inf526: secure systems administrationusing the .htaccess file. • pep: • pdp: • pap: • pip:...
TRANSCRIPT
![Page 1: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/1.jpg)
INF526: Secure Systems Administration
Quiz Review andAdversarial Security Planning
(continued)
Prof. Clifford Neuman
Lecture 58 February 2017OHE100C
![Page 2: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/2.jpg)
Class Presentation Schedule2/8 Miles Wright-Walker - Developing adversarial security plan
2/15 Matthew Jackoski - Red Teaming / Pen Testing Tools 2/22 Abdulla Binkulaib - Developing a response plan3/1 Jikun Li - Linux security administration3/8 Daniel Dmytrisin - Network security components & Tech 3/22 Haibo Zhang - Network Security administration3/29 Mariam Fahad Bubeshait - Configuration Management4/5 Mohammed Alsubaie – SIEM and Intrusion Detection4/12 Vishnu Vadlamani - Network Monitoring/Attack Forensics4/19 Andrew Gronski - Accreditation and acceptance testing
1
![Page 3: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/3.jpg)
But First – Review of Quiz 1
Policy Administration - A system is secure if it correctly applies policies for access to system resources. The application of policy has several distinct components that may occur in different places, or different modules within a system.
– Policy Enforcement Point– Policy Decision Point– Policy Administration Point– Policy Information Point
2
![Page 4: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/4.jpg)
Web ServerFor each of the systems described below, use your best explanation to describe what constitutes each function and where that function occurs in the system or supporting infrastructure.• Access control for files exported through a web server
such as apache when page permissions are managed using the .htaccess file.
• PEP: • PDP: • PAP: • PIP:
3
![Page 5: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/5.jpg)
Appliance FirewallFor each of the systems described below, use your best explanation to describe what constitutes each function and where that function occurs in the system or supporting infrastructure.• Filtering of packets passing through an appliance firewall. • PEP: • PDP: • PAP: • PIP:
4
![Page 6: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/6.jpg)
Unix/Linux FilesystemFor each of the systems described below, use your best explanation to describe what constitutes each function and where that function occurs in the system or supporting infrastructure.• Access to local files with standard unix permissions on a
system running Linux or Unix. • PEP: • PDP: • PAP: • PIP:
5
![Page 7: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/7.jpg)
Banking ApplicationFor each of the systems described below, use your best explanation to describe what constitutes each function and where that function occurs in the system or supporting infrastructure.• Access to your customers account balance through a web
server in the banking example that we have been discussing in class.
• PEP: • PDP: • PAP: • PIP:
6
![Page 8: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/8.jpg)
Minimization
Minimization, Provide examples of minimization, and steps that you can take to achieve such minimization, in each of the situations discussed below.• Reduction of the attack surface for servers
running within your corporate network.
7
![Page 9: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/9.jpg)
Minimization
Minimization, Provide examples of minimization, and steps that you can take to achieve such minimization, in each of the situations discussed below.• Reduction of impact for insider threats, or for
compromise resulting from subversion of server processes.
8
![Page 10: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/10.jpg)
Minimization
Minimization, Provide examples of minimization, and steps that you can take to achieve such minimization, in each of the situations discussed below.• Reduction of the impact to other systems on your
network when one system is compromised or subverted.
9
![Page 11: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/11.jpg)
Security Requirements Documents
List the kinds of requirements that should be specified in a security requirements document.
– Include a 1 or 2 sentence description of what is described by the requirement. (A security requirements document might sometimes be referred to as a security policy, or an organizational security policy, but I am avoiding the term “security policy” because that term is sometimes used to refer to other policies within a system. Here I am concerned with the broader use of the term. )
• Physical Security Requirements– Includes placement of devices, requirements for
physical protection such as locks, doors, cages, cables, building defenses, and protection of portable media. Could include tempest requirements, visibility requirements, and screening on entrance or exit from a facility.
10
TrialPaySB
![Page 12: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/12.jpg)
Security Requirements Documents
• Personnel Security Requirements– Includes information on required reference checks,
criminal background checks, training, code of conduct, and procedures for revoking access and vetting for special access.
• Authentication and Identity Management Policies– Requirements for multi-factor authentication, password
strength, no sharing of accounts, federated identity management, password resets, etc.
11
![Page 13: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/13.jpg)
Data Protection Policies
• Information Flow Policies (MAC)– Marking, removal of media, who may access, non-
disclosure requirements.– Encryption requirements for data in place or in transit.
• Email and communication policies• Software installation and access policies• Monitoring policies
• Others?
