Remote Access

cs490ns-cotter 2

Objectives

• Secure Remote Access

• Harden File Transfer Protocol (FTP)

• Protect Directory Services

Remote Access – into Linux

• vnc – (Virtual Network Connection)– vnc-server (Fedora / CentOS) – tigervnc-server

• Establish password for communications• Decide which ports to use (multiple channels available)• Channel 0 = 5900; channel 1 = 5901, etc.• Start service “vncserver :1”

– vnc clients• Linux: vncviewer• Windows: tightVNC, ultraVNC, etc.

Remote Access – into Linux

• Windows – tightVNC login

Remote Access – into LinuxTightVNC client

Remote Access – into Linux

• noMachine nx– nx server available from NoMachine.com

• Uses SSH for data transport• Runs on port 7100, but all data goes through SSH

(22)• Uses SSH login (regular user)

– Nx clients• Linux• Windows

Remote Access – into Linux

• Windows nx login

Remote Access – into Linuxnx client

cs490ns-cotter 9

Secure Remote Access

• Windows NT includes User Manager to allow dial-in access, while Windows 2003 uses Computer Management for Workgroup access and Active Directory for configuring access to the domain

• Windows XP, 2003 Remote Access Policies can lock down a remote access system to ensure that only those intended to have access are actually granted it

cs490ns-cotter 10

Secure Remote Access

• Linux – Remote access is not part of the kernel. Available as support programs.– Unsecured – telnet, ftp– Secured – SSH, PuTTY, etc.

cs490ns-cotter 11

Tunneling Protocols

• Tunneling: Technique of encapsulating one packet of data within another type to create a secure link of transportation.

cs490ns-cotter 12

Secure Transmission Protocols

• PPTP and other similar protocols provide a secure mechanism for preventing eavesdroppers from viewing transmissions

• PPTP derived from Point-to-Point Protocol

cs490ns-cotter 13

Point-to-Point Protocol

• Initially designed to support serial connections (modems) to the Internet– Standard serial port provides only layer 1 protocol

support (no layer 2 – data link) – PPP (and the earlier Serial Line Internet Protocol)

were designed as a layer 2 protocol that can carry IP datagrams through a serial (modem) connection.

• Functions:– Encapsulation– Link Control Protocol– Authentication– Network Control Protocols

cs490ns-cotter 14

Point-to-Point Tunneling Protocol (PPTP)

• Widely deployed tunneling protocol• Developed by Microsoft• Based on the Point-to-Point Protocol

(PPP) • Client connects to a network access

server (NAS) to initiate connection• Extension to PPTP is Link Control Protocol

(LCP), which establishes, configures, and tests the connection

cs490ns-cotter 15

PPTP (cont)

NAS PPTP Server

clientclient

PPPPPP

Internet

PPTPDial-up

link

cs490ns-cotter 16

PPTP (cont)

• Used to encapsulate network protocols over a TCP/IP network– Used to carry PPP (which can encapsulate IP,

IPX, Net BEUI, etc.)– Control messages

• Manages VPN connections

– Supports Authentication, Encryption– Data packets

cs490ns-cotter 17

Layer 2 Tunneling Protocol (L2TP)

• Represents a merging of features of PPTP with Cisco’s Layer 2 Forwarding Protocol (L2F), which itself was originally designed to address some of the weaknesses of PPTP

• Unlike PPTP, which is primarily implemented as software on a client computer, L2TP can also be found on devices such as routers.

cs490ns-cotter 18

L2TP (cont)

cs490ns-cotter 19

L2TP (cont)1. User initiates a PPP connection to the ISP, using the analog telephone system

or ISDN. 2. The ISP network L2TP Access Concentrator (LAC) accepts the connection at

the POP and the PPP link is established. 3. After the end user and the L2TP Network Server (LNS) negotiate Link protocol,

the LAC partially authenticates the end user with CHAP or PAP. If the user is not a Virtual Private dialup Network (VPDN) client, authentication continues, and the client will access the Internet or other contacted service. If the username is a VPDN client, the mapping will name a specific endpoint (the LNS).

4. The tunnel end points, the LAC and the LNS, authenticate each other before any sessions are attempted within a tunnel. Alternatively, the LNS can accept tunnel creation without any tunnel authentication of the LAC.

