CS 6823代写、代写Python，Java程序设计

日期：2023-06-14 09:14

CS 6823 –Network Security

Lab 1 Overview

Task 1: SYN Flood Attacks

Test telnet during a SYN Flood, with SYN Flood protections ON and OFF

There are two SYN Flood protection methods:

SYN Cookies

Reserve TCP Connections for “proven destinations”

Task 2: TCP RST Attack

Guess the correct SEQ/ACK Number to perform a RST Attack

5% bonus for fully automating the attack

Task 3: TCP Session Hijacking

Guess the correct SEQ/ACK, 5% for automating the attack

Task 4:

Reverse shell. Same as Task 3, but add a reverse shell exploit

SYN flood defense: SYN cookies (1)

When SYN segment arrives, host B calculates function (hash) based on:

Apache example: Source and destination IP addresses and port numbers, and a secret number

Host B uses resulting “cookie” for its initial seq # (ISN) in SYNACK

Host B does not allocate anything to half-open connection:

Does not remember A’s ISN

Does not remember cookie

SYN flood defense: SYN cookies (2)

If SYN is legitimate

Host A returns ACK

Host B computes same function, verifies function = ACK # in ACK segment

Host B creates socket for connection

Legit connection established without the need for half-open connections

If SYN-flood attack with spoofed IP address

No ACK comes back to B for connection.

No problem: B is not waiting for an ACK

TCP RST Attack

Attacker can break the TCP connection by sending a TCP RST

Must match the SEQ and ACK Numbers

Session hijacking

Take control of one side of a TCP connection

Marriage of sniffing and spoofing

Session hijacking: The details

Attacker is on segment where traffic passes from Alice to Bob

Attacker sniffs packets

Sees TCP packets between Bob and Alice and their sequence numbers

Attacker jumps in, sending TCP packets to Bob; source IP address = Alice’s IP address

Bob now obeys commands sent by attacker, thinking they were sent by Alice

Principal defense: encryption w/ auth protocol

Attacker does not have keys to encrypt and insert meaningful traffic