1

Part 5: Network Security

Network Attacks Intrusion Detection Servers and Security Authentication Secure Communication Cryptography Applications

2

Network Security Basics

Network security protocols have been designed and deployed, early in the life of the open Internet

Network security is a complex arena, but most of the simple protocols are effective, efficient and widely deployed

“Internet Threat Model:The network is insecure and subject to attacks, the end systems are secure.

Assumes there are no viruses and other system level threats Solves the network insecurity problem, but leaves the more

important threat not addressed

3

Basic Network Attacks

Port Scans or mapping attacks (nmap) Create blueprint of network Find what listens to the network, what ports are

open Reconnaissance

Sniffing non-switched networks Many tools exist

ARP Spoofing Switched networks use “intelligent” switching of

packets Capture packets on switched networks

MAC flooding/ARP poisoning Overflow the MAC table in switches

MAC duplication Fool switches, similar to the ARP spoofing attack

Countermeasures:

IP filtering

Port Security on Switches

4

Network and TCP attacks

Routing Attacks Attacking routers, NATs and firewalls Attacking BGP hosts Changing routes

DNS Attacks Provide false DNS information Pharming attacks

SYN Attacks Malicious headers, non conforming

responses

Various TCP attacks Bad packets, malformed headers

Countermeasures:

Routing Security (no workstations for routing, use “proper routers)

Secure DNS

TCP has been hardened and many attacks do not work.

5

WiFi Attacks

Eavesdropping on WiFi networks Open radio network, cannot be prevented VPN and SSL usage is highly recommended

Evil Twin attack Set up access point with same SSID

WEP attack WEP is badly broken and is not secure

MAC spoofing Access MAC filtered networks (all paid networks)

WiFi seems to be “inherently insecure”, but use of encryption can make it as secure as wired networks

Standards keep changing and more security features keep getting added

6

DoS

Overloading a resource with a flood of spurious traffic Network routers Servers Network Stacks (e.g. the sync attack) Authenticators

The DDoS attack uses zombies to generate traffic to a particular victim resource

No good solution exists A threat to the Internet Infrastructure

7

Intrusion Detection

A phrase used for a variety of techniques to detect malicious access

Basic techniques: Statistical Anomaly Detection Pattern Matching Deep packet inspection

More techniques File Integrity checkers

(Tripwire)

Some are quite intricate advances and obscure techniques

BorderRouterFirewall

IDS

Honeypot

Servers

DMZ

8

Intrusion Detection

IP Filtering Can stop many port scans from outside Cannot stop internal attacks from viral

infections Packet Inspection

Statistical checks and content checks cat “+” > ./rhosts

Honeypots Open, often unpatched matching in

DMZ Used to see what attacks are happening

File Integrity Get hashes of files and store them, and

check against actual files Not too difficult to attack and disable

Host based IDS One system only

Network based IDS Listens to packets

Layered approached Many techniques

Knowledge based updates

Bastion hosts ..more…

9

Firewalls

Firewalls are effective against some buffer overflow attacks and some Trojan software

Stops the silly tricks, lets the smart ones go

Firewalls can be implemented in hardware and software They each have their share of advantages

Firewalls can implement NAT = Network Hardware Translation

Best reasons to have a firewall: Stops access to open ports where default, poorly configured servers

listen Stops access to several buffer overflow exploits NAT makes the computer essentially invisible to scanners

10

Software Firewalls

Built into the kernel, handles messaging into and out of the machine

Can monitor programs that send data out, useful for detecting malware (not effective)

Can close and/or monitor some open ports Can have “smarts” Disadvantages:

Can be easily turned off by malware A lot of confusing warnings Cannot detect stealthy programs (e.g. one that piggybacks over the

email program or web browser) Incoming connection protection is doubtful, and can introduce more

vulnerabilities

11

Hardware Firewalls

Essentially a “NAT server” [NAT = network address translation]

Hides the machine at a fictitious IP address, all incoming messages go to the firewall

Allows only outgoing connections from the machine Others can reply to the host, but cannot initiate communications to

the host Stops all network attacks Except the ones that can figure out how to mimic responses rather

than initiations (connection hijack attacks)

Disadvantages Cannot monitor outgoing traffic No “Smarts”

12

Denial of Service

Protection against DoS and DDoS Hard to do, not many effective techniques Packet filtering has to be done

