Categories
Network security

FIT5044 – Network Security Week 7

Unfortunately I missed week 7’s lecture thus will be making only a review of the lecture notes. The topic for week 7 was the IP layer and IP security. Using the simplistic network layering of App, Trans, Network, Data Link and Physical [All trains now depart promptly]. We see that the IP is a network level protocol. It is the most common network layer,  a list of other network layers can be found here: http://en.wikipedia.org/wiki/Network_Layer#Protocols. Importantly the function of the network layer is end-to-end routing of packets through networks. The security concerns listed in the lecture were:

  • Authentication
  • Message reply
  • Message alteration
  • Message delay and denial

Some of the original vulnerabilities associated with the IP layer (ping of death and smurf  attacks) were outlined. Next some of the key components of the IP layer were introduced:

  • Bridge
  • Router
  • Gateway
  • Firewall

With the basics out of the way, notes on how to increase the security of the network layer commenced. Authentication, Integrity and Confidentiality were identified and IPSec posed as a  partial solution. Authentication and confidentiality can be enhanced with IPsec through the Authentication Header [AH] and Encapsulating Security Payload [ESP].

 

AH.ESP
Authentication header and Encapsulating Security Payloads

The application of IPSec comes in two modes:

  • Transport mode: Peer-to-peer communications, generally used in internal network comms. Data packets are encrypted, headers are not.
  • Tunnel mode: Header and payload are encrypted, most commonly seen in remote-access.

The remainder of the lecture notes focussed on an explanation of the encryption and key exchanges. A decent summary video which helped me: