Upload
ross-turner
View
214
Download
1
Tags:
Embed Size (px)
Citation preview
Project Objectives OSPF Routing Protocol
Protocol OverviewKnown Attacks Description
Project AccomplishmentsFake Adjacency AttackAdjacency Corruption Attack
Project Summary
Outline
Study of vulnerabilities of OSPF from the protocol perspective
Exploitation of vulnerabilities to attack an OSPF network in new and improved ways
Prove effectiveness of attacks by collecting network statistics in simulated environment
OSPF AttacksProject Objectives
OSPF Routing Protocol Open Shortest Path First
A Second Generation Internal Routing Protocol
Main Purpose – Internal Gateway Protocol – establishment an maintenance of routes within an Autonomous System
Dijkstra Algorithm based routing topology
OSPF Routing Protocol Open Shortest Path First
Link State Advertisement Protocol Hello Protocol - discovery of neighbors and
forming adjacencies (~Every 10 seconds) Most protocol data is exchanged exclusively
over adjacencies Areas – an administrative abstraction
OSPF Routing ProtocolSecurity Features
Simple EncryptionMD5 based Message Authentication Code
‘Natural Fightback’ mechanismFalse LSAs are updated or flushed by legitimate
router
Areas as a Security Measure Flooding of false information is limited to area
of origin
OSPF Routing ProtocolSome Known Attacks
Max Sequence Number AttackPrevents Fightback
False Forwarding Address AttackCreates data loops
False Designated Router AttackImpacts AS connectivity
Fake Adjacency Attack
Attack Goal – Establishing an adjacency with a phantom router
Motivation – Being Adjacent is a powerful position
Link State Databases are synchronized over adjacencies, being adjacent means being able to change other LSDBs at will
Fake Adjacency AttackDescription
Send Spoofed Hello Packet to Victim Network Designated Router
Perform the Adjacency Bring-Up Procedure Without Hearing Victim Response (Send “next packet” every RTT)
Inject False Routing Information Via Spoofed LSU Packets (~ Every 30 minutes)
Maintain Attack By Periodically Sending Spoofed Hello Packets (~Every 10 seconds)
Fake Adjacency Attack
AdvantagesNot Dependent On Network TopologyEasy Maintenance – generating messages for
maintenance is easy, and not frequentPowerful – can cause information loss, not
bothered by limitations caused by areas
DisadvantagesExposed and requires High Maintenance – The
attacker sends a false message every 10 seconds, this is traceable
Adjacency Corruption Attack
Attack Goal – Controlling The Fightback Mechanism
Motivation – Knowing When Fightback Occurs Helps to Overcome It
Lack of Fightback Means False Information Stays in the System Longer
Adjacency Corruption AttackDescription
Send Spoofed LSU to Victim Router Immediately Send Same Spoofed LSU to
Network Designated Router (After RTT)The DR will fight the injected information but it will
be rejected by the victim
Send Spoofed LSA Ack to Network DR (After RTT)
Maintain Attack By Periodically Repeating it (~Every 30 minutes)
Adjacency Corruption Attack
AdvantagesPowerful – can cause information loss or routing
loops, not bothered by limitations caused by areas
Low Maintenance – Attacker sends 3 protocol messages every 30 minutes
DisadvantagesDependent On Network Topology
OSPF AttacksProject Summary
What We Accomplished:Found 2 New Major Security Weaknesses in
OSPFv2 RFC Exploited Said Weaknesses to Gain Positions of
PowerProved Applicability of Exploits Using
OMNET++