CSCI6268L14 - Computer Science | CU
Download
Report
Transcript CSCI6268L14 - Computer Science | CU
Foundations of Network and
Computer Security
John Black
Lecture #14
Oct 18th 2005
CSCI 6268/TLEN 5831, Fall 2005
Announcements
• Quiz #2 back today
– We’ll go over some points before we start the
lecture
• Project #0 due today
– Please hand in on paper
– CAETE students can email to grader:
[email protected]
Password Protected Private Key
• Shouldn’t leave your private key lying around
without password protection; let’s fix this
% openssl genrsa -aes128 -out john-priv.pem 1024
Generating RSA private key, 1024 bit long modulus
...........................................++++++
..........................++++++
e is 65537 (0x10001)
Enter pass phrase for john-priv.pem:
Verifying - Enter pass phrase for john-priv.pem:
% openssl rsa -in john-priv.pem -text -noout
Enter pass phrase for john-priv.pem:
Private-Key: (1024 bit)
modulus:
00:ca:40:b9:ef:31:c2:84:73:ab:ef:e2:6d:07:17... ...
What does key look like now?
This private key file is encrypted
-----BEGIN RSA PRIVATE KEY----Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,1210A20F8F950B78E710B75AC837599B
fFbkGjYxpp9dEpiq5p61Q/Dm/Vz5X2Kpp2+11qFCKXLzxc8Z8zL7Xgi3oV5RUtSl
wFjkiJaPP7fyo/X/Swz0LO1QKVQ7RDUe9NpnwTUBV44rtQVsSWfbgzdA9MAQT945
wBI27OAJWYQTApEeM2JhgvqCSPtdIn9paC9yeIzXLxwqrnlLCscGKncX53y3J3QG
KP1UqujpdTY9FRMvbL6bM5cn1bQ16pSbjntgFi5q4sdcwBNiWveFy5BNf4FnWtk6
KdAQ4jFeZqnwR3eAP0kdleosucPNZMxoQKafsi19bGi9BDdR4FoBdHy+K1sbXEm0
Z5+mcVPIITmB9MgUQLZ/AFguXHsxGDiH74es2Ahe6OACxWlqe4nfFxikXJfJw8EY
9nzw8xSZV5ov66BuT6e/K5cyrd2r0mlUb9gooYoVZ9UoCfO/C6mJcs7i7MWRNakv
tC1Ukt9FqVF14Bcr1oB4QEeK1oWW3QU2TArCWQKc67sVcSBuvMJjBd18Q+8AZ7GY
Jtt4rcOEb0/EUJuMauv4XlAQkiJcQ46qQjtkUo346+XMeRjWuUyQ/e5A/3Fhprat
7C10relDQonVi5WoXrEUTKeoaJgggZaeFhdpoee6DQePSWfLKB06u7qpJ6Gr5XAd
NnBoHEWBYH4C0YcGm77OmX7CbPaZiIrha/WU7mHUBXPUHDCOhyYQK8uisADKfmEV
XEzyl3iK6hF3cJFDZJ5BBmI774AoBsB/vahLquBUjSPtDruic24h6n2ZXcGCLiyc
redr8OiGRJ0r6XF85GYKUO82vQ6TbSXqBgM5Llotf53gDZjMdT71eMxI4Fj3PH91
-----END RSA PRIVATE KEY-----
CSR: Certificate Request
• You will generate a CSR
– Certificate Request
• Has your name, email, other info, your public key, and you
sign it
• Send your CSR to the CA
– CA will sign it if it is properly formatted
– His signature overwrites your signature on the CSR
• Once CA signs your CSR it becomes a
certificate
Creating a CSR
% openssl req -key john-priv.pem -new -out john-req.pem
Enter pass phrase for john-priv.pem:
You are about to be asked to enter information that will
be incorporated into your certificate request.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Colorado
Locality Name (eg, city) []:Boulder
Organization Name (eg, company) [Internet Widgits Pty
Ltd]:University of Colorado
Organizational Unit Name (eg, section) []:Computer Science
Common Name (eg, YOUR name) []:John Black
Email Address []:[email protected]
(Leave the rest blank)
This outputs the file john-req.pem which is a cert request
Viewing a CSR
% openssl req -in john-req.pem -text -noout
Note: not password protected
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=US, ST=Colorado, L=Boulder, O=University of Colorado,
OU=Computer Science, CN=John Black/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ca:40:b9:ef:31:c2:84:73:ab:ef:e2:6d:07:17:
83:5e:96:46:24:25:38:ed:7a:60:54:58:e6:f4:7b:
...