12
![Page 14: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/14.jpg)
INF526:Security Systems Administration
Student PresentationAdversarial Security Planning
M.S. Candidate Myles Wright-Walker
February 8, 2017
![Page 15: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/15.jpg)
What is an Adversarial Security Plan?• An adversarial security plan enables an entity to develop
an awareness of their networks and systems in order to protect data, safeguard their operations, and guard their infrastructure.
14
![Page 16: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/16.jpg)
Purpose of an Adversarial Security Plan
• Predicting intentions and future actions of malicious entities
• Limit attack surface
• Assist in developing a containment architecture in case of breach
15
![Page 17: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/17.jpg)
What is Situational Awareness?
• The United States Marine Corps defines situational awareness as the:
“Knowledge and understanding of the current situation which promotes timely, relevant, and
accurate assessment of friendly, enemy, and other operations within the battlespace in order to facilitate decision making” (MCRP 5-12A).
16
![Page 18: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/18.jpg)
Situational Awareness in Regards to Cyber Security
• Within the cyber domain, this doctrine of situational awareness provides:
1. A precise understanding of the resources within your systems and network.
2. An accurate awareness of the operations and personnel that contribute to the overall function of the system and network.
17
![Page 19: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/19.jpg)
Situational Awareness in Regards to Cyber Security
3. An accurate and in-depth assessment of current resources and operations as well as weaknesses
4. An understanding of an adversaries potential targets and what can be used to exploit them to cripple systems.
5. Provides flexibility.
18
![Page 20: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/20.jpg)
Elements of Developing Cyber Situational Awareness
NIST Cybersecurity and Cyber Infrastructure and Key Resources (CIKR) Framework.
19
![Page 21: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/21.jpg)
Goals of Attackers: Methodology• Attackers generally implement the following
methodology:1. Reconnaissance Information gathering, What/ Who is the target?
2. Scanning/ Enumerating What is the attack surface? Ex: Access points/ open ports, live
hosts, accounts, policies, etc.3. Gaining Access Breaching systems, executing malicious software
4. Maintaining Access Establishing backdoors, unpatched systems
5. Clearing Evidence Decoy traffic, log manipulation, obfuscation of identity
20
![Page 22: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/22.jpg)
Goals of Attackers: Targets• As stated in the previous lecture, adversaries will target:
– The weakest link within a target system or network• Example: Unpatched systems
– Weaknesses within the system environment• Example: Open ports, weak security mechanism policies
– Subversion of defenses• Example: IDS evasion, disabling firewalls
21
![Page 23: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/23.jpg)
Goals of Attackers: Tools• Reconnaissance
1. DNS Look Up root# whois abc.com
2. Getting IP Addresses Use a “whois” client
3. Trace the IP root# traceroute abc.com
4. Identify servers Use the host command
• Scanning and Enumerating Targets– Port/ TCP scanning, Nmap, and Nessus
22
![Page 24: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/24.jpg)
Goals of Attackers: Tools• Gaining Access
– Metasploit, oclHashcat
• Maintaining Access– Establishing backdoor through creating user accounts or taking
over unused accounts.– Metasploit Meterperter
• Clearing Evidence– VPN service/ Other Encrypted Communication– Proxies– Botnet– Log Manipulation (Not Always Plausible)
23
![Page 25: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/25.jpg)
Consequences of Breach• In order to understand the consequences of an attack, it
is necessary to develop a risk model, with the purpose of:– Reducing, avoiding, accepting, and transferring risk
Remember from INF519: Risk of an Attack = Vulnerability x Threat
orRisk = Cost x Probability of an Attack
Outlined in: NIST 800-39 Managing Information Security Risk & NIST 800-30 Guidance for Conducting Risk Assessments
24
![Page 26: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/26.jpg)
Prioritizing Resources for Defense• In order to defend your network and system against
attacks, it is necessary to develop a threat model with the purpose of:
– Identifying threats• Vulnerabilities• Deficiencies in security requirements and design
– Identifying countermeasures• Technical mechanisms• Administrative and physical controls• Personnel Security and Training• Physical Security
– Identifying weakest link through being repeatable
25
![Page 27: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/27.jpg)
Case Study• Consider you work at a data center in charge of
centralizing an organization’s IT operations and equipment. You are instructed to ensure that the data stored within the server room is secure.
• Environmental Factors:– The room is secured through two factor authentication.– Personnel who access the server room require an escort of
equal or higher clearance.– The HVAC systems are controlled through a 3rd party– All the appropriate MAC and DAC policies are implemented.
