We present overview of several of our recent results on practical attacks on the core Internet protocols: TCP, IP, DNS and HTTP. Our attacks are all by off-path spoofing adversary, i.e., do not require eavesdropping abilities. The attacks can be abused in many ways, including threats to integrity and confidentiality (e.g., via injection of malicious scripts/applets into web pages, for XSS, CSRF and phishing attacks, or via DNS poisoning), as well as for devastating Denial of Service (DoS) attacks. Our attacks circumvent challenge-responses defenses such as TCP's three-way handshake and DNS's random source ports; indeed, one conclusion is increased motivation to use cryptographic (MitM-proof) security mechanisms (although, shorter-term defenses and patches are also possible).
I will try to make the talk high-level and self-contained, and not rely on prior knowledge of networking protocols.
The presentation is based on joint works with Raz Abramov, Yossi Gilad and Haya Shulman.