第二讲(上)
网络安全缺陷与常见攻击原理
应用层协议安全问题分析
•互联网体系结构
•局域网相关协议风险分析
•IP协议层协议风险分析
•TCP/UDP协议风险分析
brittany murphy
•路由及域名系统风险分析
•应用层协议风险分析
stradivarius2 Routing Protocols
Intra-AS: RIP, OSPF,IS-IS Inter-AS: BGP
3
Routing Protocols
•RIP, RFC1058,(Rest in Pieces)–UDP , port 520, broadcast, no
authentication
–RIPv2, RFC 2453, MD5 auth, unicast
–RIPng, RFC2080, IPv6
•BGP,v4 RFC4271, 2006
–TCP,port 179
–RFC2385,Protection of BGP Sessions via the TCP MD5 Signature Option
4
escapement
5
雅虎翻译器
6
7
讨论
•TCP MD5 Signature 对于GFW 类型的RST 攻击如何?
8
路由欺骗
•路由协议缺乏认证功能
–RIP ,OSPF, BGP
A
coldturkeyB
C
从我这里去往C
的
天使的英文距离最短
零基础英语学习网站9
BGP route lection
•Best path
besides的用法•Most specific prefix
P=192.0.2.1/32
10
•AS7007 incident, 1997
–7007 Explanation and Apologyrn
•it.edu/mail.archives/nanog/1997-04/msg00444.html
–Murphy's Law Strikes Again: AS7007
•lists.ucc.gu.uwa.edu.au/pipermail/lore/2006-August/000040.html英汉字典
•Pakistan Hijack YouTube, 2008
–YouTube Hijacking: A RIPE NCC RIS ca study –www.ripe/news/study-youtube-hijacking.html
11
AS36561 (YouTube) announces 208.65.152.0/22
12
AS17557 (Pakistan Telecom) has been announcing 208.65.153.0/24
13AS36561 (YouTube) is announcing 208.65.153.0/25 and 208.65.153.128/25 14
announce 101.1.1.1/32202.2.2.2/32Root DNS
202.2.2.2
101.1.1.1
15
•路由系统安全问题与防范
