spring 2000john kristoff1 security computer networks
Post on 19-Dec-2015
224 views
TRANSCRIPT
Spring 2000 John Kristoff 1
Security
Computer Networks
Spring 2000 John Kristoff 2
What to Protect
Confidentiality snooping encryption
Integrity deletion, changes backups
Availability denial of service
attacks
Authentication are who you say you
are
Nonrepudiation no denying it
Access Control don’t touch that!
Spring 2000 John Kristoff 3
Most Importantly
Protect your reputation
Spring 2000 John Kristoff 4
Good Books
Network Security: PRIVATE Communication in a PUBLIC World. Kaufman, Perlman and Speciner.
Cryptography and Network Security: Principles and Practice. Stallings.
Spring 2000 John Kristoff 5
Where to Put the Protection?
Spring 2000 John Kristoff 6
Host Based Security
Recall End-to-End ArgumentSecurity is ultimately a host problemKey idea: protect the DATAEnd hosts are in control of dataUsers are in control of end hostsUsers can and often will do dumb thingsResult: very difficult to protect all hosts
Spring 2000 John Kristoff 7
Network Based Security
Should augment host based securityUseful for
Protecting groups of users from others Prohibiting certain types of network usage Controlling traffic flow
Difficult to inspect traffic encryption can hide bad things tunneling can mislead you
Spring 2000 John Kristoff 8
Perimeter Security
Boundary between a trusted internal network and a hostile external network
Spring 2000 John Kristoff 9
Internal Security
Most often ignoredMost likely the problemDisgruntled employeeCurious, but dangerous employeeClueless and dangerous employee
Spring 2000 John Kristoff 10
Security by Obscurity
Is no security at all.However
It’s often best not to advertise unnecessarily
It’s often the only layer used (e.g. passwords)
Probably need more security
Spring 2000 John Kristoff 11
Layered Defenses
The belt and suspenders approachMultiple layers make it harder to get
throughMultiple layers take longer to get throughBasic statistics and probability apply
If Defense A stops 90% of all attacks and Defense B stops 90% of all attacks, you might be able to stop up to 99% of all attacks
Trade-off in time, money and convenience
Spring 2000 John Kristoff 12
Physical Security
Trash binsSocial engineeringIt’s much easier to trust a face than
a packetProtect from the whoops
power spills the clumsy software really can kill hardware
Spring 2000 John Kristoff 13
Packet Filtering Firewalls
Apply rules to incoming/outgoing packets
Based on Addresses Protocols Ports Application Other pattern match
Spring 2000 John Kristoff 14
Packet Filtering Firewall Illustrated
Spring 2000 John Kristoff 15
Example Firewall: ipchains
-A input -s 192.168.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 172.0.0.0/255.240.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 10.0.0.0/255.0.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 224.0.0.0/224.0.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 0.0.0.0/0.0.0.0 -d a.b.c.d/255.255.255.255 22:22 -p 6 -j ACCEPT
-A input -s 0.0.0.0/0.0.0.0 -d a.b.c.d/255.255.255.255 1024:65535 -p 6 ! -y -j ACCEPT
Spring 2000 John Kristoff 16
Example Firewall: Cisco Router Filters
access-list 100 deny ip 192.168.0.0 0.0.255.255 anyaccess-list 100 deny ip 172.0.0.0 0.15.255.255 anyaccess-list 100 deny ip 10.0.0.0 0.255.255.255 anyaccess-list 100 deny ip 0.0.0.0 0.255.255.255 anyaccess-list 100 deny ip 127.0.0.0 0.255.255.255 anyaccess-list 100 deny ip 224.0.0.0 31.255.255.255 anyaccess-list 100 deny ip 1.2.0.0 0.0.255.255 anyaccess-list 100 permit tcp any host 1.2.3.4 eq domainaccess-list 100 permit udp any host 1.2.3.4 eq domainaccess-list 100 deny tcp any host 1.2.3.5 eq telnet logaccess-list 100 deny tcp any host 1.2.3.6 eq syn logaccess-list 100 deny ip any host 1.2.3.4access-list 100 permit ip any 1.2.0.0 0.0.255.255access-list 100 deny ip any any
Spring 2000 John Kristoff 17
Encryption
Make a readable message unreadableMath intensivePlain text versus cipher textAlgorithms and keys
public private key size
Spring 2000 John Kristoff 18
Encryption?