5. Once the tunnel exists, an L2TP session is created for the end user. 6. The LAC will propagate the LCP negotiated options and the partially

authenticated CHAP/PAP information to the LNS. The LNS will funnel the negotiated options and authentication information directly to the virtual access interface. If the options configured on the virtual template interface does not match the negotiated options with the LAC, the connection will fail, and a disconnect is sent to the LAC.

cs490ns-cotter 20

PPPoE: PPP over Ethernet

• Point to Point Protocol over Ethernet • RFC 2516• Only Ethernet Framing and MAC address are

relevant (Nothing from CSMA/CD protocol!)• Ability to connect a collection of hosts over a

simple bridging access device to a remote access concentrator

• Access control, billing and Type of service: on a per user basis

• Each PPP session learns Ethernet address of remote peer with a unique session identifier

cs490ns-cotter 21

PPPoE: cont’d

• Revisit Ethernet Frame– DestAddr | SourceAddr | Ether_type | Payload |

Checksum

• DestAddr,SourceAddr: 6 byte MAC address (universally unique)

• Ether_type: 2 bytes

• Payload 46 – 1500 bytes

• Checksum (FCS) 4 bytes

cs490ns-cotter 22

Two stages of PPPoE:Discovery Stage

– Host (client) may discover all Remote access concentrators and select one

• A session_id is established• Ether_type: 0x8863

– Four messages:• Initiation (from host to RAC)• Offer from (RAC to host)• Request from (host to RAC)• Confirm (from RAC to host): contains session ID

cs490ns-cotter 23

Session Stage

– Now transmit PPP-LCP message to establish PPP session

– First generated by host• DestAddr: Access Concentrator • SourceAddr: host• Ether_type: 0x8864 • SessionID: as obtained from Discovery Stage• Length: <rest of packet>• PPP protocol: 0xc021 (PPP-LCP)• Now PPP payload!

– Continue with other PPP messages (PAP, IP-CP etc) to get to the IP datagram transmission phase

cs490ns-cotter 24

Authentication Technologies

• Authenticating a transmission to ensure that it comes from an approved sender can provide an increased level of security for remote access users

• Examples:– Radius– Tacacs+

cs490ns-cotter 25

(RADIUS)

• Remote Authentication Dial-In User Service• Originally defined to enable centralized authentication

and access control for PPP sessions • Requests are forwarded to a single RADIUS server• Supports authentication, authorization, and auditing

functions• After connection is made, RADIUS server adds an

accounting record to its log and acknowledges the request

• Allows company to maintain user profiles in a central database that all remote servers can share

cs490ns-cotter 26

(TACACS+)

• Terminal Access Control Access Control System

• Industry standard protocol specification that forwards username and password information to a centralized server

• Whereas communication between a NAS and a TACACS+ server is encrypted, communication between a client and a NAS is not

IPSec

• Designed to create and support a cryptographically protected communication channel

• This connection is called a Security Association.– SA defined by a set of security parameters

referenced in a Security Parameter Index (SPI) and a destination host address.

cs490ns-cotter 28

IP Security (IPSec)IP Security (IPSec)

• Considered to be a transparent security protocol operating at layer 3– Transparent to applications, users, and software

• Provides three areas of protection that correspond to three IPSec protocols:– Key management (ISAKMP/IKE - Oakley)

• A way to establish an SA

– Authentication (AH)• A way to ensure the integrity of the communication

– Confidentiality (ESP)• A way to ensure the privacy of the communication.

IPsec ProtocolsIPsec Protocols

• Internet Key Exchange– Internet Security Association and Key Mgmt protocol– OAKLEY – Based on Diffie-Hellman – RFC 2408

• Authentication Header Protocol– RFC2402– Message digest based on data + key

• Encapsulating Security Payload Protocol– RFC 2406– Uses public key to encrypt, ICV to authenticate

cs490ns-cotter 29

cs490ns-cotter 30

IPSec (cont)IPSec (cont)• Once an SA has been established, IPSec

provides a 2 phase security association• Supports 2 Phase 1 modes:

– Transport mode encrypts or authenticates only the data portion (payload) of each packet, yet leaves the header unencrypted.

– Tunnel mode encrypts both the header and data portion

• IPSec accomplishes transport and tunnel modes by adding new headers to the IP packet

• In tunnel mode the entire original packet is then treated as the data portion of the new packet

IPsec Transport ModeIPsec Transport Mode

cs490ns-cotter 31

Orig. headerAuth.

headerTCP Orig. Payload

IPsec Tunnel ModeIPsec Tunnel Mode

cs490ns-cotter 32

New header Orig. header TCP Orig. Payload

Original Packet

New Payload

New Packet

cs490ns-cotter 33

IPSec (cont)IPSec (cont)

• Supports 2 Phase 2 Associations– Authentication– Encryption

• Both Authentication Header (AH) and Encapsulating Security Payload (ESP) can be used with Transport or Tunnel mode, creating four possible transport mechanisms:– AH in transport mode / tunnel mode– ESP in transport mode / tunnel mode

Authentication Header

SPI (Security Parameters Index)

Sequence Number

Authentication Data (SHA-1, etc.) - Integrity Check Value -

Next = tcp AH len Reserved

Hash Message Auth CodeSecret Key Null pad 36363636

xor’d key

5c5c5c5c

xor’d key hash

Msg to Hash (full* IP Packet)OX

OX

Hash Function

Hash Function

Integrity Check Value

AH in Transport ModeAH in Transport Mode

cs490ns-cotter 36

Orig IP header

Authentication header (AH)

TCPOrig.

