Vafa Izadinia - Profile on Academia.edu (original) (raw)
Related Authors
Fraunhofer Institute for Open Communication Systems (Fraunhofer FOKUS)
Uploads
Papers by Vafa Izadinia
Computers & Security, 2006
Operating System fingerprinting is a reconnaissance method which can be used by attackers or fore... more Operating System fingerprinting is a reconnaissance method which can be used by attackers or forensic investigators. It identifies a system's identity by observing its responses to targeted probes, or by listening on a network and passively observing its network 'etiquette'. The increased deployment of encrypted tunnels and Virtual Private Networks (VPNs) calls for the formulation of new fingerprinting techniques, and poses the question:
This paper addresses some of the discriminants that make IPSec tunnel fingerprinting possible. Fi... more This paper addresses some of the discriminants that make IPSec tunnel fingerprinting possible. Fingerprinting of VPN-tunnel endpoints may be desirable for forensic purposes, but in the hands of individuals of ill-intent, it undermines an enterprise network's perimeter security. Three ways of preventing the ill-use of this type of fingerprinting are presented. The first two, apply to enterprises wishing to make their VPN tunnels immune to fingerprinting. The third delves deeper into the conceptual, and is directed at the standards definition process, as used by the Internet Engineering Task Force (IETF) and to authors of security-related RFCs in particular. It addresses aspects in the Internet Key Exchange version 1 (IKEv1) RFC that have led to misinterpretations on the part of IPSec implementers, and describes the use of a form of process algebra known as Communicating Sequential Processes (CSP) in defining security-related standards to overcome RFC-related ambiguities.
Computers & Security, 2006
Operating System fingerprinting is a reconnaissance method which can be used by attackers or fore... more Operating System fingerprinting is a reconnaissance method which can be used by attackers or forensic investigators. It identifies a system's identity by observing its responses to targeted probes, or by listening on a network and passively observing its network 'etiquette'. The increased deployment of encrypted tunnels and Virtual Private Networks (VPNs) calls for the formulation of new fingerprinting techniques, and poses the question:
This paper addresses some of the discriminants that make IPSec tunnel fingerprinting possible. Fi... more This paper addresses some of the discriminants that make IPSec tunnel fingerprinting possible. Fingerprinting of VPN-tunnel endpoints may be desirable for forensic purposes, but in the hands of individuals of ill-intent, it undermines an enterprise network's perimeter security. Three ways of preventing the ill-use of this type of fingerprinting are presented. The first two, apply to enterprises wishing to make their VPN tunnels immune to fingerprinting. The third delves deeper into the conceptual, and is directed at the standards definition process, as used by the Internet Engineering Task Force (IETF) and to authors of security-related RFCs in particular. It addresses aspects in the Internet Key Exchange version 1 (IKEv1) RFC that have led to misinterpretations on the part of IPSec implementers, and describes the use of a form of process algebra known as Communicating Sequential Processes (CSP) in defining security-related standards to overcome RFC-related ambiguities.