Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Linux OS : Security Aspects
Document related concepts
Transcript
Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Introduction to Network/Linux Security Christian Benvenuti International Center for Theoretical Physics (ICTP), Trieste, Italy [email protected] Overview • What is computer security? • Kind of security services one might desire • What kind of attacks should we try to protect a computer against? • What are the available protection strategies available? • What can we expect for the future? [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU What is computer security? • A computer is secure if you can depend on it and its software to behave as you expect. • If you do not know what you are protecting, why you are protecting it, and what you are protecting it from, your task will be rather difficult! [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Kind of security one might desire • • • • • • [email protected] Authentication Confidentiality (Privacy) Integrity Availability Non-Repudation Auditing Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Authentication • Authentication is the process of reliably verifying the identity of someone (or something) by means of: • • • • A secret (password [one-time], ...) An object (smart card, ...) Physical characteristics (fingerprint, retina, ...) Trust • Do not mistake authentication for authorization! [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Integrity Vs Confidentiality • Integrity • Protecting information from being deleted or altered in any way without the permission of the owner of that information. • Confidentiality • Protecting information from being read or copied by anyone who has not been explicitly authorized by the owner of that information. [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Availability If the system is unavailable when an authorized user needs it, the result can be as bad as having the information that resides on the system deleted! [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Non repudation The ability of the receiver of something to prove to a third party that the sender really did send the message. [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Auditing The ability to record events that might have some security relevance. In such cases, you need to determine what was affected. In some cases, the audit trail may be extensive enough to allow “undo” operations to help restore the system to a correct state. [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU What kind of attacks should we try to protect a computer against ? • Physical Security • Lockers, BIOS, weather, ... • Personnel security • Operating System security • Network security [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Personnel security • All the security violations have one common characteristic: • They are caused by people! • Training, Auditing, Least Privilege, ... [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Operating System Security (1/3) • To fix bugs into applications/O.S. takes longer than writing the applications/O.S. themselves. • What does it mean !?!?!? [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Operating System Security (2/3) • Users, Groups and Passwords • Shadow suite • The root account needs special care • Securetty, wheel, “su” restrictions • Variable delay on failures (denial, ...) • Restricted shells • Linux (UNIX) filesystem • • • • • Restricted filesystem Access control lists (ACLs) Append only / Immutable files Permissions SUID/GUID files (scripts) [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Operating System Security (3/3) Auditing & Logging [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Some of the most common network services • • • • • • • • • [email protected] DNS Apache NFS NIS/NIS+ Samba Telnet FTP Mail ... ... ... Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Network Security: common attacks • Interception • Modification • Intrusion • Modification, Fabrication • Denial of service • Interruption • Information theft [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Security tools • Cryptography • • • • Symmetric Vs Asymmetric (Certificates ...) Kerberous Vs Secure RPC SSL (Secure Socket Layer) / SSH (Secure shell) IP Sec • Firewalls & Proxyes • Ipchains/Iptable ... • TCP Wrappers + UDP Relayers • Pluggable Authentication Module • It is a suite of shared libraries that enable the local system administrator to choose how applications authenticate users • Kernel Level Security • Log files (/var/log/*) [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Cryptography: the solution for privacy The security is based on the secrecy of the key and sometimes of the alghoritms too. [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Cryptography Symmetric Vs Asymmetric • Symmetric (Character based Vs Key based) • The same password is used to both encrypt and decrypt • Faster algorithms • PROBLEM: key management is not easy • Asymmetric (also called pubblic key algorithms) • The password used to encrypt is different from the one needed to decrypt • More secure • It allows to have non-repudiation [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Data Encryption Standard (DES) • • • • • It is a symmetric algorithm Designed by IBM for the U.S. Government in 1977 It is based ona 56 bit key (why only 56?) Hardware Vs Software implementation How secure is DES? • How much would a Des-Breaking engine would cost? • Is it possible to make DES harder to break in? • How does it work? [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU RSA (Rivest, Shamin, Adleman) • It is an asymmetric algorithm • Variable Key Lenght (512 default) • It is based on the fact that it is VERY hard (impossible?) to factor a big number in a reasonable amount of time • It has NOT been demonstrated to be safe, but ... [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Secure Shell (ssh) • It is a secure protocol for secure remote login over an insecure network • It can provide: • Multiple strong authentication methods • Authentication of both ends of connection • Pubblic key – Password – Host • Encryption and compression of data • Tunnelling and encryption of arbitrary connections • Negotiations [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Secure Socket Layer (SSL) • It is a protocol developed by Netscape for secure transactions across the Web • It is based on a public encryption algorithm • There are free SSL implementations • Many servers have not SSL built in, and there is a reason for that! [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Security of cryptographic algorithms • Let us define the lifetime of an information as the amount of time the information should be kept secret. • An encryptioncan cab be considered secure if the time to break it (for ex. with a brute force attack) is reasonably longer than the lifetime of the information contained in the plain text. Length of the key on bits (estimated in 1995, Applied Cryptography) Cost 40 56 64 80 112 128 $ 100K 2.00 s. 35 h. 1 y. 70,000 y. 1014 y. 1019 y. $ 1M 0.20 s. 3.5 h 37 d. 7,000 y. 1013 y. 1018 y. $ 10M 0.02 s. 21 min. 4 d. 700 y. 1012 y. 1017 y. [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Wrappers • Main idea: • Limit the amount of information reaching a network-capable progam/application. • Why should we use wrappers? • Two common wrappers: • TCP Wrapper • Socks [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU What can you do with the TCP-Wrapper? • • • • • • • • Remote warning banner Double reverse lookup of the IP address Access Control List (/etc/hosts.allow + /etc/hosts.deny) Identd protocol Advanced use of the Syslog logger Run a command Additional wrappers PROCESS OPTION [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU TCP-Wrapper: downside • Poor UDP handling • IP Spoofing • The destination IP address is not used [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Socks • It is a system that allows computers behind a firewall to access services on the Internet (Only TCP based services) [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Firewall (1/3) The goal is to reduce the risk of a security attack from the outside. [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Firewall: Bastion Host [email protected] (2/3) Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU Firewall: Packet filtering [email protected] (3/3) Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU References The pictures have been taken from this book: • Practical Unix & Internet Security, 2nd edition, O’Reilly & Associates (1996) [email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU
