the tech behind cyber security october 31 | part 1: from packets to ip and the “ping of death”:...
Post on 17-Jan-2016
216 Views
Preview:
TRANSCRIPT
The Tech The Tech Behind Cyber Behind Cyber
SecuritySecurityOctober 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ?|Part 2: Case Study: Distributed Denial, the Tech of Cyber Attack in the Russo-Georgian War of 2008
0 1
bits and bytesbits and bytes• bit: (binary digit) bit• The basic unit of information in
computing, the amount of information stored by a digital device in one of two possible distinct states, not 1 and 2, off/on
• digital value of 1 = positive voltage, up to 5 volts
• digital value of 0 = 0 volts• 8 bits = 1 byte, usually, but depends on
hardware• byte: the number of bits needed to
encode a single character of text in a computer
binary to letterbinary to letter
01110000 = p01101001 = i01111010 = z01111010 = z01100001 = a
data and packetsdata and packets• data: binary files, 01010010010010010… etc.• packet: a unit of data• from binary to text or image• packet: control information and payload• control information: data the network needs to
deliver the payload, ex. address, error control• payload: the content of your “digital letter”
hosts on networkshosts on networks• who has the data? who doesn’t … hosts going
global and mobile• networks: start local, LANs, wireless LANs,
AirBears• client-server model• addresses, what’s your unique network address?• Type: ipconfig, find IPv4 numerical address • ping www.wikipedia.org• ping ist.berkeley.edu• ping www.ca.gov• ping www.usa.gov• ping, an echo request from host to host
ping, an echo requestping, an echo request
ping, the payloadping, the payload
OSI modelOSI model
OSI modelOSI model
Network Ports
21: File Transfer Protocol (FTP)22: Secure Shell (SSH)23: Telnet remote login service25: Simple Mail Transfer Protocol (SMTP)53: Domain Name System (DNS) service80: Hypertext Transfer Protocol (HTTP) used in the World Wide Web110: Post Office Protocol (POP)119: Network News Transfer Protocol (NNTP)143: Internet Message Access Protocol (IMAP)161: Simple Network Management Protocol (SNMP)443: HTTP Secure (HTTPS)
OSI modelOSI model
OSI modelOSI model
internet and the webinternet and the web• internet: network of networks, millions of
networks• web: system of interlinked hypertext documents• ports: http 80• Try it: http://www.techcomfort.com:81
• Try it: http://www.techcomfort.com:80
ping, nslookup ping, nslookup traceroutetraceroute
• how does the traffic flow?• network devices: hubs, routers, switches• using nslookup, names and numbers• nslookup www.berkeley.edu• nslookup www.usa.gov• using traceroute• tracert www.techcomfort.com• tracert www.berkeley.edu• tracert www.ca.gov
attack!attack!Professor Nacht has left instructions for you to build and launch a cyber attack on the nation state of Vulgaria.
You have everything you need to build it. How would you do it?
attack!attack!• Step 0: Recall that an echo request is an ICMP (ping)
message whose data is expected to be received back in an echo reply. The host must respond to all echo requests with an echo reply containing the exact data received in the request message
• Step 1: Create a list of Vulgarian military and civil servers that should be targeted
• Step 2: Write a simple script (program) that repeats your ping request many times a second
• Step 3: Plant this script on computers across the globe
• Step 4: “Flood” the Vulgarian servers with ping requests from multiple hosts…to which it cannot keep up…the result...
attack!attack!
server failure server failure
attack!attack!• You have just conceptualized the opening cyber
salvo used in the Russo-Georgia War of 2008.
• July 19, 2008: The First Salvo of Cyber Attacko flood http www.president.gov.geo flood tcp www.president.gov.geo flood icmp www.president.gov.ge
next time:next time:
Part 2: The Cyber of the Part 2: The Cyber of the Russo-Georgian War of Russo-Georgian War of
20082008Case Study: Distributed Denial: the Tech of Cyber Attack in the Russo-Georgian Conflict of August 2008
voltagevoltage• Ethernet cable: 2.0 volts• Composite video: 2.5 volts• Wall socket in US, Canada: 120 volts, sometimes
240
top related