Transcript Security

Computer Networks
Security
1
Internet/Telco Comparison
Telephone System
central authority
network in control
billing records per
connection
legal issues well
understood
provisions for law
enforcement
(wiretapping)
Internet
no central authority
end systems in control
no central knowledge of
connections
no per-packet billing
legal issues not well
understood
anonymity is easy
2
Internet Security Stinks
Hosts are hard to secure
Bad defaults
Poor software
Fixes rarely applied
Average user/administrator is clueless
An overly secure system is not useful
It’s difficult to coordinate among sites
3
What to Protect
Confidentiality
snooping
encryption
Integrity
deletion, changes
backups
Availability
denial of service attacks
Authentication
are who you say you are
Nonrepudiation
no denying it
Access Control
don’t touch that!
Reputation
Ensure your good name
4
Where to Put the Protection?
5
Physical Security
Trash bins
Social engineering
It’s much easier to trust a face than a packet
Protect from the whoops
power
spills
the clumsy
software really can kill hardware
6
Host Based Security
Recall End-to-End Argument
Security is ultimately a host problem
Key idea: protect the DATA
End hosts are in control of data
Users are in control of end hosts
Users can and often will do dumb things
Result: very difficult to protect all hosts
7
Internal Security
Most often ignored
Most likely the problem
Disgruntled employee
Curious, but dangerous employee
Clueless and dangerous employee
8
Security by Obscurity
Is no security at all.
However
It’s often best not to advertise unnecessarily
It’s often the only layer used (e.g. passwords)
Probably need more security
9
Network Based Security
Should augment host based security
Useful for
Protecting groups of users from others
Prohibiting certain types of network usage
Controlling traffic flow
Difficult to inspect traffic
encryption can hide bad things
tunneling can mislead you
Good book: Network Security: PRIVATE Communication in a PUBLIC World. Kaufman, Perlman and Speciner.
10
Layered Defenses
The belt and suspenders approach
Multiple layers make it harder to get
through
Multiple layers take longer to get through
Basic statistics and probability apply
If Defense A stops 90% of all attacks and Defense B stops 90% of
all attacks, you might be able to stop up to 99% of all attacks
Trade-off in time, money and convenience
11
Perimeter Security
Boundary between a trusted internal
network and a hostile external network
12
Firewall Solutions
They help, but not a panacea
A network response to a host problem
Packet by packet examination is tough
Don’t forget internal users
Need well defined borders
Can be a false sense of security
Careful not to break standard protocol
mechanisms!
13
Packet Filtering Firewalls
Apply rules to incoming/outgoing packets
Based on
Addresses
Protocols
Ports
Application
Other pattern match
14
Packet Filtering Firewall
Illustrated
15
Screened Subnet
16
Example Firewall: ipchains
-A input -s 192.168.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 172.0.0.0/255.240.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 10.0.0.0/255.0.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 224.0.0.0/224.0.0.0 -d 0.0.0.0/0.0.0.0 -j DENY
-A input -s 0.0.0.0/0.0.0.0 -d a.b.c.d/255.255.255.255 22:22 -p 6 -j ACCEPT
-A input -s 0.0.0.0/0.0.0.0 -d a.b.c.d/255.255.255.255 1024:65535 -p 6 ! -y -j ACCEPT
17
Example Firewall: Cisco Router
Filters
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
access-list
100
100
100
100
100
100
100
100
100
100
100
100
100
100
deny
deny
deny
deny
deny
deny
deny
permit
permit
deny
deny
deny
permit
deny
ip 192.168.0.0 0.0.255.255 any
ip 172.0.0.0 0.15.255.255 any
ip 10.0.0.0 0.255.255.255 any
ip 0.0.0.0 0.255.255.255 any
ip 127.0.0.0 0.255.255.255 any
ip 224.0.0.0 31.255.255.255 any
ip 1.2.0.0 0.0.255.255 any
tcp any host 1.2.3.4 eq domain
udp any host 1.2.3.4 eq domain
tcp any host 1.2.3.5 eq telnet log
tcp any host 1.2.3.6 eq syn log
ip any host 1.2.3.4
ip any 1.2.0.0 0.0.255.255
ip any any
18