27:de:00:09:40:0c:5e:80:17
Exponent: 65537 (0x10001)
Attributes:
a0:00
Signature Algorithm: md5WithRSAEncryption
32:e1:3f:e2:12:47:74:88:a3:f9:f4:44:8a:f3:b7:4e:d1:14:
1f:0b:be:b8:19:be:45:40:ed:5b:fb:ab:9b:01:e8:9a:26:0c:
...
9c:e0
CSR is signed by you
CSRs
• Why is your CSR signed by you?
– Ensures that the CSR author (you) have the private
key corresponding to the public key in the CSR
• If we didn’t do this, I could get the CA to sign anyone’s public
key as my own
– Not that big a deal since I can’t decrypt things without the
corresponding private key, but still we disallow this
• Why does the CA sign your public key
– Well, because that’s his reason for existence, as
discussed previously
– Ok, let’s say I email my CSR to Martin and he signs
it… then what?
Sample Certificate
-----BEGIN CERTIFICATE----MIIDkDCCAnigAwIBAgIBCzANBgkqhkiG9w0BAQQFADCBgTEQMA4GA1UEAxMHSm9o
biBDQTERMA8GA1UECBMIQ29sb3JhZG8xCzAJBgNVBAYTAlVTMSYwJAYJKoZIhvcN
AQkBFhdqcmJsYWNrQGNzLmNvbG9yYWRvLmVkdTElMCMGA1UEChMcUm9vdCBDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMzExMTMyMDQ1MjFaFw0wNDExMTIyMDQ1
MjFaMIGFMRIwEAYDVQQDEwlUZXN0IFVzZXIxETAPBgNVBAgTCENvbG9yYWRvMQsw
CQYDVQQGEwJVUzEjMCEGCSqGSIb3DQEJARYUdGVzdEBjcy5jb2xvcmFkby5lZHUx
FjAUBgNVBAoTDVVuaXYgQ29sb3JhZG8xEjAQBgNVBAsTCUNTQ0kgNDgzMDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL1k6hJ9gwXlUYHiFOm6OHOf+8Y0
o1b7WOexYfNDWm9H0I79o0wVgDj7waOgt4hz2FE2h+gArfGY5VsaSzmCH0EA4kDS
m/sPob3HTVpbIFwlbXTV7hC0OxOzRs8lphDdj1vaNDSnOwqOS1ADCfIdaGEh9WKi
rEdFdriiu7v1bw+c1ByM57v9aHO7RslswR9EnRFZPWYa8GpK+St0s8bZVf98IOOk
H8HiliyVSt5lAXRMnIxhYMG89tkkuCAwxgDD+7WqyETYxY0UCg/joFV4IKcC7W1b
CmvxsY6/H35UpGgv0anCkjyP0mKY/YWB9KXwrR8NHC7/hacij0YNiV77EIMCAwEA
AaMNMAswCQYDVR0TBAIwADANBgkqhkiG9w0BAQQFAAOCAQEAZr4hdQPcGnAYmk++
0bQ4UKILXj9wr7UZdgz3DKJNpMPkFjzU6wvJrd1C8KIKfJC63TKHJ7svmdZwTCB2
hNUFy8kbe2KvNWQiGoX3PaY1eo3auLzIi8IxPqN+W/p1z3MhtpQqNllqzG8G1o50
QP2yAyj2V0rnwlRL3kZ7ibvXRnSB1Bz+6zJJLAQr4kTQD2EfxLhpks+iSE+m58PV
tfck25o2IMJYYLAdtoNGjcFG9/aDk+GHbsx8LP/va6B6BIzB3vrefuQvBu+7j/mz
aXP7QkuGYf1r4yyOiuMYnw0kwp5xndDKTzORsxksHQk5AWfBXrDdGPZrb6i1UlOq
U/P3+A==
-----END CERTIFICATE-----
Ooh…how useful!
