Dialog Challenge-Response Demonstration
You can reach this dialog via the menu entry Indiv.
Procedures \ Protocols
\ Network Authentication.
Here the way is described how to handle the
challenge-response demonstration:
-
By pressing F1 you can get the help for the outline of all challenge-response scenarios.
-
On the left margin there is a series of buttons. By pressing one of them
several scenarios (like Password) can be started.
-
Beneath there is the Quit button.
-
On the white surface area some scenarios are demonstrated. A network with
following elements form the basis of all scenarios:
-
Squares represent computers and their users. Routers direct data between the
nodes of the network. Servers make information and services available to the
client.
-
Lines are the network connections between the computers.
-
All elements pictured in blue are normal parts of the networks, red elements
belong to the attacker or are subject to his control.
-
In the rightmost margin there are buttons for manipulating stations and
connections:
-
The empty button means: Select no action.
-
With the buttons Link and Unlink you can influence the status of connections. If
you click on connecting and then on one of the router a (red) connection
between the attacker and the router will be applied. If you click on separating
and then on the connection in progress the red connection will be cleared, blue
connection will be displayed as black and separated. Each of both commands can
be reversed by the other one.
-
Attack station is possible, when your computer is directly or through network
connected to the station. You can assume control over the other computer if it
is not well-protected. Server 1 and Client are well-protected, Server 2 and the
routers are vulnerable. Attacked computers will be displayed as red and you get
a copy of all data saved on this computer. Furthermore, this computer will send
you a copy of each incoming data packet.
-
If you click on Quit attacking station you cancel the attack and the computer
will be displayed as blue again.
-
On the left beside the client there is the Authenticate client button which
starts the protocol of the chosen scenario.
-
The attacker has an Authenticate attacker button as well. So the attacker
(you) can initiate the protocol from his computer and can try to be accepted by
the server as client. Needless to say, it works only if the necessary data have
been spied out before. Apart from the authentication button there is the Mask
button. With the right configuration (which you have to find out) it is
possible to identify yourself to the client as server and to the server
as client (man-in-the-middle-attack).
-
Down to the right on the white surface area there is the Help for scenario
button by which you can have access to specific scenario support sites (and
from there to the solutions).
-
To restore the initial state of a scenario press Reset scenario.
-
In the display under the white scenario surface there is a short explanation of
the scenario and of the task in each case. Further information and solutions can be
accessed by using help.
