Transcript document

SNMPv3
Wes Hardaker
Network Associates Laboratories
6 August 2002
[email protected]
Overview
• About SNMP in General
• SNMPv3 Architecture Breakdown
• User Based Security
• View Based Access Control
• Future of SNMP
• Summary & Questions
Page 1, Aug 6, 2002
CERT Conference 2002: SNMPv3
Author’s Background
• Past:
– Lead developer of the Net-SNMP open source project
– Developer of the OpenSNMP toolkit
• Present:
– Project lead in a scalable IPSec policy management system
build on top of SNMPv3.
• Future:
– Participating in various IETF working groups responsible for
continuing development of SNMP technologies.
• Apologetic:
– Not all the slides in this presentation are in your hand out.
– http://www.net-snmp.org/presentations/snmpv3/
Page 2, Aug 6, 2002
CERT Conference 2002: SNMPv3
About SNMP
“Simple Network Management Protocol”
-- RFC 1157
“SNMP: Can I buy a vowel?”
--Harrie Hazewinkel
Page 3, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Overview: What is SNMP?
• Treats the network as a distributed database
Computer
Management
Station
Router
Page 4, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Database example: netsh
netsh> select ifIndex, ipAdEntIfIndex, ifDescr,
ipAdEntAddr, ifOperStatus
from ifTable, ipAddrTable
where ifIndex = ipAdEntIfIndex
+-------+--------------+-------+-----------+------------+
|ifIndex|ipAdEntIfIndex|ifDescr|ipAdEntAddr|ifOperStatus|
+-------+--------------+-------+-----------+------------+
|
1|
1|
lo|
127.0.0.1|
up|
|
2|
2|
sit0|
0.0.0.0|
down|
|
3|
3| vmnet1|172.16.80.1|
up|
+-------+--------------+-------+-----------+------------+
Page 5, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Overview
• Network monitoring and Information Collection
GET: What is in your routing table?
Page 6, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Overview
• Network Configuration
SET: Add a route to your routing table
Page 7, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Overview
• Alarms and Event conditions
TRAP or INFORM: HELP!!!!
Page 8, Aug 6, 2002
CERT Conference 2002: SNMPv3
Terminology
• SNMP: the protocol itself
• MIB: the specification defining a particular
piece of data to be transferred over SNMP
• SMI: the language a MIB is written in
– It is not ASN.1, contrary to what many people think.
• OID / “Object Identifier”: A hierarchical naming
scheme using number assignment.
– .1.3.6.1.2.1.1.4.0 = You (the system contact for a device)
– .iso.org.dod.internet.mgmt.mib-2.system.sysContact.0
Page 9, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Standards Timeline
• SNMPv1 created in 1988
– Officially a “Full Standard”
• SNMPv2c added a few things in 1996
– SNMPv2c MSG Format classified as experimental
– PDUs, etc, classified as a “FULL Standard”
• SNMPv3 added security in 1999
– Currently a “Draft” standard
– Approved as a “Full Standard”, but not published yet
• SNMPv2p, SNMPv2u, SNMPv2*:
– secure protocol versions that didn’t make the cut.
Page 10, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv1 and SNMPv2c message format
SNMPv1/SNMPv2c Message {
version
snmpv1=0 snmpv2c=1
community STRING
PDU (operation) {
request-id
INTEGER
error-status
INTEGER
error-index
INTEGER
variable-bindings {
OID, VALUE
…
}
}
}
Page 11, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv1 and SNMPv2c problems
• Community strings for authentication
== Clear Text Passwords
• Community strings also used for “context”
– Accessing data in a certain “context” is difficult
• No Standardized Method for Access Control
– No consistent method to configure communities across a
network of many devices.
– Most were devices manually configured, or worse, left
with their default settings intact.
 kingdom keys:“public”, “private”
Page 12, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv1 example:
% snmpget -d -v 1 -c public localhost sysUpTime.0
Sending 43 bytes to 127.0.0.1
0000: 30 29 02 01
00 04 06 70
75 62 6C 69
63 A0 1C 02 0).....public ..
0016: 04 2C 78 27
BC 02 01 00
02 01 00 30
0E 30 0C 06
0032: 08 2B 06 01
02 01 01 03
00 05 00
.,x'¼......0.0..
.+.........
Received 45 bytes from 127.0.0.1
0000: 30 2B 02 01
00 04 06 70
75 62 6C 69
63 A2 1E 02
0+.....public¢..
0016: 04 2C 78 27
BC 02 01 00
02 01 00 30
10 30 0E 06
.,x'¼......0.0..
0032: 08 2B 06 01
02 01 01 03
00 43 02 11
0F
.+.......C...
sysUpTimeInstance = Timeticks: (4367) 0:00:43.67
Page 13, Aug 6, 2002
CERT Conference 2002: SNMPv3
Goals behind SNMPv3
• Security
• Security
• Security
• Provide modularity in the architecture
– Replacing new elements in the future should be easier.
– Modularity = many IETF RFCs
• Separate “context” of the request from the
authentication
Page 14, Aug 6, 2002
CERT Conference 2002: SNMPv3
Aside: CERT Advisery CA-2002-03
• SNMP uses BER encoded packets.