26
![Page 28: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/28.jpg)
Case Study1. Set Goals and Objectives of Organization (Top-Level
Awareness).a) Identify who you are protecting, what you are protecting, where
you are protecting said assets, and why.
2. Identify assets, systems, and networks.
3. Assess Risk.a) Enumerate threats, vulnerabilities, impact, likelihood (of attack
and success), predisposing conditions, and countermeasures.
27
![Page 29: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/29.jpg)
Case Study4. Prioritize Resources
a) Set metrics to identify what assets require the most security and implement security mechanisms appropriately
5. Implement Situational Awareness Security Plan
6. Measure and monitor effectiveness.a) Verify implemented mechanisms are configured and working
properly.b) Determine ongoing effectiveness.c) Identify and take into consideration risk impacting changes to
systems and network, and act accordingly.
28
![Page 30: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/30.jpg)
INF526: Secure Systems Administration
Virtualization
Prof. Clifford Neuman
Lecture 58 February 2017OHE100C
![Page 31: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/31.jpg)
Virtualization
• Management– You can running many more “machines” and create
new ones in an automated manner.– This is useful for server farms.
• Separation– “Separate” machines provide a fairly strong, though
coarse grained level of protection.– Because the isolation can be configured to be almost
total, there are fewer special cases or management interfaces to get wrong.
![Page 32: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/32.jpg)
Virtualization and Containment
• The separation provided by virtualization may be just what is needed to keep data managed by trusted applications out of the hands of other processes.
• But a VM would have to make sure the data is protected on disk as well.
![Page 33: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/33.jpg)
Virtualization
• Operating Systems are all about virtualization–One of the most important function of a
modern operating system is managing virtual address spaces.
–But most operating systems do this for applications, not for other OSs.
![Page 34: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/34.jpg)
Virtualization and Administration
• Issues affecting administration of virtual machines– Containment– Side Channels– Throwaway mentality– Stateless machines– Privileged remote access– Less physical or siloed specialization– Relationship to cloud computing
33
![Page 35: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/35.jpg)
Virtualization of the OS
• Some have said that all problems in computer science can be handled by adding a later of indirection.– Others have described solutions as reducing the
problem to a previously unsolved problem.• Virtualization of OS’s does both.
– It provides a useful abstraction for running guest OS’s.
– But the guest OS’s have the same problems as if they were running natively.
![Page 36: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/36.jpg)
Is Virtualization Different?
• Same problems– Most of the problems handled by hypervisors are the
same problems handled by traditional OS’s• But the Abstractions are different
– Hypervisors present a hardware abstraction.• E.g. disk blocks
– OS’s present and application abstraction.• E.g. files
![Page 37: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/37.jpg)
Virtualization
• Running multiple operating systems simultaneously.– OS protects its own objects from within– Hypervisor provides partitioning of
resources between guest OS’s.
![Page 38: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/38.jpg)
Managing Virtual Resource
• Page faults typically trap to the Hypervisor (host OS). – Issues arise from the need to replace page tables
when switching between guest OS’s.– Xen places itself in the Guest OS’s first region of
memory so that the page table does not need to be rewitten for traps to the Hypervisor.
• Disks managed as block devices allocated to guest OS’s, so that the Xen code to protect disk extents can be as simple as possible.
![Page 39: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/39.jpg)
Virtualization
• Operating Systems are all about virtualization–One of the most important functions of
a modern operating system is managing virtual address spaces.
–But most operating systems do this for applications, not for other OSs.
![Page 40: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/40.jpg)
Virtualization of the OS
• Some have said that all problems in computer science can be handled by adding a layer of indirection.– Others have described solutions as reducing the
problem to a previously unsolved problem.• Virtualization of OS’s does both.
– It provides a useful abstraction for running guest OS’s.
– But the guest OS’s have the same problems as if they were running natively.
![Page 41: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/41.jpg)
What is the benefit of virtualization
• Management– You can run many more “machines” and create new
ones in an automated manner.– This is useful for server farms.
• Separation– “Separate” machines provide a fairly strong, though
coarse grained level of protection.– Because the isolation can be configured to be almost
total, there are fewer special cases or management interfaces to get wrong.
![Page 42: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/42.jpg)
What makes virtualization hard
• Operating systems are usually written to assume that they run in privileged mode.
• The Hypervisor (the OS of OS’s) manages the guest OS’s as if they are applications.
• Some architecture provide more than two “Rings” which allows the guest OS to reside between the two states.– But there are still often assumptions in
coding that need to be corrected in the guest OS.