#include<stdlib.h>#include<stdio.h>main(I,O,O0,OO,l)int I,O0,OO,l;char **O;{
return !!I>=I?!I>=I?!!~I>=~I?!~I>=~I?!OO?!I:OO%2?OO=main(I,O,O0,OO>>!!OO,l),OO=main(I-!I-!!I,O,OO,OO,l),OO=main(I-!I-!!I,O,O0,OO,l),!(OO-!I||I)?l-1:OO
:(OO=main(I,O,O0,OO>>!!OO,l),!(OO-l+!I||I)?l-1:main(I-!I-!!I,O,OO,OO,l))
:(O0+OO)%l:main(I-I/I-I/I,O,O0,OO+OO/OO,
main(0,O,O0,OO,I-I-I)+I+1?1:printf("%d ",I-I-I)+fflush(stdout)):main(I-I-I-I-I,O,I+I-I+I,I,0):main(~!!I-!!I,O,atoi(1[O]),1,atoi(0[O]));
}
Spring 2000 John Kristoff 19
Shared Secret Key
Each party knows a secretThe secret is used to decrypt the cipher
text Book: Ulysses Page: 7 Line: 23 Word: 4
Must know the book and keep it a secret
Spring 2000 John Kristoff 20
Shared Secret Key Illustrated
Spring 2000 John Kristoff 21
Public Key Cryptography
Public Key Everyone can use it to encrypt
messages to youPrivate Key
Only you know this key and only it decrypts messages encrypted with your public key
Keyring
Spring 2000 John Kristoff 22
Public Key Illustrated
Spring 2000 John Kristoff 23
Denial of Service (DoS)
Prevents or impairs standard serviceSYN floodingSMURF attacksDistributed Denial of Service (DDoS)Most effective when source address
can be spoofedDifficult problem to solve
Spring 2000 John Kristoff 24
Example Denial of Service Illustrated
Spring 2000 John Kristoff 25
Example Distributed Denial of Service Illustrated
Spring 2000 John Kristoff 26
Buffer Overflows and Weak Validation of Input
Key idea: overwriting the something on the stack
Popular exploits with CGI scriptsRegular users can gain root accessIf exploit on TCP/UDP service, remote
root can be accomplished
Spring 2000 John Kristoff 27
Session Hijacking
If you can predict sequence numbers and spoof the source address, you might be able to pretend to be one end of the session. It helps if you can keep one end of the session
busy while you’re hijacking.
Spring 2000 John Kristoff 28
Session Hijacking Illustrated
Spring 2000 John Kristoff 29
Password Cracking
Very common todayIf attacker can get a hold of the
password file, they can go offline and process it
Recall passwords are a form of obscurity multiple defenses may be needed
A good password selection strategy
Spring 2000 John Kristoff 30
Viruses and Worms
Programs written with the intent to spreadWorms are very common today
Often email based (e.g. ILOVEYOU)Viruses infect other programs
Code copied to other programs (e.g. macros)All require the code to be executed
Proves users continue to do dumb things Sometimes software is at fault too
Spring 2000 John Kristoff 31
Example: Securing Routers
!version 12.0service tcp-keepalives-inservice timestamps debug datetime msec localtimeservice timestamps log datetime msec localtimeservice password-encryptionclock timezone cst -6clock summer-time cdst recurringno ip source-routeno ip fingerno ip bootp server!interface FastEthernet1/0 description backbone router ip address a.b.c.d 255.255.255.0 ip access-group 100 in no ip unreachables no ip directed-broadcast no cdp enable
Spring 2000 John Kristoff 32
Example: Securing Routers [continued]
router rip passive-interface Serial1/0 network a.b.0.0 distribute-list 1 in Serial2/0
logging history warningslogging trap debugginglogging facility local7logging source-interface Loopback0logging a.b.c.d
access-list 1 deny anyaccess-list 10 permit a.b.c.0 0.0.0.255access-list 10 deny anyaccess-list 100 permit tcp a.b.0.0 0.0.255.255 any eq telnet logaccess-list 100 deny ip any any log
Spring 2000 John Kristoff 33
Example: Securing Routers [continued]
snmp-server community password RO 10snmp-server location computing centersnmp-server contact Network Administratorbanner motd^CThis host is to be used by authorized personnel only!^C!line vty 0 4 exec-timeout 0 5 access-class 100 in password 7 823442561E01034A12 login transport input telnet ssh!ntp source Loopback0ntp server a.b.c.dend
Spring 2000 John Kristoff 34
Example: Securing UNIX
Remove unnecessary UDP/TCP servers Startup scripts in /etc/rc.d directories /etc/inetd.conf
Use secure versions of servers ssh tcpwrappers
Many useful tools available Tripwire, IP Filter, ipchains, lsof, tcpwrappers, etc...
Spring 2000 John Kristoff 35
Example: Securing Windows
Disable file/printer sharingUse virus protection softwareKeep current on latest service packsDisable unnecessary protocols
Spring 2000 John Kristoff 36
Network Address Translation
NAT is a hack!Provides some level of security, but
with a great deal of costIf security is the only goal, avoid NATNAT has been required for sites with
IP address allocation problemsRSIP may get NAT users back on track
Spring 2000 John Kristoff 37
NAT Illustrated
Spring 2000 John Kristoff 38
Virtual Private Networks
Spring 2000 John Kristoff 39
Key Idea
A session between two endpoints that is secured from eavesdroppers and
all threats on the network in between, usually through the use of
encryption technology.
Spring 2000 John Kristoff 40
Why Is This Worthwhile?
Cost, Cost, Cost! Ability to make use of a public, insecure
network, rather than building your own private, secure network
Spring 2000 John Kristoff 41
Challenges
Increased overheadComplexityPerformanceQualityManagement
Spring 2000 John Kristoff 42
Oh, and One More Thing
Spring 2000 John Kristoff 43
Some Terms/Technology Thrown Around with VPNs
IPsecPPP/PPTP/L2TP/L2FCHAP, PAPEncapsulationTunnelingAAARADIUS/TACACS/TACACS+Firewalls
Spring 2000 John Kristoff 44
Security Tools
sshTripWiretcpwrappersIP Filter, ipchainsnmaptcpdump, windumpsyslogntp
snortlogcheck, swatchcrack, l0pftcrackkerberosPGPkerberosS/MIMESSL
Spring 2000 John Kristoff 45
Final Thoughts
Network Address Translation Think about long term implications
Security as a end-to-end problemJava, Javascript and ActiveXCertificatesIntrusion Detection