• BER has a bunch of flexible rules which
allow strangely encoded, but legal packets.
• The failing was in the parsing of the BER
encoding, NOT in the SNMP protocol.
– SNMPv1 was the only packet format tested.
– It’s likely most vendors also fixed SNMPv3 parsing too.
– The university that produced the results has been
testing various BER-based protocols.
 Started with LDAP.
 Next? Only they know. Kerberos?
Page 15, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3 Architecture
“The architecture is designed to be modular to allow the
evolution of the Framework over time.”
-- RFC 2570 & RFC 2571
Page 16, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3: Standards Breakdown
• RFC2570:
SNMPv3 Overview
• RFC2571:
Architecture
• RFC2572:
Message Processing
• RFC2573:
Applications
• RFC2574:
User-based Security Model
• RFC2575:
View-based Access Control Model
• RFC2576:
v1/v2c/v3 Coexistence / Transition
• RFC2578-80:
SMIv2 -- Language of the MIBs
• RFC1157:
SNMPv1
• RFC1901,5:
SNMPv2
• ...
Page 17, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3: Framework Architecture
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 18, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3: Framework Architecture
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 19, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3: Applications (RFC 2573)
• Application “types” have been formally defined:
– CG:
Command Generator
(was: Manager)
– CR:
Command Responder
(was: Agent)
– NG:
Notification Generator
– NR:
Notification Responder
– PF:
Proxy Forwarder
(not shown in diagram)
• An application can be of multiple types
– An agent is typically a CR and a NG
– A mid level manager is likely a CG, CR, NG, and NR
 (and maybe a PF)
Page 20, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3 Protocol Packet Breakdown
SNMPv3Message {
Version
HeaderData {
msgID
MaxSize
Flags
SecurityModel
}
UsmSecurityParameters STRING {
AuthoritativeEngineID
AuthoritativeEngineBoots
AuthoritativeEngineTime
UserName
AuthenticationParameters
PrivacyParameters
}
ScopedPduData {
contextEngineID
contextName
PDU
}
INTEGER
(snmpv3 = 3)
Dispatcher
INTEGER
INTEGER
STRING
INTEGER
(USM = 3)
MSG Processor
STRING,
INTEGER
INTEGER
STRING
STRING
STRING
STRING,
STRING,
SNMPv2 PDUs
Security Model
Application
}
Page 21, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMP Overview
• Network monitoring and Information Collection
GET: What is in your routing table?
RESPONSE: It’s …
Page 22, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3 Example: Generating a Request
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 23, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3 Example: Receiving a Request
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 24, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3 Example: Generating a Response
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 25, Aug 6, 2002
CERT Conference 2002: SNMPv3
SNMPv3 Example: Receiving a Response
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 26, Aug 6, 2002
CERT Conference 2002: SNMPv3
Architecture Components
“The major portions of the architecture are an SNMP engine
containing a Message Processing Subsystem, a Security
Subsystem and an Access Control Subsystem, and possibly
multiple SNMP applications which provide specific functional
processing of management data..”
-- RFC 2571
Page 27, Aug 6, 2002
CERT Conference 2002: SNMPv3
The Dispatcher
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 28, Aug 6, 2002
CERT Conference 2002: SNMPv3
The Dispatcher (RFC 2572)
• The simplest component of the architecture
• Directs packets to and from the other elements:
– Application or agent
 CG, CR, NG, NR
– The Network (through the appropriate transport layer)
– The correct message processor
• Makes it’s decision based on:
– What component sent it
– What protocol version is being sent
– What type of PDU is being sent
• Knowledge of it not required by the typical user
Page 29, Aug 6, 2002
CERT Conference 2002: SNMPv3
The Message Processor
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processor
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 30, Aug 6, 2002
CERT Conference 2002: SNMPv3
The SNMPv3 Message Processor (RFC 2572)
• Encodes and decodes the majority of the packet
• Handles errors and exceptions
– Message too big to fit in a packet
– Parse errors are detected
– ...
• Passes to appropriate security model for
authentication and encryption support.
– (Currently, the only defined security model is the USM)
• Knowledge of it not required by the typical user
Page 31, Aug 6, 2002
CERT Conference 2002: SNMPv3
Security Model
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 32, Aug 6, 2002
CERT Conference 2002: SNMPv3
Security Model
• Authenticates packets to ensure/verify origin
– Current authentication methods
• Provides message encryption/decryption support
– The ScopedPDU can be protected by encryption
• Makes it’s decisions based on packet data:
– EngineID, Engine Boots, Engine Time
– User Name
– Authentication field
– Privacy field
• Currently only one standard security model exists
– The “User Based Security Model”, or USM
Page 33, Aug 6, 2002
CERT Conference 2002: SNMPv3
User Based Security: USM (RFC 2574)
• The User Based Security model provides:
– Authentication via MD5 or SHA1 hash
 The hash verifies the authenticity of the entire v3 message.
