the tech behind cyber security october 31 | part 1: from packets to ip and the “ping of death”:...
TRANSCRIPT
![Page 1: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/1.jpg)
The Tech The Tech Behind Cyber Behind Cyber
SecuritySecurityOctober 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ?|Part 2: Case Study: Distributed Denial, the Tech of Cyber Attack in the Russo-Georgian War of 2008
![Page 2: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/2.jpg)
0 1
![Page 3: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/3.jpg)
bits and bytesbits and bytes• bit: (binary digit) bit• The basic unit of information in
computing, the amount of information stored by a digital device in one of two possible distinct states, not 1 and 2, off/on
• digital value of 1 = positive voltage, up to 5 volts
• digital value of 0 = 0 volts• 8 bits = 1 byte, usually, but depends on
hardware• byte: the number of bits needed to
encode a single character of text in a computer
![Page 4: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/4.jpg)
binary to letterbinary to letter
![Page 5: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/5.jpg)
01110000 = p01101001 = i01111010 = z01111010 = z01100001 = a
![Page 6: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/6.jpg)
data and packetsdata and packets• data: binary files, 01010010010010010… etc.• packet: a unit of data• from binary to text or image• packet: control information and payload• control information: data the network needs to
deliver the payload, ex. address, error control• payload: the content of your “digital letter”
![Page 7: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/7.jpg)
hosts on networkshosts on networks• who has the data? who doesn’t … hosts going
global and mobile• networks: start local, LANs, wireless LANs,
AirBears• client-server model• addresses, what’s your unique network address?• Type: ipconfig, find IPv4 numerical address • ping www.wikipedia.org• ping ist.berkeley.edu• ping www.ca.gov• ping www.usa.gov• ping, an echo request from host to host
![Page 8: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/8.jpg)
ping, an echo requestping, an echo request
![Page 9: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/9.jpg)
ping, the payloadping, the payload
![Page 10: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/10.jpg)
OSI modelOSI model
![Page 11: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/11.jpg)
OSI modelOSI model
Network Ports
21: File Transfer Protocol (FTP)22: Secure Shell (SSH)23: Telnet remote login service25: Simple Mail Transfer Protocol (SMTP)53: Domain Name System (DNS) service80: Hypertext Transfer Protocol (HTTP) used in the World Wide Web110: Post Office Protocol (POP)119: Network News Transfer Protocol (NNTP)143: Internet Message Access Protocol (IMAP)161: Simple Network Management Protocol (SNMP)443: HTTP Secure (HTTPS)
![Page 12: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/12.jpg)
OSI modelOSI model
![Page 13: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/13.jpg)
OSI modelOSI model
![Page 14: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/14.jpg)
internet and the webinternet and the web• internet: network of networks, millions of
networks• web: system of interlinked hypertext documents• ports: http 80• Try it: http://www.techcomfort.com:81
• Try it: http://www.techcomfort.com:80
![Page 15: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/15.jpg)
ping, nslookup ping, nslookup traceroutetraceroute
• how does the traffic flow?• network devices: hubs, routers, switches• using nslookup, names and numbers• nslookup www.berkeley.edu• nslookup www.usa.gov• using traceroute• tracert www.techcomfort.com• tracert www.berkeley.edu• tracert www.ca.gov
![Page 16: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/16.jpg)
attack!attack!Professor Nacht has left instructions for you to build and launch a cyber attack on the nation state of Vulgaria.
You have everything you need to build it. How would you do it?
![Page 17: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/17.jpg)
attack!attack!• Step 0: Recall that an echo request is an ICMP (ping)
message whose data is expected to be received back in an echo reply. The host must respond to all echo requests with an echo reply containing the exact data received in the request message
• Step 1: Create a list of Vulgarian military and civil servers that should be targeted
• Step 2: Write a simple script (program) that repeats your ping request many times a second
• Step 3: Plant this script on computers across the globe
• Step 4: “Flood” the Vulgarian servers with ping requests from multiple hosts…to which it cannot keep up…the result...
![Page 18: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/18.jpg)
attack!attack!
server failure server failure
![Page 19: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/19.jpg)
attack!attack!• You have just conceptualized the opening cyber
salvo used in the Russo-Georgia War of 2008.
• July 19, 2008: The First Salvo of Cyber Attacko flood http www.president.gov.geo flood tcp www.president.gov.geo flood icmp www.president.gov.ge
![Page 20: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/20.jpg)
next time:next time:
Part 2: The Cyber of the Part 2: The Cyber of the Russo-Georgian War of Russo-Georgian War of
20082008Case Study: Distributed Denial: the Tech of Cyber Attack in the Russo-Georgian Conflict of August 2008
![Page 21: The Tech Behind Cyber Security October 31 | Part 1: From Packets to IP and the “Ping of Death”: An Introduction to Cyber November ? |Part 2: Case Study:](https://reader038.vdocuments.site/reader038/viewer/2022110103/5697bfaa1a28abf838c9a5c3/html5/thumbnails/21.jpg)
voltagevoltage• Ethernet cable: 2.0 volts• Composite video: 2.5 volts• Wall socket in US, Canada: 120 volts, sometimes
240