Lecture 2 15
Internet Protocol (IP)
• Transmissions of blocks of data (datagrams) from source to destination
• Standardized in RFC 791
• Transmission properties
– Connectionless
– Unreliable, best-effort• delivery, integrity, ordering, non-duplication are not guaranteed
• IP does handle fragmentation and reassembly of long datagrams
• For direct communication, IP relies on lower level protocols (e.g., Ethernet)
Eike Ritter Network Security - Lecture 2 16
IP datagram
Version HL ToS Total length
Identifier Flags Fragment offset
Time To Live Protocol Header checksum
Source IP address
Destination IP address
Options Padding
Data
Eike Ritter Network Security - Lecture 2 17
0 4 8 12 16 20 24 28 31
IP header
• Normal size: 20 bytes
• Version (4 bits): 4 (IPv4)
• Header length (4 bits): number of 32-bit words in the header, including options (max header size: 60 bytes)
• Type Of Service (8 bits): – Used to be: priority (3 bits), quality of service (4 bits),
unused bit
– Now: Differentiated Services Code Point (6 bits), Explicit Congestion Notification (2 bits)
• Total length (16 bits): datagram length in bytes (max size: 65,535 bytes)
• ID (16 bits): datagram identifier
Eike Ritter Network Security - Lecture 2 18
IP header
• Flags (3 bits) and Offset (13 bits): to support fragmentation
• Time To Live (8 bits): max number of hops in the delivery process
• Protocol (8 bits): specifies the protocol encapsulated in the datagram data (e.g., TCP, UDP)
• Header checksum (16 bits): checksum calculated over the IP header– Recomputed at each hop (TTL, fragmentation)
• Source and destination address (32 bits each): IP addresses of the source and destination of the datagram
Eike Ritter Network Security - Lecture 2 19
IP options
• Present if header length > 5
• Variable length
• Type is identified by first byte
– Record route
– Source route
– Timestamp
– …
• Not often used
Eike Ritter Network Security - Lecture 2 20
IP encapsulation
• How are IP datagrams transferred over a LAN?
• RFC 894 explains IP over Ethernet
– Encapsulation + direct delivery
Eike Ritter Network Security - Lecture 2 21
Frame dataFrame dataFrame headerFrame header
IP headerIP header IP dataIP data
IP direct delivery
• Sender forwards a packet to the final
destination on a directly attached network
Eike Ritter Network Security - Lecture 2 22
147.188.193.82
00:19:D1:80:AE:45147.188.193.15
147.188.193.6
00:04:96:1D:6B:20
From: 00:19:D1:80:AE:45
To: 00:04:96:1D:6B:20
From: 147.188.193.82
To: 147.188.193.6
147.188.193.80
Ethernet
• Widely-used link layer protocol
• Uses CSMA/CD (Carrier Sense, Multiple Access
with Collision Detection)
Eike Ritter Network Security - Lecture 2 23
Dest Src Ethertype Payload CRC
6 bytes 6 bytes 2 bytes 46-1500 bytes 4 bytes
08000800 IP datagramIP datagram
08060806 ARPARP
Address Resolution Protocol (ARP)
• Used to map an IP address to the link-level
addresses associated with the peer’s
hardware interface (e.g., Ethernet)
• ARP messages are encapsulated in the
underlying link-level protocol
Eike Ritter Network Security - Lecture 2 24
Address Resolution Protocol (ARP)
• Host A wants to know the hardware address associated with IP address Ib of host B
• A broadcasts a special message to all the hosts on the same physical link
• Host B answers with a message containing its own link-level address
• A keeps the answer in its cache (for some time, e.g., 20 minutes)
• When A sends its request, A includes its own IP address in the request- As an optimization, the receiver of the ARP request may
cache the requester mapping
Eike Ritter Network Security - Lecture 2 25
ARP messages
• Mapping information– Hardware (2 bytes) [Typically: Ethernet]
– Protocol (2 bytes) [Typically: IP]
– Hardware size (1 byte)
– Protocol size (1 byte)
Typically: 0x0001, 0x0800, 6, 4
• Op: type of message (1: request; 2: response)
• Sender Ethernet/IP: sender data
• Target Ethernet/IP: target data- Target Ethernet is all 0s in request
Eike Ritter Network Security - Lecture 2 26
Hw typeProto
typeHw size
Proto
sizeOp
Sender
Ether
Sender
IP
Target
Ether
Target
IP
ARP traffic
Eike Ritter Network Security - Lecture 2 27
host1# arp –n
host1# ping –c 1 192.168.0.2
04:21:16.312430 ARP, Request who-has 192.168.0.2 tell 192.168.0.1, length 28
04:21:16.312500 ARP, Reply 192.168.0.2 is-at 00:30:48:dd:ec:12, length 46
04:21:16.312506 IP 192.168.0.1 > 192.168.0.2: ICMP echo request, id 16976, seq 1, length 64
04:21:16.312577 IP 192.168.0.2 > 192.168.0.1: ICMP echo reply, id 16976, seq 1, length 64
host1# arp –n
192.168.0.2 ether 00:30:48:dd:ec:12 C eth0
Host2# arp –n
192.168.0.1 ether 00:30:48:de:0b:3a C eth0
host1: 192.168.0.1
00:30:48:de:0b:3a
192.168.0.3 host2: 192.168.0.2
00:30:48:dd:ec:12
ARP request
ARP response
Exercise
• Alice (192.168.1.1) wants to send an IP datagram to Bob (192.168.1.2)
• What happens? (fill in the blanks)
Eike Ritter Network Security - Lecture 2 28
Alice Bob
LAN attacks
Attack Security violation Attacker goal
Sniffing Confidentiality Access to information
Spoofing Authenticity Impersonation of trusted host
Hijacking Confidentiality,
Integrity, Authenticity
Impersonation, access to information
Denial of Service Availability Disruption
Eike Ritter Network Security - Lecture 2 29
Network sniffing
• The attacker sets his/her network interface in promiscuous mode so that all packets can be received (not only those directed to the attacker’s host)
• Can access all the traffic on the segment
• Note: sniffing on University network is a “disciplinary offence”
Eike Ritter Network Security - Lecture 2 30
Network sniffing
• Many protocols (e.g., POP, TELNET, HTTP,
IMAP) transfer sensitive information (e.g.,
authentication credentials) in the clear
• By sniffing the traffic, it is possible to collect
credentials, files, content of visited web
pages, emails, etc.
