Modern Networking

Computer Security Lecture, Dr. Lawlor

The complexity of the process by which you're reading this page is really something to behold:
Layer
Purpose
Implementation
Example
Vulnerabilities
Social media
Sharing images of cute animals, political propaganda, etc.
Complex algorithms to predict content you'll engage with.
Facebook
Twitter
Social engineering.
Opsec fail.
Fake news. 
Ad Tracking
Monetize eyeballs by watching browser page views, mouse clicks, scroll times.
A little chunk of javascript sets a "third party tracking cookie" on each visited page.
Google Analytics (utm cookies)
Facebook Ad Manager
Creepily persistent marketing.
Malvertizing (delivering targeted malware via ad networks)
Web Browser Frontend
Request web page from a web server, render page to user, let user interact with page.
Static content sent via HTML or CSS.
Dynamic content sent via JavaScript.
Chrome
Firefox
Edge
Safari
Cross-Site Request Forgery (XSRF)
Browser exploits:
Modern: PDF, JavaScript, GLSL
Older: Flash, Java
(these plugins are typically disabled by default now)
HTTP
Request resource from a web server.
Simple ASCII request / response protocol.
Apache
nginx
Microsoft IIS
Mongoose
Server exploits, today mostly in CGI programmable resources rather than the server itself.

Transport Layer Security (TLS)
Encrypt and authenticate TCP traffic.  Actually optional: bare HTTP on TCP has no privacy or authentication; HTTPS = HTTP + TLS.
x509 certificates, Diffie-Hellman key exchange, secret key encryption (summary)
LibreSSL
OpenSSL
Microsoft TLS
OS X Secure Transport

SSL stripping

Heartbleed (caused the LibreSSL fork)

Transmission Control Protocol (TCP)
Provide continuous, orderly byte streams over unreliable packet networks.  Prevent congestive collapse.
Add a header to IP packets specifying where data goes (port and sequence number).
Limit size of TCP transmission window
nc -l 1234
netstat -tulpan
Guessing TCP sequence numbers to inject traffic (e.g., reset RST packet).
User Datagram Protocol (IP)
Minimize latency for delivering packets.
Add a header to IP packets specifying which service (port number).
nc -u -l 1234

Denial of Service attack. (The classic DoS is a few gigabit/sec of UDP fragments)
Sapphire Worm
Internet Protocol (IP)
Forward packets across networks to destination IP address.
4 byte (IP v4) or
16 byte (IP v6) addresses.
ping 8.8.8.8
Ping of Death (obsolete)
Data Link Layer
Send data to adjacent machine by Media Access Control (MAC) address.
Broadcast routing
Ethernet
Wifi
MAC spoofing

These services are not a direct part of the protocol stack above, but they are important side branches:
Service
Purpose
Implementation
Example
Vulnerabilities
DNSSEC
Authenticate DNS queries
Sign the Zone Signing Keys with a root 2048 bit RSA "Key Signing Key (KSK)" in a signing ceremony. KSK-2010
KSK-2017
DDoS via DNS reflection attack
Domain Name System (DNS)
Convert host names ("lawlor.cs.uaf.edu") to IP address (137.229.25.247).  Augments local /etc/hosts file, a simple text file lookup.
Transmit Resource Records (RRs) for a domain over UDP port 53.
whois lawlor.cs.uaf.edu

BIND DNS server
DNS hijacking
DNS Zone Transfer
Dynamic Host Configuration Protocol (DHCP)
Set up a machine's network connection when it first connects.
Server listens on UDP port 67; client listens on UDP port 68.
ifconfig
dhclient eth0

Rogue DHCP server
Border Gateway Protocol (BGP) Dynamically configure shortest routing path across the internet.
TCP connections on port 179 between neighboring routers.

DoS by advertising bogus routes.
Static Routing
Set up static routes to neighboring machines.
Simple table inside kernel.
route -n

Address Resolution Protocol (ARP)
Find MAC address for known IP address.
Send IP layer broadcast "who has 1.2.3.4?".  Cache the result in the kernel's ARP table.
arp -n
ARP poisoning