Viewing a Certificate
% openssl x509 -in john-cert.pem -text –noout
Certificate:
Again, no encryption
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=Martin Cochran, ST=Colorado, C=US/emailAddress=Martin.Cochran
@colorado.edu, O=University of Colorado
Validity
Not Before: Oct 17 19:52:43 2005 GMT
Not After : Oct 17 19:52:43 2006 GMT
Subject: C=US, ST=Colorado, L=Boulder, O=University of Colorado, OU=Computer
Science, CN=John Black/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ca:40:b9:ef:31:c2:84:73:ab:ef:e2:6d:07:17:
83:5e:96:46:24:25:38:ed:7a:60:54:58:e6:f4:7b:. . .
27:de:00:09:40:0c:5e:80:17
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
97:4a:20:ea:a7:5a:4d:4c:77:b9:3e:c0:49:9b:ab:8f:6f:02:
53:24:a9:71:97:2c:1f:e8:e4:eb:d0:f6:6a:7c:74:30:1d:9e: . . .
3a:59
Now it’s the CA’s signature
What have we Accomplished?
• We have an X.509 cert
– It contains our public key, name, email, and other stuff
– It is signed by the CA
• You have a private key in a password-protected
file
– Don’t lose this file or forget the password!
• What else do we need?
– We need to be able to verify the CA’s signature on a
public key!
– We therefore need the CA’s verification key
CA’s Verification Key is a Cert!
• The CA generates a self-signed “root
certificate”
– This is his verification key (aka public key)
which he signs
– This certificate is what is embedded in your
browser
– This certificate is used to validate public keys
sent from other sources
– Martin’s root certificate will be used to validate
all public keys for our class
Martin’s Root Cert
-----BEGIN CERTIFICATE----MIIDoTCCAomgAwIBAgIJALqpKIgpakS2MA0GCSqGSIb3DQEBBQUAMIGGMRcwFQYD
VQQDEw5NYXJ0aW4gQ29jaHJhbjERMA8GA1UECBMIQ29sb3JhZG8xCzAJBgNVBAYT
AlVTMSowKAYJKoZIhvcNAQkBFhtNYXJ0aW4uQ29jaHJhbkBjb2xvcmFkby5lZHUx
HzAdBgNVBAoTFlVuaXZlcnNpdHkgb2YgQ29sb3JhZG8wHhcNMDUxMDE3MTk1MjQz
WhcNMDYxMDE3MTk1MjQzWjCBhjEXMBUGA1UEAxMOTWFydGluIENvY2hyYW4xETAP
BgNVBAgTCENvbG9yYWRvMQswCQYDVQQGEwJVUzEqMCgGCSqGSIb3DQEJARYbTWFy
dGluLkNvY2hyYW5AY29sb3JhZG8uZWR1MR8wHQYDVQQKExZVbml2ZXJzaXR5IG9m
IENvbG9yYWRvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR40jv85
z6AckjvP9yuTDYS7tbCiai738aHpGVGXviUfdPR2TS3laRxXnh8Nd8i4LT8+X/BB
WJk9leBs82VfuEEO2m7ksriHu+Z1vADJ0q9L6cmxHQkPA32okxOPlx33F6uU+E7+
qfvO1Uimf/QAbWvXTHlnv/BtIvz2hRHiUguuNxIqVqFpejebL7qerzqIBei6oBTo
OMkj7sjxXM6/agU7p1xAxlnxuslPKw9ff8QR7N4AiFrGmQkaFpjdZGTdFyofmXRB
MBahb4Zn1/DvWA1tHFJGAv2EEEMd5eyURzbt+kd2XjtHdyHd62Rf8bZ6YzPinI3o
72+goFpWW97YEwIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
A4IBAQAk15usr3Y9fWKdmFzRjyl7ICvXLb3bApBEA4RFIHv6iMAPtL58XgYo48ke
EhCxt4YJU2edOql2Ko+lGq9DnDM12aLfpGTxF6+QzgBC0cA3BewxvueWTWQF23V6
