Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher
description
Transcript of Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher
![Page 1: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/1.jpg)
Presented by: HACKERS
Bhupinder Singh NarangFarhad Doneshwar
Ishita JamesJasleen Pandher
Manjot KaurShubha Gururaja Rao
Department of Computer Science & Engineering
San Jose State University
An Analysis of RTSP network securityAn Analysis of RTSP network security
CMPE 209 Team PresentationCMPE 209 Team Presentation
![Page 2: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/2.jpg)
Agenda
Streaming RTSP Security Considerations
![Page 3: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/3.jpg)
Streaming What is Streaming..??
Different Streaming protocols
![Page 4: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/4.jpg)
Introduction to RTSPSession control protocolSupports VCR-like operationsSupports
Media RetrievalAdding media to an existing
sessionActs as a network remote control
![Page 5: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/5.jpg)
Introduction to RTSP (cont.)(cont.)
Protocol PropertiesRTSP message formatRTSP message types:
RequestsResponse
IETF Standard – RFC 2326
![Page 6: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/6.jpg)
RTSP State Transitions
Setup Start an RTSP session and resource allocation for a stream
Play and Record Start data transmission of the stream
Pause Temporarily halt a stream without freeing server resources
Teardown Free resources associated with stream and end of a session
![Page 7: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/7.jpg)
Working of RTSP
![Page 8: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/8.jpg)
RTSP Message Exchange
![Page 9: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/9.jpg)
Authentication MechanismChoice of Authentication Schemes
Basic AuthenticationDigest Authentication
Abuse of Server Log Information Transfer of Sensitive Information Concentrated denial-of-service attack Session hijacking
RTSP Security ConsiderationsRTSP Security Considerations
![Page 10: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/10.jpg)
Authentication Mechanism Client MUST be able to do the
following:• recognize the 401 status code; • parse and include the WWW-
Authenticate header; • implement Basic Authentication
and Digest Authentication.
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 11: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/11.jpg)
Choice of Authentication Schemes•Server may return multiple challenges
with a 401 (Authenticate) response, and each challenge may use a scheme
•"most secure" authentication scheme choice first from server
•possible man-in-the-middle (MITM) attack would be to add a weak authentication scheme to the set of choices
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 12: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/12.jpg)
Basic AuthenticationUser agent must authenticate itself with a user-ID and a password for each realm
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
Server
Unauthorized request for URI
WWW-Authenticate: Basic realm=“ "
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
ClientClient ServerClient ServerClient ServerClient ServerClient ServerClient ServerClient ServerClientWWW-Authenticate: Basic realm=“ "
ServerClient ServerClient ServerClient ServerClient
![Page 13: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/13.jpg)
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
Wireshark Capture
OPTIONS rtsp://127.0.0.1/video/sample_100kbit.mp4 RTSP/1.0CSeq: 3Authorization: Basic YWRtaW46YWRtaW4=User-Agent: VLC media player (LIVE555 Streaming Media v2008.02.08)
RTSP/1.0 200 OKServer: DSS/5.5.5 (Build/489.16; Platform/Linux; Release/Darwin; state/beta; )Cseq: 3Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, OPTIONS, ANNOUNCE, RECORD
DESCRIBE rtsp://127.0.0.1/video/sample_100kbit.mp4 RTSP/1.0CSeq: 4Accept: application/sdpAuthorization: Basic YWRtaW46YWRtaW4=User-Agent: VLC media player (LIVE555 Streaming Media v2008.02.08)
![Page 14: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/14.jpg)
Digest AuthenticationChallenge-Response paradigm
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
ServerClient
Request for access-protected object (No Auth header)
“401 Unauthorized” response (with www-Auth header)
Retry request, passing an authentication header line
![Page 15: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/15.jpg)
Digest Authentication•The Digest scheme challenges using
a nonce value. •A valid response contains a
checksum (by default the MD5 checksum) of the username, the password, the given nonce value, the HTTP method, and the requested URI.
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 16: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/16.jpg)
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
DESCRIBE rtsp://192.168.102.58/streaming_media/sample_100kbit.mp4 RTSP/1.0CSeq: 1Accept: application/sdpBandwidth: 384000Accept-Language: en-USUser-Agent: QuickTime/7.4.1 (qtver=7.4.1;os=Windows NT 5.1Service Pack 2)
RTSP/1.0 401 UnauthorizedServer: DSS/5.5.5 (Build/489.16; Platform/Linux; Release/Darwin; state/beta; )Cseq: 1WWW-Authenticate: Digest realm="Streaming Server", nonce="e539951941e259b7e69f7642cb5ea498"
DESCRIBE rtsp://192.168.102.58/streaming_media/sample_100kbit.mp4 RTSP/1.0CSeq: 2Accept: application/sdpBandwidth: 384000Accept-Language: en-USUser-Agent: QuickTime/7.4.1 (qtver=7.4.1;os=Windows NT 5.1Service Pack 2)Authorization: Digest username="admin", realm="Streaming Server", nonce="e539951941e259b7e69f7642cb5ea498", uri="/streaming_media/sample_100kbit.mp4", response="e68bd443e12e95e91f06225f3dfefe93"
![Page 17: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/17.jpg)
Denial Of Service Attack:• An attacker can initiate traffic to
one or more IP addresses, by specifying them as destination in the setup request.
• If such multiple request exceed a certain number then legitimate request will be denied, leading to an denial of service attack.
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 18: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/18.jpg)
Sessions Hijacking:
• RTSP unlike HTTP is a statefull server.
• It uses Session Ids to keep track of its Sessions.
• As Session Ids can be sniffed, an attacker can use a Session Id to steal a session.
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 19: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/19.jpg)
Abuse of Server Log Information:
• The Servers are capable of storing logs of user Information, like their subjects of interest.
• This information is clearly confidential.
• Hence care must be taken that this information is not available to the attacker.
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 20: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/20.jpg)
Transfer Of Sensitive Information:
• No method of determining the sensitivity of any particular piece of information within the context of any given request
• Applications SHOULD supply as much control over this information as possible to the provider of that information
RTSP Security ConsiderationsRTSP Security Considerations (cont.)(cont.)
![Page 21: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/21.jpg)
IETF Standard – RFC 2326 Real Time Streaming Protocol, April 1998
IETF Standard – RFC 2068 Hypertext Transfer Protocol - HTTP/1.1, January 1997
IETF Standard – RFC 2069 An Extension to HTTP : Digest Access Authentication, January 1997
The VideoLAN forums at http://forum.videolan.org/viewtopic.php?f=13&t=44780&start=0&st=0&sk=t&sd=a
References
![Page 22: Presented by: HACKERS Bhupinder Singh Narang Farhad Doneshwar Ishita James Jasleen Pandher](https://reader036.fdocuments.in/reader036/viewer/2022062521/5681505a550346895dbe5c0d/html5/thumbnails/22.jpg)
Thank You Thank You !!