 Modified or forged packets will be rejected
– Encryption via DES encryption
 The ScopedPDU is encrypted (basically, the payload)
– 3 levels of security: noAuthNoPriv, authNoPriv, authPriv
• It does not provide protection against:
– Denial of Service
– Traffic Analysis
Page 34, Aug 6, 2002
CERT Conference 2002: SNMPv3
USM: About EngineIDs, etc...
• EngineIDs are:
– A unique “string” of data
– Generally defined from one of:
 IPv4 address
 IPv6 address
 MAC address
 Administratively defined strings
 Implementation dependent
• EngineBoots: number of reboots
• EngineTime: Time since last initialized
• Information is automatically probed by protocol.
Page 35, Aug 6, 2002
CERT Conference 2002: SNMPv3
USM: A User is...
• A USM User is defined by:
– The EngineID of the authoritative engine
– The SecurityName of the user (i.e., user name)
– The authentication type (MD5 or SHA1) and key
– The privacy type (DES) and key
• A user is modifiable via SNMP SET operations:
– Authentication and privacy keys can be changed.
– Encryption types and authentication types can not be
changed without deleting and recreating the user
Page 36, Aug 6, 2002
CERT Conference 2002: SNMPv3
USM: The Authoritative Engine
• Only one side of a transaction is “authoritative”
– Authoritative side == where the master user key exists
– Typically this means: the SNMP agents are authoritative
– The authoritative side is defined by whether the packet being
sent is expecting a response or not.
 An odd effect of this is:
 The engine receiving SNMPv3 INFORMs, which expect
a “I got it” response, are authoritative.
 The engine sending SNMPv3 TRAPs, which don’t
require a response, are authoritative.
 Ick.
Page 37, Aug 6, 2002
CERT Conference 2002: SNMPv3
USM: Keys
• USM Keys used to authenticate and encrypt
messages are generated:
– A password hashed using the authentication algorithm
(maybe)
– The resulting hash is then re-hashed after mixing it with
the authoritative engineID.
• This means:
– All user keys are different on each host
– Pro: A cracked system’s keys can’t be used to gain
access to other systems.
– Con: Distributing keys to many systems is difficult
Page 38, Aug 6, 2002
CERT Conference 2002: SNMPv3
USM: Keys
Management
Password
Application
Ku: Master Key
Kul1: Local Key 1
Page 39, Aug 6, 2002
Kul2: Local Key 2
Kul3: Local Key 3
CERT Conference 2002: SNMPv3
USM: The math behind the keys
PassLong = repeat(password) till 1Mb long
Ku = hash(PassLong)
Kul = hash(Ku | authEngineID | Ku)
• Notes:
– Passwords must be at least 8 characters long
– Ku need not be generated from a password, but can be
generated randomly instead.
 Protects against brute-forcing low entropy passwords
– Hash is currently one of: MD5, SHA1
Page 40, Aug 6, 2002
CERT Conference 2002: SNMPv3
Access Control
Application
or Agent
CG
CR
NG NR
Access Control
VACM
...
UDP
TCP
Security
Message
Processing
Dispatcher
SNMPv3 MP
User-based (USM)
SNMPv1
Kerberos
...
...
...
Network
Page 41, Aug 6, 2002
CERT Conference 2002: SNMPv3
Access Control
• Decides if a particular “object instance” may be
accessed or not.
• Consulted by the CR and NG application types
• Currently, only one access control model exists:
– The View-Based Access Control Module (VACM)
Page 42, Aug 6, 2002
CERT Conference 2002: SNMPv3
View Based Access Control (RFC 2575)
• Bases access control decisions on:
– Operation type (read, write, notify)
– Security model
– User performing the action
 Users are placed into a “group” and the groups are
assigned the rights, not the user.
– Security level of the transaction (authenticated? encrypted?)
– Object OID being accessed (and the context information)
– OID ranges are “included” or “excluded” from view
• I wish:
– Value of the object being accessed
– Users could be assigned to multiple groups (unix-like)
Page 43, Aug 6, 2002
CERT Conference 2002: SNMPv3
VACM: Access based on OID tree
1
2
3
2
1
Include
.1.2
Exclude
.1.2.2
Include
.1.2.2.3
4
Objects “excluded” are
simply “not visible”
1
2
3
1
2
3
Simple Wild-carding
not shown, but possible
Page 44, Aug 6, 2002
CERT Conference 2002: SNMPv3
The Future of SNMP
• Other security work:
– AES encryption for the USM
– USM alternatives: kerberos, …
• New protocol PDU operations (EoS WG):
– Better bulk retrieval
– Better write transaction handling
– Better data compression
– Easier row operations (creation, deletion, …)
• A new SMI (SMIng WG):
– Hierarchical Data Definition Language
– Easier to write
– Easier to read
Page 45, Aug 6, 2002
CERT Conference 2002: SNMPv3
Summary
• SNMPv1, v2c:
bad, no security
• SNMPv3:
better, has security
• Start switching to SNMPv3 now.
– Almost FULL standard
– Most vendors support it
• SNMPv3 is modular in design
Page 46, Aug 6, 2002
CERT Conference 2002: SNMPv3
Conclusion
Questions?
Wes Hardaker <[email protected]>
Page 47, Aug 6, 2002
CERT Conference 2002: SNMPv3