Transcript Unsolicited Data Transfers
Methods for Detecting & Handling unsolicited Data Transfers By: Brandon Wright Overview • Background • Fundamental network types • Purpose of OSI model • Common TCP Protocols used in data transfers • Types of data transfer software and uses • Types of unsolicited transfers • Prevention methods for unwanted transfers • Conclusion Background • Before networks, sneakernet was main method for data transfer • First remote data sharing done using Xmodem (1977) • Early 1980s, ISO began development on standardizing specifications for massive computer communication • File Transfer Protocol (FTP) standardized (1985) Fundamental Network Types • • Peer-to-Peer: Every computer communicates directly with other computers on network • Simple configuration/cheap • Not flexible, or very secure Client/server: Sever acts as central computer facilitating communication to client computers. • Much more expensive but scalable • Provides much more surveillance/security Purpose of OSI Model • Seven Layers enable you to send and receive data • Efficiency increased proportionally to security decreasing Common TCP Protocols used in Data Transfers • TCP/IP contains several security flaws • TCP is a connection oriented protocol; SYN-ACK • File Transfer Protocol (FTP) port 20 & 21 • Hypertext Transfer Protocol (HTTP) port 80 • Simple Mail transfer Protocol (SMTP) port 25 Examples of Data Transfer Software • Napster • KaZaA • BitTorrent protocal Napster • Shawn Fanning • Released June 1999 • Legal Issues • Shutdown then reopened KaZaA • Introduced in 2001 • Used FastTrack protocol • Known for bundling malware BitTorrent Protocol • Most common P2P file sharing protocol • Bram Cohen released in April 2001 • Approx. 27-55% of all internet traffic (Feb 2009) • Seeds & Peers Unsolicited File Transfer Examples • Accidental copyright infringement • Pop-ups • Malware • Denial-of-Service attacks • Packet-sniffers • Koobface, the MySpace and Facebook Worms Prevention Methods • IP-blocker/blocklist • Packet-filtering firewall • Statefull/stateless firewall • Content-filters • Intrusion detection & prevention systems • Trap and Trace Systems IP-Blocker • Examples: PeerGuardian, PeerProtector, MoBlock • Use customizable IP block lists • Compiled lists as Iblocklist.com • Can block ports • Is as safe as you make it Packet-Filtering Firewall • Hardware or software • Operates at data link & transport layers • Examines packet headers • Block logical ports Stateful/Stateless Firewall • Differences • Cost • Performance • Security Content-Filters • Also called “reverse firewalls” • Blocks designated traffic • Parental controls Golden Shield Project • China protesters lead to Internet censorship • 30,000 Internet police • Great Firewall of China • DNS cache poisoning Golden Shield Project • http://www.youtube.com/watch?v=iyXtT5oWwIY&feature=related Intrusion Detection & Prevention Systems • Alert • Evasion • False negative/False positive • Confidence value Trap and Trace Systems • Detect and Trace • Use of honey pots with an alarm • Back Hacking Conclusion • Ethical boundaries in file transfers • Censorship • Child abuse • Copyright infringement References • Dean, Tamara. Network+ Guide to Networks. 5th. Boston, MA: Course Technology Ptr, 2009. Print. • Whitman, Michael, and Herbert Mattord. Principles of Information Security. #rd. Boston, MA: Course Technology Ptr, 2009. Print.