• Many tools available
Eike Ritter Network Security - Lecture 2 31
tcpdump
• Tool to sniff and analyze the traffic on a network segment
• One of the “standard” network tools
• Based on libpcap, which provides a platform-independent library and API to perform traffic sniffing
• Allows one to specify an expression that defines which packets have to be printed
• Requires root privileges to set the interface in promiscuous mode (regular users can read traffic data saved in a file)
Eike Ritter Network Security - Lecture 2 32
tcpdump: command line options
• -i: use the given network interface
• -r: read packets from a file
• -w: write packets to a file
• -s: specify the amount of data to be sniffed for
each packet (0 means catch whole packets)
• -n: do not convert addresses to names
• -x: print the data of each packet in hex
Eike Ritter Network Security - Lecture 2 33
tcpdump: filters
• If a filter expression is provided, tpcdump only
processes packets matching the expression
• Expression consists of one or more primitives
• Primitives are composed of a qualifier and an
id
• Operators can be used to create complex filter
expressions
Eike Ritter Network Security - Lecture 2 34
tcpdump filters – cont’d
Qualifiers
• Type
– host (host 192.168.0.1)
– net (net 192.168)
– port (port 80)
• Dir: direction of traffic
– src (src host 192.168.0.1)
– dst
• Proto: protocol of interest
– Ether (ether src host 00:0c:29:ab:2c:18)
– Ip
– arp
Operators
• Logical: and, or, not– src host 192.168.0.01 and
dst host google.com
• Relational: <, >, >=, <=, =, !=
• Binary: +, -, *, /, &, |
• Data: proto[expr:size]– expr: offset
– size: # bytes of interest
– ip[0] & 0xf > 5: filters IP datagrams with options
– arp[7] = 2: ARP replies
Eike Ritter Network Security - Lecture 2 35
Wireshark
Eike Ritter Network Security - Lecture 2 36
Detecting sniffers
• Sniffers work by putting the network interface in promiscuous mode
• ifconfig$ ifconfig en1en1:flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu1500
ether d8:a2:5e:ab:cd:efinet 10.4.59.191 netmask 0xffff0000 broadcast 10.4.255.255media: autoselectstatus: active
• On recent Linux versions, this will not (always) work due to changes in how the state of the interface is maintained in the kernel that have not been ported back to tools– Instead, read interface flags from /sys filesystem
– If flags & 0x100 then interface is in promiscuous mode (/include/linux/if.h)# cat /sys/class/net/eth0/flags0x1003# tcpdump –i eth0 &# cat /sys/class/net/eth0/flags0x1103
Eike Ritter Network Security - Lecture 2 37
Detecting sniffers – cont’d
• Remote detection is difficult since sniffers are typically passive programs
• Suspicious DNS lookups– Sniffer attempts to resolve names associated with IP address (e.g., tcpdump
without –n option)
– Generate traffic to/from IP addresses and detect attempts to resolve their names
– $ ping 173.194.37.10416:27:38.657863 IP 172.16.48.130 > 173.194.37.104: ICMP echo request, id 21009, seq 1, length 6416:27:38.659014 IP 172.16.48.139.57105 > 172.16.48.2.53: 20764+ PTR? 104.37.194.173.in-addr.arpa. (45)
• Latency– Since NIC is in promiscuous mode, it will need to process every packet
– Analyze response time of host A (e.g., sending ping packets)
– Generate lots of traffic to other hosts and analyze response time of host A
Eike Ritter Network Security - Lecture 2 38
NEXT ON
Eike Ritter Network Security - Lecture 2 39
Take away points
• Basics of gpg
• Basics of Ethernet, IP, ARP and how they fit
together
• Sniffing on a network
• Tools
– tcpdump
– wireshark
Eike Ritter Network Security - Lecture 2 40
Next time
• Continue analysis of TCP/IP
• More attacks!
Eike Ritter Network Security - Lecture 2 41
top related