![Page 43: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/43.jpg)
Managing Virtual Resource
• Page faults typically trap to the Hypervisor (host OS). – Issues arise from the need to replace page tables
when switching between guest OS’s.– Xen places itself in the Guest OS’s first region of
memory so that the page table does not need to be rewritten for traps to the Hypervisor.
• Disks managed as block devices allocated to guest OS’s, so that the Xen code protects disk extents and is as simple as possible.
![Page 44: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/44.jpg)
Partitioning of Resources
• Fixed partitioning of resources makes the job of managing the Guest OS’s easier, but it is not always the most efficient way to partition.– Resources unused by one OS (CPU,
Memory, Disk) are not available to others.• But fixed provisioning prevents use of
resources in one guest OS from effecting performance or even denying service to applications running in other guest OSs.
![Page 45: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/45.jpg)
The Security of Virtualization
• +++ Isolation and protection between OS’s can be simple (and at a very coarse level of granularity).
• +++ This coarse level of isolation may be an easier security abstraction to conceptualize than the finer grained policies typically encountered in OSs.
• --- Some malware (Blue pill) can move the real OS into a virtual machine from within which the host OS (the Malware) can not be detected.
![Page 46: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/46.jpg)
Virtualization and Trusted Computing
• The separation provided by virtualization may be just what is needed to keep data managed by trusted applications out of the hands of other processes.
• But a trusted Guest OS would have to make sure the data is protected on disk as well.
![Page 47: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/47.jpg)
XEN Hypervisor Intro
• An x86 virtual machine monitor • Allows multiple commodity operating systems
to share conventional hardware in a safe and resource managed fashion,
• Provides an idealized virtual machine abstraction to which operating systems such as Linux, BSD and Windows XP, can be portedwith minimal effort.
• Design supports 100 virtual machine instances simultaneously on a modern server.
Arun Viswanathan(Slides primarily from XEN website
http://www.cl.cam.ac.uk/research/srg/netos/xen/architecture.html)
![Page 48: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/48.jpg)
Para-Virtualization in Xen
• Xen extensions to x86 arch – Like x86, but Xen invoked for privileged ops– Avoids binary rewriting– Minimize number of privilege transitions into Xen– Modifications relatively simple and self-contained
• Modify kernel to understand virtualised env.– Wall-clock time vs. virtual processor time
• Desire both types of alarm timer– Expose real resource availability
• Enables OS to optimise its own behaviour
Arun Viswanathan(Slides primarily from XEN website
http://www.cl.cam.ac.uk/research/srg/netos/xen/architecture.html)
![Page 49: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/49.jpg)
Copyright © 1995-2012 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
Xen 3.0 Architecture
Event Channel Virtual MMUVirtual CPU Control IF
Hardware (SMP, MMU, physical memory, Ethernet, SCSI/IDE)
NativeDeviceDrivers
GuestOS(XenLinux)
Device Manager & Control s/w
VM0
GuestOS(XenLinux)
UnmodifiedUser
Software
VM1
Front-EndDevice Drivers
GuestOS(XenLinux)
UnmodifiedUser
Software
VM2
Front-EndDevice Drivers
UnmodifiedGuestOS(WinXP))
UnmodifiedUser
Software
VM3
Safe HW IF
Xen Virtual Machine Monitor
Back-End
VT-x
x86_32x86_64
IA64
AGPACPIPCI
SMPFront-End
Device Drivers
Arun Viswanathan(Slides primarily from XEN website
http://www.cl.cam.ac.uk/research/srg/netos/xen/architecture.html)
![Page 50: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/50.jpg)
Copyright © 1995-2012 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
x86 CPU virtualization
Xen runs in ring 0 (most privileged)Ring 1/2 for guest OS, 3 for user-space
GPF if guest attempts to use privileged instrXen lives in top 64MB of linear addr space
Segmentation used to protect Xen as switching page tables too slow on standard x86
Hypercalls jump to Xen in ring 0Guest OS may install ‘fast trap’ handler
Direct user-space to guest OS system callsMMU virtualisation: shadow vs. direct-mode
Arun Viswanathan(Slides primarily from XEN website
http://www.cl.cam.ac.uk/research/srg/netos/xen/architecture.html)
![Page 51: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/51.jpg)
Copyright © 1995-2012 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
VMWare
Goals - provide ability to run multiple operating systems, and to run untrusted code safely. Isolation primarily from guest OS to the outside. This can provide
isolation betweenguest OS’s
Often configured torun inside a largerhost OS, but alsosupport a VMMlayer as an option.
