Lecture 2.pdf
Transcript
Networking Basics, Attacks, and HTTP INFO-3174: Web Security WEB DEVELOPMENT & INTERNET APPLICATIONS Internal First: An Important Disclaimer DO NOT perform attacks against any system without permission...
Networking Basics, Attacks, and HTTP INFO-3174: Web Security WEB DEVELOPMENT & INTERNET APPLICATIONS Internal First: An Important Disclaimer DO NOT perform attacks against any system without permission Not sure if something is an “attack”? Don’t do it. What makes something an attack? Internal Internal INFO3174 – Web Security Lecture 2: Part I Communications Internal Communication Includes three key elements: The source The destination The transmission medium Protocols govern the rules that govern the communication, permitting interpretation Internal Network Protocols Two models: Internal The TCP/IP Model A model that depicts operation of the protocols at each layer and the relation and interaction with surrounding layers Application – Represents data used by the user/application Transport – Supports communication across devices and networks Internet – Transmission of datagrams across network boundaries (such as a router) Link Layer – Transmission between two hosts on a local network Internal The Protocol Stack Communication between hosts requires the interaction between a number of protocols Interaction between protocols can be visualized as a stack This stack illustrates protocols as a layered hierarchy This separation of functions enables each layer to operate independently Internal The Protocol Stack Data Data Internet 165.24.32.12 184.53.65.211 HTTP (Application) TCP (Transport) IP (Internet) Ethernet (Link) Internal The Protocol Stack Hypertext Transfer Protocol (HTTP) –governs the way a web server and client interact. HTTP defines the content and formatting of the requests and responses that are exchanged between the client and server. Transmission Control Protocol (TCP) –manages individual conversations. TCP is responsible for guaranteeing the reliable delivery of the information and managing flow control between the end devices. Internet Protocol (IP) – responsible for delivering messages from the sender to the receiver. IP is used by routers to forward the messages across multiple networks. Ethernet – responsible for the delivery of messages from one NIC to another NIC on the same Ethernet local area network (LAN). Internal The Protocol Stack vs. Human Verbal Communication Hypertext Transfer Protocol (HTTP) vs. English Transmission Control Protocol (TCP) vs. Formal greeting and engagement Internet Protocol (IP) vs. Body language and vocalization Ethernet vs. Transmission of sound through the air Not a perfect comparison… Internal Servers Support many languages in the form of Application layer protocols Identified on the internet by their Internet Protocol (IP) Address If you want to talk to a server, how do you address it? Internal Servers http://192.168.1.1:80 Application Layer IP Address Port Protocol Internal Ports A logical construct A port is a communication endpoint to identify a service A 16-bit unsigned integer (port number) – 0 to 65,353 Used to distinguish between different services offered by a given host A socket is an IP, Protocol, and Port combination – an endpoint for sending/receiving data Common numbers as “assigned” by the Internet Assigned Numbers Authority (IANA) Internal Internal Internal INFO3174 – Web Security Lecture 2: Part II Attacks Internal Definitions What is an attack? When incidents occur, they can be intentional or accidental We refer to intentional, offensive maneuvers targeting information systems as attacks or cyberattacks We will look at four primary categories: Access Modification Denial-of-Service (DoS) Repudiation Internal Access Attacks Gaining access to information you are not authorized to see Attacks against Confidentiality Could include access to: Work/personal PCs Servers Digital media Hardcopy Communications channel Internal Access Attacks: Examples Shoulder surfing Simply looking over someone’s shoulder or otherwise observing sensitive information Eavesdropping Listening in to conversations Interception Active attack against a communication channel Attacker inserts themselves in the middle of an information path Man-in-the-middle attacks Internal Internal Modification Attacks Unauthorized modification to information An attack against the information’s integrity Can be performed against data in transit or at rest Typically involves one of the following operations: Insertion Deletion Update Internal Denial-of-Service (DoS) Attacks Attacks that deny legitimate users their use of resources Attacker themselves may not need the ability to access or modify information in order to deny others those privileges Examples: vandalism, extortion (such as ransomware) Can involve deletion or encryption of data, interference with communications, disabling of computer systems; anything that impacts availability As with other attacks, a DoS may not be intentional Internal Repudiation A denial of truth Often understood through non-repudiation; a security feature that provides proof of the origin of data or identity associated with some action (such as authentication) Physical example: written signatures Internal Repudiation Attacks Attacks against the accountability of information Types of attacks: Masquerading Identity theft, spoofing Denial of event Disavowing that a transaction occurred Internal INFO3174 – Web Security Lecture 2: Part III HTTP Internal HTTP Application-layer protocol The foundation of the web and web applications HTTP – Hypertext Transfer Protocol HTTP/1.1 is currently most pervasive, but HTTP/2 is common A request-response protocol (stateless) Typically, the client (browser) makes the request and the server (web application) responds Most important protocol for web security! Internal HTTP Internal Internal Internal HTTP Internal INFO3174 – Web Security LAB 2 Internal