bnVeQqZmK3m+bv4rvj0x1HMKSVqfS83UDJxv8kFq1EQj2jaWOVuuIDLGNBr75xTk
/LbzDyY/BLmrBtsdG1VCAm6ONLRfSEumQ2B3fWpa8ElcvKNTR6WJOeHIhK0VUHRW
14bxvMNWSgQEPSqbeSUrHM7arZMbvE7/CFPxn/Sjvgz9Pkjm0fJh4AIKzTq/7K2Z
xZK7ZGq0UP6nMS75a7Hy/qOC1YQe
-----END CERTIFICATE-----
How to Distribute the Root Cert?
• It’s ridiculous for me to ask you to write
this down, right?
– If I email it to you, it might get altered by an
adversary
– If I put it on the web page, it might get altered
by an adversary
– Ok, this is probably not a REAL concern for
us, but we’re practicing being paranoid
– What can we do?
Distributing the Root Cert
• Fingerprint the root certificate!
– We’ll just distribute the fingerprint as a verification
check
– The cert itself will be distributed via some insecure
means
– The fingerprint will use a collision-resistant hash
function, so it cannot be altered
– But now we have to distribute the fingerprint
• This you can write down, or I can hand you a hardcopy on a
business card, etc
• People used to have a fingerprint of their PGP public key on
their business cards at conferences… haven’t seen this in a
while though
Root Cert Fingerprint
% openssl x509 -in cacert.pem -fingerprint -noout
MD5 Fingerprint =
94:F7:2F:8A:2C:1D:71:EC:7C:
6A:C6:60:27:5C:3B:CF
• Please write this down now
• And, yes, some is going to point out that perhaps my powerpoint
was infiltrated during the night, so I’ll check against my hardcopy
Overall Idea of the Project
• Each student has a cert containing a public key corresponding to his
private key
• Each student knows the verification key of the CA
• Student A wants to send secure mail message M to student B
– A obtains B’s cert and verifies it is correctly signed by the CA
– A chooses a random session key K and RSA encrypts using B’s public
key (from B’s cert)
– A writes out the encrypted K followed by M encrypted symmetrically,
then signs each of these with her private key and sends to B
• B receives all of this and…
–
–
–
–
Obtains A’s cert and verifies it is signed by CA
B verifies A’s signature on the message
B uses his private key to decrypt K (session key used by A)
B uses K to decrypt M
Sample Message from A to B
RSA Encrypted Session Key K
-----BEGIN CSCI 6268 MESSAGE----hjh2vkeSGpWehAwgMOEbKomsW3lTd8BBBrEfFchbAZpnbc+O7wcI8OT0g9WP9iPV
K92xbzAiVlAN7ZFOWlx/iX2XQIbUQBU6kl7NOyPTtSZ/5+9JHVDY1TFZG3cGtVj5
SeJ97+kvuWkZvNcKjAec1YbRYpXRGwRmqPtz+o5WYWqWmqPV6lQWjbN4Jc+w2Gcl
FKR7t0Zsi5RcnEwIn+cZtuTe3QWW4/inMGMBFgbXjA2E6VU7zn62BdBHh7S1/oBR
tt84Rr4/oXXJhrEASdZJEdGw8trh0FPd48ioHElT7TNGMx4YJKHBV1+EMjTcHwdN
DCr29AZ2QyDh/pHYqvJmVg==
AES-128-CBC encrypted message M
U2FsdGVkX1/QUjgfw4jEV34P/Efn8Ub7NDzV5QL+uWoeDblspQiz2BiPqQEa1acb
