pk.org: CS 419/Lecture Notes

Network security

Terms and concepts you should know

Paul Krzyzanowski – April 10, 2024

General concepts

  • Internet design goals and priorities
    • Packet switching
    • End-to-end principle
  • Protocol layers
  • Protocol encapsulation
  • Data link, network, transport, application layers
  • Broadcast

Link layer

  • CAM overflow
  • Switch table
  • Forwarding & filtering
  • Port security
  • 802.1x
  • Managed switch
  • LAN vs. VLAN
  • VLAN trunking
  • 802.1Q, Extended Ethernet frame
  • VLAN hopping attack
  • Auto-trunking

Link layer - Network layer interaction

  • ARP cache poisoning
  • MAC address vs. IP address
  • ARP table (cache)
  • Gratuitious ARP
  • Dynamic ARP inspection

Link-Network layer

  • DHCP spoofing

Transport layer

  • UDP packet forging
  • TCP sequence numbers
  • TCP sequence number prediction attack
  • TCP SYN flooding attack
  • SYN cookies

Network Layer - Routing

  • Purpose of BGP
  • BGP advertisements
  • BGP hijacking
  • Prefixes
  • RPKI framework
  • Longer route prefixes = More specific routes

DNS

  • Domain Name System (DNS), DNS Resolver
  • Pharming attack
  • DNS spoofing attack (cache poisoning)
  • DNS pharming attack
  • Query ID
  • DNSSEC
  • DNS TTL (time to live)
  • DNS Rebinding attack
  • DNS pinning