Application Level Gateway
19
Encryption
Make a readable message unreadable
Math intensive
Plain text versus cipher text
Algorithms and keys
public
private
key size
20
Shared Secret Key
Each party knows a secret
The secret is used to decrypt the cipher text
Book: Ulysses
Page: 7
Line: 23
Word: 4
Must know the book and keep it a secret
21
Shared Secret Key Illustrated
22
Public Key Cryptography
Public Key
Everyone can use it to encrypt messages to you
Private Key
Only you know this key and only it decrypts
messages encrypted with your public key
Keyring
23
Public Key Illustrated
24
Exploits Overview
Passwords
hacking and sniffing
System specific
NT, UNIX, NetWare, Linux
Application specific
web browser, ftp, email, finger
Protocol specific
spoofing, TCP hijacking, ICMP redirects, DNS
Denial of Service
PING of death, trinoo, tribe flood
25
The Process
Reconnaissance
Scanning
Exploit Systems
Keep access with backdoors/trojans
Use system
Often as a springboard
Cover any tracks
26
Buffer Overflows and Weak
Validation of Input
Key idea: overwriting the something on the
stack
Popular exploits with CGI scripts
Format strings
Regular users can gain root access
If exploit on TCP/UDP service, remote root
can be accomplished
27
Network Mapping
PING
DNS mapping (don’t need zone transfer)
dig +pfset=0x2020 -x 10.x.x.x
rpcinfo -p <hostname>
nmap <http://www.insecure.org/nmap/>
very nice!
Microsoft Windows is NOT immune
nbtstat, net commands
Just look around the ‘net!
28
Session Hijacking
If you can predict sequence numbers and
spoof the source address, you might be
able to pretend to be one end of the
session. It helps if you can keep one end
of the session busy while you’re hijacking.
29
Session Hijacking Illustrated
30
Password Cracking
Very common today
If attacker can get a hold of the password
file, they can go offline and process it
Recall
passwords are a form of obscurity
multiple defenses may be needed
Given enough time, passwords alone are
probably not safe
31
Viruses and Worms
Programs written with the intent to spread
Worms are very common today
Often email based (e.g. ILOVEYOU)
Viruses infect other programs
Code copied to other programs (e.g. macros)
All require the code to be executed
Proves users continue to do dumb things
Sometimes software is at fault too
32
Denial of Service (DoS)
Prevents or impairs standard service
SYN flooding
SMURF attacks
Distributed Denial of Service (DDoS)
Most effective when source address can be
spoofed
Difficult to differeniate between valid traffic
33
Example Denial of Service
Illustrated
34
Example Distributed Denial of
Service Illustrated
35
DoS Solutions
Ingress/Egress filtering
ICMP Traceback
Packet Marking
Rate-limiting
Difficult to solve completely!
36
Network Address Translation
Removes end-to-end addressing
Standardized in RFC 1918
NAT has been bad for the Internet
Provides relatively no security with a great
deal of cost - this slide shouldn't be here
NAT has been required for sites with IP
address allocation problems
NAT may be used for IPv6 transition
37
NAT Illustrated
38
Virtual Private Networks
39
Key Idea
A session between two endpoints that is
secured from eavesdroppers and all
threats on the network in between,
usually through the use of encryption
technology.
40
Why Is This Worthwhile?
Cost, Cost, Cost!
Ability to make use of a public, insecure
network, rather than building your own
private, secure network
41
Challenges
Increased overhead
Complexity
Performance
Quality
Management
42
Oh, and One More Thing
43
Other Areas of Interest
IP multicast
Routing protocols
Privacy issues
IPsec
Intrusion Detection Systems (IDS)
44
References
bugtraq mailing list (see http://www.securityfocus.com)
http://www.cert.org
http://www.cerias.purdue.edu
http://www.first.org
http://packetstorm.securify.com
http://www.research.att.com/~smb/
http://cm.bell-labs.com/who/ches/
http://www.denialinfo.com
http://www.cs.georgetown.edu/~denning/
http://www.washington.edu/People/dad/
http://www.sans.org
http://theory.lcs.mit.edu/~rivest/
http://networks.depaul.edu/security/
45