Unsolicited Data Transfers

download report

Transcript Unsolicited Data Transfers

Methods for Detecting &
Handling unsolicited Data
Transfers
By: Brandon Wright
Overview
•
Background
•
Fundamental network types
•
Purpose of OSI model
•
Common TCP Protocols used in data transfers
•
Types of data transfer software and uses
•
Types of unsolicited transfers
•
Prevention methods for unwanted transfers
•
Conclusion
Background
•
Before networks, sneakernet was main method for
data transfer
•
First remote data sharing done using Xmodem (1977)
•
Early 1980s, ISO began development on standardizing
specifications for massive computer communication
•
File Transfer Protocol (FTP) standardized (1985)
Fundamental Network
Types
•
•
Peer-to-Peer: Every computer communicates directly
with other computers on network
•
Simple configuration/cheap
•
Not flexible, or very secure
Client/server: Sever acts as central computer
facilitating communication to client computers.
•
Much more expensive but scalable
•
Provides much more surveillance/security
Purpose of OSI Model
•
Seven Layers enable you to send and receive data
•
Efficiency increased proportionally to security
decreasing
Common TCP Protocols used in Data
Transfers
•
TCP/IP contains several security flaws
•
TCP is a connection oriented protocol; SYN-ACK
•
File Transfer Protocol (FTP) port 20 & 21
•
Hypertext Transfer Protocol (HTTP) port 80
•
Simple Mail transfer Protocol (SMTP) port 25
Examples of Data Transfer
Software
• Napster
• KaZaA
• BitTorrent protocal
Napster
•
Shawn Fanning
•
Released June 1999
•
Legal Issues
•
Shutdown then reopened
KaZaA
•
Introduced in 2001
•
Used FastTrack protocol
•
Known for bundling malware
BitTorrent Protocol
•
Most common P2P file sharing protocol
•
Bram Cohen released in April 2001
•
Approx. 27-55% of all internet traffic (Feb 2009)
•
Seeds & Peers
Unsolicited File Transfer
Examples
• Accidental copyright infringement
• Pop-ups
• Malware
• Denial-of-Service attacks
• Packet-sniffers
• Koobface, the MySpace and Facebook
Worms
Prevention Methods
• IP-blocker/blocklist
• Packet-filtering firewall
• Statefull/stateless firewall
• Content-filters
• Intrusion detection & prevention systems
• Trap and Trace Systems
IP-Blocker
•
Examples: PeerGuardian, PeerProtector, MoBlock
•
Use customizable IP block lists
•
Compiled lists as Iblocklist.com
•
Can block ports
•
Is as safe as you make it
Packet-Filtering Firewall
•
Hardware or software
•
Operates at data link & transport layers
•
Examines packet headers
•
Block logical ports
Stateful/Stateless Firewall
•
Differences
•
Cost
•
Performance
•
Security
Content-Filters
•
Also called “reverse firewalls”
•
Blocks designated traffic
•
Parental controls
Golden Shield Project
•
China protesters lead to Internet censorship
•
30,000 Internet police
•
Great Firewall of China
•
DNS cache poisoning
Golden Shield Project
•
http://www.youtube.com/watch?v=iyXtT5oWwIY&feature=related
Intrusion Detection &
Prevention Systems
•
Alert
•
Evasion
•
False negative/False positive
•
Confidence value
Trap and Trace Systems
•
Detect and Trace
•
Use of honey pots with an alarm
•
Back Hacking
Conclusion
• Ethical boundaries in file transfers
• Censorship
• Child abuse
• Copyright infringement
References
•
Dean, Tamara. Network+ Guide to Networks. 5th. Boston, MA:
Course Technology Ptr, 2009. Print.
•
Whitman, Michael, and Herbert Mattord. Principles of Information
Security. #rd. Boston, MA: Course Technology Ptr, 2009. Print.