How to detect, what to throw? Fooling DoS detectors can cause DoS attacks

Global traffic shaping Internet has no central control

Backbone Networks Autonomous Systems

13

Network Application Security

Web server security Attacks on web servers Scripting attacks, injection attacks Data compromise attacks Denial of Service Attacks

Mail Server Security Spam filtering is essential Open relays, sendmail configurations Containing Hoaxes

DNS security DNS attacks and configuration

Database server security SQL checkers Scripting attacks Backdoors

14

ISP protection

Many forms of packet filtering Ports are blocked

For SMTP servers Inbound and outbound port blocks Some are done for profit

Traffic Shaping “Net Neutrality” debate

15

Network Security and Cryptography

Network Security makes heavy use of cryptography Different from system security

Cryptographic Algorithms Encryption, hashing, random numbers, identities

Cryptographic Protocols A set of steps executed by multiple parties such that no one trusts

each other, but if everyone is truthful, the end goal is reached “Self Enforcing Protocols” Authentication, Key Exchange, Challenge response, Message

Authentication Codes (MAC), secret sharing

16

“Secret” Communication

Alice send a message to Bob, encrypted using a key (k). Many encryption algorithms, known and trusted DES, 3DES, AES, IDEA An attacker cannot read the contents of the message

Alice also embeds a cryptographic hash in the message, that is also encrypted with k as well as a timestamp or sequence number

Bob and ensure an attacker did not replace the message with a random bit string, or is replaying an older message from Alice

Problem: Alice and Bob have to prearrange a key “k” Use PKI to exchange keys Watch out for MITM attacks Preinstalled keys can be used <<< more complicated than it seems

17

Authentication

Used to ensure Alice and Bob are sure about who they are communicating with

Also helps in key exchange

Passwords Public Key based Protocols

Simple authentication (passwords, hash chains) Multi Factor Authentication PKI Authentication – used in SSL/IPSec Certificate based Authentication

18

Authentication - passwords

Ubiquitous and insecure A shared secret scheme, prone to leakage Dictionary attacks, keyboard sniffing attacks, phishing

attacks PIN usage in debit cards – bad Biometrics – bad

19

Authentication – hash chains

SKEY Create a chain of hashes:

Seed = S

H1 = h(S)

H2 = h(H1)

H3 = h(H2)

Server stores HN+1 and gives the client the chain.

Client uses HN for 1st login

Client uses HN-1 for 2nd login

[A more practical scheme using time is used in the RSA secure-id card]

20

Authentication Challenge Response

Shared secret challenge response is secure if the shared secret can be kept securely

Client and Server know a secret S

Challenge: Server sends to client a random number R

Response: Client responds with ES (R)

PKI based challenge response is better, covered in Cryptography section.

21

Single Sign on Systems

Sign on once and access a variety of services Eliminates multiple username/password problems Passwords do not get propagated to service providers Has met with limited success

Microsoft passport is essentially dead Liberty Alliance is struggling Microsoft CardSpace is tying a fresh start

Cardspace is the only one using public keys and has provisions for securely storing private keys on smartcards

Late, but much needed

Kerberos is old technology but widely used in organizations

22

Kerberos (three-headed guard dog)

A popular methods for single sign on for organizations

Client authenticates with an Authentication Service

Client contacts ticket granting service to get a ticket for a particular server

Client provides server with ticket and server provides client with service

Based on a lot of pre-arranged shared secrets

client

authenticator

Ticket granting

server

ServiceProvider

Kac

KtcKas

23

Tk, L, Kcs, “S”,

Simplified Kerberos Protocol

Client C contacts Kerberos K and authenticates

Client asks for ticket to Server S

Client sends Server

Server Acks,

client

authenticatorTicket

granting server

ServiceProvider

Kkc Kks

Tk, L, Kcs, “C”Kks

Kkc

Tk, L, Kcs, “C”Kks

“C”, Tc

Kcs

KERBEROS

Tc + 1Kcs

KcsTk : timestamp at KL: Ticket LifetimeKkc, Kks: prearranged shared secretsKcs: temporary shared secret

24

Secure Communication: SSL or IPSec

SSL (Secure Sockets layer) is pervasive, IPSec is a standard

Most VPNs use IPSEC

End to end, security, with server authentication, and optional client authentication

Servers have certificates issued by a CA Client authenticates the server certificate, using challenge response Clients can authenticate to server via certificates, or via password Has a wide range of supported underlying algorithms for session

key, public key and hashes

25

SSL Protocol

SSL Protocol (basic)

Alice Bob Hello RA = <random number>

Bob Alice Hello <Bobs Certificate>, RB = <random number>

Alice Bob Prove it!