CD2+XgD36FmmcP9WxDOdQ63AlX2K4t4SdSyTT8uk9YpdUC0thqCXFkDGM6P0u7Xx
gBxP0s0mtcNFKbcpwmiEp5K8ayGHsYW5lM2veFclVL75xReQGA8fkjZ3OQQeR+nz
nQTg2Hniyaniwbb11YgBmyWQ4bsVK5UDG0iYab100cvPUlFZXrMmK4aumMNtC+0Z
+Syj4FaPzUphhebhuhsU29tahd8hL9DZQ5ZuzZiZi5hy0nG5z45FHktap/bwwOGC
Iu3mRM6ZqoTVVanTqf0cBaRA5c+XJbhuXLxjS44viFKSKENmZ7pEPZtdisvd/aq2
weZb1amCy2jnP0xQioI8Lc/zkno5XRW21bGH3kWeG8kMuOrBKVyms2FOEpsI0TH0
UIzck095R4jnPUI+e7S85z1Wx1ToyMI3Ub/Mee3MyIt60H2r2LC4sp9CO1Yn4tYN
pA4ULy3DhFy4z9x4bX+aU+bSymiqf5JvSjMXS/zQYERW+1fhOKnU3fI518mE9Gbx
tJBJJmjnPxWhWpSJjvG7qEAdy/PibcD8YPXn3NZ7j1mU8SgYog9vwJwz3fsKaCS6
AP4LTLN9ef5Hb/STtvA+ow==
-----END CSCI 6268 MESSAGE-----
RSA signature on first two chunks
The Big (Partial) Picture
Second-Level
Protocols
(Can do proofs)
First-Level
Protocols
(Can do proofs)
SSH, SSL/TLS, IPSec
Electronic Cash, Electronic Voting
Symmetric
Encryption
Block
Ciphers
Stream
Ciphers
MAC
Schemes
Hash
Functions
Asymmetric
Encryption
Hard
Problems
Digital
Signatures
Primitives
(No one knows how to prove security; make assumptions)
Network Security
• Haven’t we already been talking about
network security?!
– Kind of… cryptography is a central part of it
– Cryptography is nice because it’s a neatly
packaged science; but we’re done for now
– Network security itself is a vast area with
fuzzy borders
– Research tends to be more ad hoc
• How do we stop attack A, how do we prevent bug
B, how do we detect or tolerate intrusions, etc.
Crypto …. Good
• The easiest way to break into a computer
is usually not by breaking the crypto
– We’ve said this a number of times in this class
before; there are usually easier ways
• Let’s suppose we want to break into a
friend’s account on CSEL
– What kind of friend are you??
– Ok, give me methods… simple methods
Breaking into a “Friend’s” Account
• Digression
– Before we talk about this, let me introduce the
“John Disclaimer”
– I would like each of you to sign a statement
“promising not to be evil”
– I will hand this out at the end of lecture
• Please remind me
– It’s also on our web site…
• Distance students, please print this out and send it
in
Ok, Breaking into a “Friend’s” Acct
• Fake Login Screen
• Shoulder Surfing
• Password Cracker
– MD5 hashes publicly available on web
• Social engineering
– Hard to trick CSOps though
– Might be easy to impersonate CSOps!
• Key loggers
– Software and hardware versions
• Keystroke analysis
– Ok, getting obscure
Networking Refresher
• For some of you this will be boring… sorry
• The basic model:
Backbone
ISP
ISP
(not a single line these days)
LAN
LAN
user1
user2
Basic Networking
• Suppose user1 sends a UDP packet to user2,
what happens?