Payload

Authenticated packet

AH in Tunnel ModeAH in Tunnel Mode

cs490ns-cotter 37

Orig IP header

Authentication header (AH)

TCPOrig.

Payload

Authenticated

New IP header

Original Packet

encrypted

ESP in Transport ModeESP in Transport Mode

cs490ns-cotter 38

trailerESP

headerTCP

Orig. Payload

Authenticated

Orig IP header

encrypted

ESP authentication

ESP in Tunnel ModeESP in Tunnel Mode

cs490ns-cotter 39

trailerESP

headerTCP

Orig. Payload

Authenticated

New IP header

encrypted

ESP authentication

Orig IP header

Internet Key Exchange

• ISAKMP – Internet Security Association and Key Management Protocol– A framework to define and exchange the data elements (fiitds)

needed to support secure communications

• IKE – Internet Key Exchange– Definition of a protocol that workws within the ISAKMP

framework to establish an SA.

• DOI – Domain of Interpretation. – Provides the specifications for a particular use of ISAKMP. – Original intent twas that there would be many different DOIs for

many different applications that might use ISAKMP

IKE – 2 Phases

• Phase 1– Known as the ISAKMP SA– Mutual authentication and establish session keys.– Based on names, k]public keys, and/or shared

secrets.

• Phase 2– Known as ESP or AH SA– Uses keys established in phase 1 to develop multiple

separate channels

Phase 1 IKE – 2 modes

• Aggressive Mode– Establishes mutual authentication and

session key establishment in 3 messages– Simple and quick

• Main Mode– Uses 6 messages to establish mutual

authentication and session key,– Allows for selection of cryptographic protocols

IKE – Aggressive Mode

Alice

Bob

ga mod p, “Alice”, crypto proposal

gb mod p, crypto choice, proof for “Bob”

Proof for Alice

IKE – Main Mode

Alice

Bob

gab mod p, proof for “Alice”

ga mod p

gab mod p, proof for “Bob”

gb mod p

Crypto suite I choose

Crypto suites I supportParameterNegotiation

Diffie-Hellman exchange

Send ID’s, Authenticate, etc.

IKE Phase 1 Key Types

• How do we authenticate? What info is used?• Four Authentication Methods

– Original Public Key Encryption– Revised Public Key Encryption– Public Key Signature– Pre-shared Key

• Two modes for each method– Aggressive Mode– Main Mode

Basic Phase 1 Association• Revised Public key – main mode

Alice

Bob

K = f(gab mod p, nonceA, nonceB, CookieA, CookieB)

{nonceA}Bob, KA{ga mod p}, KA{Alice}, KA{Alice cert}

K{proof I’m Bob}

Crypto Proposal Accepted

Crypto Proposal

KA = hash (nonceA, cookieA)

KB = hash (nonceB, cookieB)

K{proof I’m Alice}

{nonceB}Alice, KB{gb mod p}, KB{Bob}

Phase 2 IKE – IPSec SA

• Quick Mode

Alice

Bob

Phase 1 SA

X, Y, CPA, traffic, SPIB, nonceB, [gb mod p]

X, Y, ack

X, Y, CP, traffic, SPIA, nonceA, [ga mod p]

cs490ns-cotter 48

Virtual Private Networks (VPNs)

• Takes advantage of using the public Internet as if it were a private network

• Allow the public Internet to be used privately

• Prior to VPNs, organizations were forced to lease expensive data connections from private carriers so employees could remotely connect to the organization’s network

cs490ns-cotter 49

VPNs (cont)• Two common types of VPNs include:

– Remote-access VPN or virtual private dial-up network (VPDN): user-to-LAN connection used by remote users

– Site-to-site VPN: multiple sites can connect to other sites over the Internet

• VPN transmissions achieved through communicating with endpoints– An endpoint can be software on a local

computer, a dedicated hardware device such as a VPN concentrator, or even a firewall

cs490ns-cotter 50

VPNs (cont)

