11 - Network Security Flashcards
Why do we need network security?
Attacks:
- Routing (BGP)
- Naming (DNS)
Reasons Internet’s Design is Insecure
- Designed for simplicity
- “On by default”
- Hosts are insecure
- Attacks can look like “normal” traffic
- Federated design
Packet-switched networks are vulnerable to
resource exhaustion attacks
Components of Security
Availability: ability to use a resource Confidentiality: concealing information Authenticity: assures origin of information Integrity: prevent unauthorized changes Threat: potential violation Attack: action that violates
Denial of Service Attack ? (Component)
Availability
Control plane authentication (Routing Security)
- Session: point-to-point b/w routers
- Path: protects AS path
- Origin: ensures that AS advertising prefix is the owner
A route hijack is an attack on the following form of authentication:
Origin, because in a route hijack, the AS that is advertising the prefix is actually not the rightful owner of that prefix.
How? (Attacks on Routing)
- Config error
- Routers compromised
- Unscrupulous ISPs
Types of Attack
- Config/Management software
- Tamper w/software
- Tamper w/ routing data
Most common: “Hijack”
DNS masquerading
Attack whereby an attacker can use the BGP infrastructure to hijack a DNS query and masquerade as a legitimate service
AS-path poisoning
Make sure hijacked route is not accepted
Session Authentication
Ensure BGP routing messages sent between routers between ASs are authentic.
Guaranteeing Origin & Path Authentication
“Secure BGP” (BGPSEC)
Origin Attestation (Address Attestation): Certificate binding prefix to owner (signed by trusted party)
Path Attestation: Signatures along AS path
Path Attestation prevents against:
Hijacks
Shortening
Modification
Path Attestation cannot prevent against:
Suppression
Replay
Why is DNS Vulnerable?
- Resolvers trust responses
- Responses can contain info unrelated to query
- NO AUTHENTICATION
Connectionless (UDP)
Which aspects of DNS make it vulnerable to attack?
Queries over UDP
No authentication for query responses
Defense against DNS cache poisoning
- Query ID + Randomization (Can be guessed)
- Source port randomization (resource intensive and NAT can derandomize)
- “0X20” encoding -> DNS is case insensitive
(attacker would have to guess ID and also capitalization)
Why does 0x20 make DNS more secure?
Additional entropy
DNS Amplification Attack
- Exploits asymmetry in size b/w queries & responses
DNSSEC Protocol
- Adds authentication to DNS responses simply by adding signatures to the responses that are returned for each DNS reply.