– What’s UDP?
• User Datagram Protocol
• Just like IP but with ports
– Well, first we need an IP address!
• What’s an IP address
• For IPv4, it’s a “dotted quad” of bytes
– Ex, 128.138.242.21
– 32 bits
• For IPv6, it’s 128 bits
– 16 bytes in hex separated by colons
Running out of IP addresses
• 232 is a lot, but we’re having problems
– A lot of hosts out there
– The class A, B, C scheme is wasteful
• Though subnetting helps
• A lot of NAT Boxing “helps”
• Since we’re getting by, it means a slower migration
to IPv6
Sending a UDP packet
• Assume IPv4
– Get IP address via DNS
• Domain Name Service
• Distributed database mapping textual names to IP
addresses
• Insecure
– DNS spoofing
– More on this later
– Ok, so we have an IP address
– And we presumably have a port #
Pack it Up!
Eth Header
IP Header
UDP Header
Src addr, Dest addr, Chksm
Src IP, Dest IP, Len, Chksm, TTL
Src Port, Dest Port, Len, Chksm
Message
Ethernet addresses
are called “MAC
addresses”
Ethernet checksum
is actually appended
to end of packet
Ethernet MTU is
1500 bytes
Routing on a Network
• Usually done via OSPF or LSP for LANs
– Open Shortest Path First, Link-State Protocol
– These protocols assume “modest sized”
networks
– A routing protocol decides how to forward
packets based on routing tables
• BGP is used on backbone
– Border Gateway Protocol
– Routes using incomplete information
Local Routing Table
• Our local routing table (on host of user1) is
not going to have a route to IP of user2
– Routing table will therefore send our packet to
the gateway
– Gateway is the machine/router on the “edge”
of the network responsible for processing all
incoming/outgoing traffic from/to the LAN
• NAT boxing, firewalling, and other stuff is usually
done here as well
Getting to the Gateway
• How to we route to the IP address of the
gateway on our local Ethernet?
– ARP (Address Resolution Protocol)
• Translates IP addresses into MAC addresses
• Caches old lookups, so we probably already have the MAC
address of the gateway
• If not, we send an ARP Request to the LAN, including the IP
address whose MAC we seek
• Owner (ie, the gateway) sends ARP Reply with his MAC
address and we cache it
– Usually, all other machines who hear the ARP Reply cache it as
well
– Leads to attacks… more later
Sending to the Gateway
• Now we have the MAC address of the gateway
– Send our packet to the gateway via the Ethernet
protocol
– This is usually done with a hardware device (network
card) which often puts the Eth header on your packet
for you, computes checksums, etc.
• Broadcasts packet, detects collisions
• Exponential backoff
• Promiscuous mode – Sniffers use this
– Works through hubs, but doesn’t work through switches on a
switched Ethernet
– You can often fool switches
Gateway Receives Eth Packet
• Strips Eth header and again tries to route
the resulting IP packet
– Looks in routing table, sends to ISP
– ISP probably routes using BGP
– Reaches other ISP
• Note that we’re using other Ethernets and similar
physical-layer protocols for each hop!
– Other ISP routes to other LAN’s gateway
• Gateway sees IP is in its range and does ARP to
route to user2
User2 Receives Packet
• User2 receives the IP packet
– Removes IP header
• No one else (is supposed to) look inside packet
until user2 receives it
• NAT boxes break this rule
• Firewalls break this rule
– See it’s a UDP packet and “sends” to proper
port
– Ports are mapped to applications via listento()
• Application receives message and processes it
Other Protocols
• We didn’t even talk about SLIP or PPP
• ATM, FDDI, Wireless
• What about DHCP?