Bob Alice EK2B ( h (RA, RB))

Alice Bob EK1B (session key)

SSL Communications:

EKEY(message, EKEY( h (message)))

26

SSL

The SSL protocol is an implementation of the basic protocol with lots of bells and whistles

Well designed Attacks against the implementation have been found, but

have been fixed Current implementation is considered robust and safe

Features Cipher Suite negotiation Compatibility Client and Server generated random numbers No Challenge-Response actually needed (!)

27

SSL Protocol

ClientHello (224 bits)

ServerHello (224 bits)Server Certificate

Verify Server CertificateGenerate Pre-Master-Secret [384-bits]

Send pre-master-secret, encrypted with Server Public Key

Generate “Key Material” Generate “Key Material”

MUST BE THE SAME!

Cipher Negotiation

28

Hello

Client Hellostruct {

ProtocolVersion client_version; Random random; SessionID session_id; CipherSuite cipher_suites;CompressionMethod compression_methods; }

Server Hello struct {

ProtocolVersion server_version; Random random; SessionID session_id; CipherSuite cipher_suite; CompressionMethod compression_method; }

29

Key Material

master_secret = MD5(pre_master_secret + SHA('A' + pre_master_secret + ClientHello.random + ServerHello.random)) + MD5(pre_master_secret + SHA('BB' + pre_master_secret + ClientHello.random + ServerHello.random)) + MD5(pre_master_secret + SHA('CCC' + pre_master_secret + ClientHello.random + ServerHello.random)); key_block = MD5(master_secret + SHA('A' + master_secret + ServerHello.random + ClientHello.random)) + MD5(master_secret + SHA('BB' + master_secret + ServerHello.random + ClientHello.random)) + MD5(master_secret + SHA('CCC' + master_secret + ServerHello.random + ClientHello.random)) + [...];

Key block is then partitioned into “client write key”, “server write key”, “client MAC”, “server MAC”

30

Problems with SSL

CA public keys stored in browser, can be attacked After an SSL connection is opened, a virus can use the

secure connection to defraud or steal information Earlier known attacks

Weak encryption Timing attacks Buffer overflow attacks

31

Email Privacy

Email is not private Email privacy can be achieved with encryption

Key exchange issues Public Key Management If we had certificates, email privacy would be easy to achive

Currently, sending/receiving encrypted email arouses suspicion

Workaround is steganography

Email privacy is supported via PGP and GPG Several commercial solutions that do not interoperate Hushmail

32

PGP - GPG

Pretty Good Privacy and Gnu Privacy Guard Email and encrypted file systems Public keys for email transport and signatures “Web of Trust”

Alice can sign Bob’s public key, if she knows Bob P2P version of certificate authorities

How private keys are generated and stored depends upon the implementation

How public keys are distributed also depends upon implementation

Signatures are supported

33

Spam

Spam is not just an irritant, it is a security risk Spam is the carrier of choice for:

Viruses Phishing attacks Malformed URLs Various fraudulent scams Luring users to dangerous websites More to come

Fighting spam is not working, due to many technical issues Compatibility Signed email can combat spam, but would create segregated email

communities

34

Email Signing

Digital signatures on email can identify sender and stop spam and spoofed emails

DomainKey: A email signature scheme developed by Yahoo and used by Yahoo Mail and Google Mail

All mail sent via Yahoo or Google servers have a domainkey signature

Cannot be spoofed, signature cannot be lifted Yahoo and Google ensures spam is not sent from their servers (and

a few more) Ensuring all received mail has valid domainkey would make

spamming difficult Would also stop all email not originating from yahoo/google

Domainkey signatures are never checked as of now

35

Security Policies

A catchall phrase that encompasses all rules and enforcement used by an organization to ensure security

Has to be dynamic and flexible Covers

Networking systems Computer systems User rights Data policies Resource usage policies Email policies File systems

36

More issues

Advisories Patches Attack recovery Perimeter Safety Service Security Baseline Security Physical Security Transport Security File systems BGP and routing protocols Hoaxes Mobile Security