Figure by Carl Waldspurger - VMWARE
![Page 52: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/52.jpg)
Copyright © 1995-2012 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE
VMWare Memory VirtualizationFigure by Carl Waldspurger - VMWARE
Intercepts MMU manipulating functions such as functions that change page table or TLB
Manages shadowpage tables withVM to MachineMappings
Kept in syncusing physicalto page mappingsof VMM.
![Page 53: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/53.jpg)
Virtualization and Containment
• Stronger containment than within O/S
• Weaker than provided in segregated hardware
• Can provide visibility into VM by security tools
• Concern with subversion of Host/Hypervisor
52
![Page 54: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/54.jpg)
Virtualization and Side Channels
– Multi-Tenant architecture (cloud)– Ability to monitor performance and power to monitor
and spy on activities in other virtual machines.
53
![Page 55: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/55.jpg)
Virtualization and Throwaway
– VM’s can be recreated easily and automatically.– This allows administrators to be careless– It allows fast recovery– But new instance of machine has same vulnerabilities
of compromised machine.
54
![Page 56: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/56.jpg)
Stateless Virtualizaton
• Tendency to store persistent data on separate services such as NAS.
• Those external services must be considered part of attack surface.
• Local state such as logs might be lost, use network based monitoring.
55
![Page 57: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/57.jpg)
Privileges and Virtualizaton
• Inherent privleges used to be based on access to console and the physical machine.
• Console access is “remote” when using virtual machines, and thus such access may be available without true physical access.
56
![Page 58: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/58.jpg)
No Silos in Virtualizaton
• System Administrator functions used to be specialized: Backup, hardware, OS, applications.
• With virtualization, almost all is an application.• Therefore administrators now need full range of
knowledge.
57
![Page 59: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/59.jpg)
Virtualizaton and the Cloud
• What happens when you “outsource” administration of your VMs.– Policy on assignment to providers– Accreditation of providers– Need visibility through “information points” in policy
evaluation.– Side channels an issue for multi-tenancy.
58
![Page 60: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/60.jpg)
Group Exercise One
• Decide on the software components to be deployed to implement software requirements on next slide.– Custom development should be simple scripts.– Use packages for database and other components.
• Decide on the VM’s to be created to run those software components.– You can run more than one software component within a VM if you
choose.– Decide on the methods you will use to contain access to those software
components, and to the information managed by those components.• Configure communication between VM’s and to the outside• Install packages• Write scripts and demonstrate basic flow through system.• Report on progress as group now by email on Tuesday 7 Feb.
59
![Page 61: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/61.jpg)
Group 1• Abdullah Binkulaib and Dan Dmytrisin have provided initial
information, but are having difficulty engaging the rest of group one.
60
![Page 62: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/62.jpg)
Group 2• Submitted a requirements and design document
– Include project scope and assumptions– Data classes, User Classes, and Protection Domains– System Components– System Design
• Including Data Flow Diagrams• Including Network Diagrams
– Development timeline through end of February
61
![Page 63: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/63.jpg)
Banking
• Your organization must:– Maintain a database of account holders– A database of account balances– Enable web access by customers who:
• Can update their personal information• Check their account balance• Transfer funds to another account (by number)• View transactions on their account• Submit an image of a check for deposit
– (check should be viewable, but you do not need to scan it or process it)
• Access is needed– Via web from the open internet– Outbound email confirming transactions– All other interactions may be limited by information flow policies
to internal machines.
62
![Page 64: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/64.jpg)
Preparation for Lab Activities• Install free version of vmplayer or
virtualbox on your own machine• Configure some version / dist of Linux as a
guest OS.• Run two instances simultaneously• Configure to allow network communication
between the two VMs.• Install a web server on one of the VMs.• Configure Dynamic DNS (e.g. no-ip.com)
to enable connection to the server from the internet.
16
![Page 65: INF526: Secure Systems Administrationusing the .htaccess file. • PEP: • PDP: • PAP: • PIP: 3. Appliance Firewall For each of the systems described below, use your best explanation](https://reader033.vdocuments.site/reader033/viewer/2022060506/5f1f0842d2ee4721fb2a5b03/html5/thumbnails/65.jpg)
Connecting to VMs• VNC – Virtual Network Computing
– Install TightVNC or other Client on machine from whichaccess is attempted.
– Install and configure VNC server on Virtual Machine– A VNC Server can be run inside your VM, or in the hypervisor
• Inside the VM is likely easier• Portmapping a must
– Find the IP using dynamic DNS– But multiple VM’s on a shared NAT need to be mapped manually to
different ports.• We are trying to gain access to a server under which you can
run VM’s which you would connect to the same way you would here, via VNC– Address mapping would be easier.
64