– Dynamic IP addresses
• There is also ICMP
– Internet Control Message Protocol
– Echo (ping), traceroute
• Application Layer Protocols
– SNMP – Network Management
– SMTP – Sendmail
– POP/IMAP – Mail protocols
MTU – Maximum Transmission
Unit
• MTU for Ethernet is 1500 bytes
– If MTU is exceeded, packet is “fragmented”
– IP has support for packet fragmentation and
reassembly
– A packet is broken into as many pieces as
necessary to comply with MTU
– Fragments routed as regular IP datagrams,
independent of each other
– Reassembly done at host only
IP – Best Effort Datagrams
• IP is “best effort”
– There is no tracking of packets
– If something is dropped… oh well
– If one fragment is dropped, many transport
layer protocols (like TCP) will consider the
whole thing lost and not ACK
– This seems bad, but it’s one of the biggest
successes of IP
– UDP is IP with ports, so it too is “best effort”
TCP – Transmission Control
Protocol
• Stateful connections
– Runs over IP just like UDP, but adds more than just
ports
– Establish a connection with listen() and connect()
• IP and UDP were “stateless” protocols
– Reliable delivery
• Unlike best-effort, this protocol guarantees delivery of
packets, in proper order
• Uses sequence numbers, sliding windows, ACKs every
transmission
Crypto on a Network
• How do we do crypto on a network?
– We’ve seen application-layer examples
• SSL/TLS, SSH
• This is called “end-to-end” cryptography, meaning between
hosts
• The routers don’t care if the innermost part of each packet
(the “payload”) is ciphertext or plaintext
– IPSec
• IPSec does crypto at the network layer (the IP layer)
• Extremely well-engineered; hardly used
• We won’t study IPSec in this course
Network Security:
The Biggest Challenges
• What are the biggest problems now, today, on
the Internet
– What are the most common types of attacks?
• Viruses, worms
• Break-ins via software vulnerabilities
• Denial of Service attacks (DoS)
– And Distributes Denial of Service (DDoS)
– What about keyloggers, spyware, rootkits?
• Not as relevant to network security
• More likely to be end-results of other break-ins
– A recent virus was found to install a keylogger
Viruses (Worms)
• Today, most everyone just calls them
viruses
– Technically most are “worms”
– Worm is a self-contained propagating
program
– Viruses embed in other programs and selfreplicate
• Kind of like viruses in biology
Viruses: History
• Morris Worm, Nov 2nd, 1988
– The first worm (I know of) was the Morris worm
– Robert T. Morris, Jr.
• 23 years old
• Cornell grad student
• Father worked at the NSA (whoops!)
– Wrote a self-propagating program as a “test concept”
• Exploited Unix vulnerabilities in sendmail and fingerd
• Released at MIT
• Bug in the worm caused it to go wild
– Probably wouldn’t have caused much damage otherwise!
Morris Worm (cont)
• Shut down thousands of Unix hosts
– But this was 1988…
• Reactions
– People didn’t know what to do, so they
panicked
• Disconnected from net
• Unable to receive patches!
– Morris fined $10k, 3 yrs probation, 400 hrs
community service
– CERT was created
CERT -- They were first
• Carnegie mellon Ermergency Response Team
– But don’t expand it into an acronym
• Provide technical advice and coordinate
responses to security compromises
• Identify trends in intruder activity
• Work with other security experts to identify
solutions to security problems
• Disseminate information to the broad community
• Analyze product vulnerabilities
• Publishes technical documents
• Presents training courses
Modern Viruses
• Almost all look for Windows hosts
– Windows runs on more than 90% of desktops
these days
– A lot of hosts on cable modems
• Fast, always on
– Destructive payloads
• Wipe hard disk, eg
• Some install backdoors for later use
– All kinds of weird behaviors though
• Some innocuous
Viruses: Why?
• Who writes these things?
– Typical profile: male, teenager, geeky, smart
– Script Kiddies
• Don’t really write them, but launch them
• Sometimes make small mods and call them their own
• Scariest hackers: beyond the reach of the law
• Why?
–
–
–
–
Intellectual challenge (sigh…)
Peer recognition
Bot building (Zombie armies)
Because it’s there?