VPN (IPSec) Issues - NAT

• NAT objective is to change (map) private IP addresses into public IP addresses

• AH includes IP addrs in hash.• ESP encrypts original header, but not new

header • Possible with ESP in tunnel mode, but

issues with IKE• If possible, do IPSec outside of NAT, or in

a shared box.

cs490ns-cotter 52

Hardening File Transfer Protocol (FTP)

• Three ways to work with FTP:– Web browser– FTP client – Command line

• FTP servers can be configured to allow unauthenticated users to transfer files (called anonymous FTP or blind FTP)

cs490ns-cotter 53

FTP (cont)

• Vulnerabilities associated with using FTP– FTP does not use encryption– Files being transferred by FTP are vulnerable to

man-in-the-middle attacks

• Use secure FTP to reduce risk of attack– Secure FTP is a term used by vendors to describe

encrypting FTP transmissions

• Most secure FTP products use Secure Socket Layers (SSL) to perform the encryption

cs490ns-cotter 54

FTP (cont)

• FTP active mode– Client connects from any random port >1,024 (PORT

N) to FTP server’s command port, port 21 (Step 1)– Client starts listening to PORT N+1 and sends the

FTP command PORT N+1 to the FTP server

• FTP passive mode– Client initiates both connections to server – When opening an FTP connection, client opens two

local random unprivileged ports >1,024

cs490ns-cotter 55

FTP (cont)

FTP (Implicit / Explicit Encryption)

• Implicit Encryption– FTP server / client assume an encryption mechanism

(TLS / sslv1, sslv2, sslv3, etc.) – No option to use non-encrypted channel provided– Control port: 990; Data port: 989– More secure – less flexible

• Explicit Encryption– FTP server / client negotiates over encryption. May

choose encryption or not– More flexible – potentially less secure

cs490ns-cotter 56

VSFTPd – Linux FTP Server

• Designed from scratch to be a more secure FTP server. – Secure coding techniques enforced– Many options to control default behavior– Incorporates encryption.

• Reference documents– man vsftpd.conf – very helpful in describing

options not shown in default config file– google …

cs490ns-cotter 57

Implementing VSFTPd ssl

• Verify that installed version of vsftpd supports ssl (is binary linked to ssl library?)– ldd /usr/sbin/vsftpd | grep ssl

– should return: libssl.so.6 => /lib/libssl.so.6 (0x0012c000)

• Verify a digital certificate & keys– cat /etc/pki/tls/certs/vsftpd.pem

– or perhaps cat /etc/ssl/certs/vsftpd.pem

• Secure key / certificate to root only– chmod 600 /etc/pki/tls/certs/vsftpd.pem

cs490ns-cotter 58

Implementing VSFTPd ssl

• If necessary, make a certificate and key– cd /etc/pki/tls/certs– make vsftpd.pem– or– cd /etc/ssl/certs– openssl req –x509 –nodes –days 730 –

newkey \ rsa:1024 –keyout //etc/ssl/certs/vsftpd.pem \ -out /etc/ssl/certs/vsfptf.pem

cs490ns-cotter 59

Implementing VSFTPd ssl

• Make changes / additions to vsftpd.conf– ssl_enable=YES– allow_anon_ssl=NO– force_local_data_ssl=NO– force_local_logins_ssl=YES– ssl_tls=YES– ssl_sslv2=NO– ssl_sslv3=NO– rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem

cs490ns-cotter 60

Get an FTP Client

• Windows– coreFTP lite – free– smartFTP - $– turboFTP - $– many others …

• Linux– Kftpgrabber – ssl/tls– Kasablanca – ssl/tls– gftp – ssh– etc.

cs490ns-cotter 61

cs490ns-cotter 62

References:

• PPP – rfc 1661, 1663, (Forouzan, Ch15)

• PPTP – rfc 2637, Microsoft

• PPPoE – rfc 2516

• L2TP – rfc 2661, 3931, Cisco

• RADIUS – rfc 2865

• IPSec – rfc 2411 (2401 – 2412)

• Google…

cs490ns-cotter 63

Summary

• FTP protocol has several security vulnerabilities - it does not natively use encryption and is vulnerable to man-in-the-middle attacks

• FTP can be hardened by using secure FTP (which encrypts using SSL)

• Protecting remote access transmissions is particularly important in today’s environment as more users turn to the Internet as the infrastructure for accessing protected information

cs490ns-cotter 64

Summary

• Authenticating a transmission to ensure it came from the sender can provide increased security for remote access users

• SSH is a UNIX-based command interface and protocol for securely accessing a remote computer