Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Deep packet inspection wikipedia , lookup
Network tap wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Wireless security wikipedia , lookup
Computer security wikipedia , lookup
Security Computer Networks Spring 2000 John Kristoff 1 What to Protect Confidentiality snooping encryption Integrity deletion, changes backups Authentication are who you say you are Nonrepudiation no denying it Access Control don’t touch that! Availability denial of service attacks Spring 2000 John Kristoff 2 Most Importantly Protect your reputation Spring 2000 John Kristoff 3 Good Books Network Security: PRIVATE Communication in a PUBLIC World. Kaufman, Perlman and Speciner. Cryptography and Network Security: Principles and Practice. Stallings. Spring 2000 John Kristoff 4 Where to Put the Protection? Spring 2000 John Kristoff 5 Host Based Security Recall End-to-End Argument Security is ultimately a host problem Key idea: protect the DATA End hosts are in control of data Users are in control of end hosts Users can and often will do dumb things Result: very difficult to protect all hosts Spring 2000 John Kristoff 6 Network Based Security Should augment host based security Useful for Protecting groups of users from others Prohibiting certain types of network usage Controlling traffic flow Difficult to inspect traffic encryption can hide bad things tunneling can mislead you Spring 2000 John Kristoff 7 Perimeter Security Boundary between a trusted internal network and a hostile external network Spring 2000 John Kristoff 8 Internal Security Most often ignored Most likely the problem Disgruntled employee Curious, but dangerous employee Clueless and dangerous employee Spring 2000 John Kristoff 9 Security by Obscurity Is no security at all. However It’s often best not to advertise unnecessarily It’s often the only layer used (e.g. passwords) Probably need more security Spring 2000 John Kristoff 10 Layered Defenses The belt and suspenders approach Multiple layers make it harder to get through Multiple layers take longer to get through Basic statistics and probability apply If Defense A stops 90% of all attacks and Defense B stops 90% of all attacks, you might be able to stop up to 99% of all attacks Trade-off in time, money and convenience Spring 2000 John Kristoff 11 Physical Security Trash bins Social engineering It’s much easier to trust a face than a packet Protect from the whoops power spills the clumsy software really can kill hardware Spring 2000 John Kristoff 12 Packet Filtering Firewalls Apply rules to incoming/outgoing packets Based on Addresses Protocols Ports Application Other pattern match Spring 2000 John Kristoff 13 Packet Filtering Firewall Illustrated Spring 2000 John Kristoff 14 Example Firewall: ipchains -A input -s 192.168.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 -j DENY -A input -s 172.0.0.0/255.240.0.0 -d 0.0.0.0/0.0.0.0 -j DENY -A input -s 10.0.0.0/255.0.0.0 -d 0.0.0.0/0.0.0.0 -j DENY -A input -s 224.0.0.0/224.0.0.0 -d 0.0.0.0/0.0.0.0 -j DENY -A input -s 0.0.0.0/0.0.0.0 -d a.b.c.d/255.255.255.255 22:22 -p 6 -j ACCEPT -A input -s 0.0.0.0/0.0.0.0 -d a.b.c.d/255.255.255.255 1024:65535 -p 6 ! -y -j ACCEPT Spring 2000 John Kristoff 15 Example Firewall: Cisco Router Filters access-list access-list access-list access-list access-list access-list access-list access-list access-list access-list access-list access-list access-list access-list Spring 2000 100 100 100 100 100 100 100 100 100 100 100 100 100 100 deny deny deny deny deny deny deny permit permit deny deny deny permit deny ip 192.168.0.0 0.0.255.255 any ip 172.0.0.0 0.15.255.255 any ip 10.0.0.0 0.255.255.255 any ip 0.0.0.0 0.255.255.255 any ip 127.0.0.0 0.255.255.255 any ip 224.0.0.0 31.255.255.255 any ip 1.2.0.0 0.0.255.255 any tcp any host 1.2.3.4 eq domain udp any host 1.2.3.4 eq domain tcp any host 1.2.3.5 eq telnet log tcp any host 1.2.3.6 eq syn log ip any host 1.2.3.4 ip any 1.2.0.0 0.0.255.255 ip any any John Kristoff 16 Encryption Make a readable message unreadable Math intensive Plain text versus cipher text Algorithms and keys public private key size Spring 2000 John Kristoff 17 Encryption? #include<stdlib.h> #include<stdio.h> main(I,O,O0,OO,l) int I,O0,OO,l; char **O; { return !!I>=I?!I>=I?!!~I>=~I?!~I>=~I?!OO?!I:OO%2? OO=main(I,O,O0,OO>>!!OO,l), OO=main(I-!I-!!I,O,OO,OO,l), OO=main(I-!I-!!I,O,O0,OO,l), !(OO-!I||I)?l-1:OO :(OO=main(I,O,O0,OO>>!!OO,l), !(OO-l+!I||I)?l-1:main(I-!I-!!I,O,OO,OO,l)) :(O0+OO)%l :main(I-I/I-I/I,O,O0,OO+OO/OO, main(0,O,O0,OO,I-I-I)+I+1?1:printf("%d ",I-I-I)+fflush(stdout)) :main(I-I-I-I-I,O,I+I-I+I,I,0) :main(~!!I-!!I,O,atoi(1[O]),1,atoi(0[O])); } Spring 2000 John Kristoff 18 Shared Secret Key Each party knows a secret The secret is used to decrypt the cipher text Book: Ulysses Page: 7 Line: 23 Word: 4 Must know the book and keep it a secret Spring 2000 John Kristoff 19 Shared Secret Key Illustrated Spring 2000 John Kristoff 20 Public Key Cryptography Public Key Everyone can use it to encrypt messages to you Private Key Only you know this key and only it decrypts messages encrypted with your public key Keyring Spring 2000 John Kristoff 21 Public Key Illustrated Spring 2000 John Kristoff 22 Denial of Service (DoS) Prevents or impairs standard service SYN flooding SMURF attacks Distributed Denial of Service (DDoS) Most effective when source address can be spoofed Difficult problem to solve Spring 2000 John Kristoff 23 Example Denial of Service Illustrated Spring 2000 John Kristoff 24 Example Distributed Denial of Service Illustrated Spring 2000 John Kristoff 25 Buffer Overflows and Weak Validation of Input Key idea: overwriting the something on the stack Popular exploits with CGI scripts Regular users can gain root access If exploit on TCP/UDP service, remote root can be accomplished Spring 2000 John Kristoff 26 Session Hijacking If you can predict sequence numbers and spoof the source address, you might be able to pretend to be one end of the session. It helps if you can keep one end of the session busy while you’re hijacking. Spring 2000 John Kristoff 27 Session Hijacking Illustrated Spring 2000 John Kristoff 28 Password Cracking Very common today If attacker can get a hold of the password file, they can go offline and process it Recall passwords are a form of obscurity multiple defenses may be needed A good password selection strategy Spring 2000 John Kristoff 29 Viruses and Worms Programs written with the intent to spread Worms are very common today Often email based (e.g. ILOVEYOU) Viruses infect other programs Code copied to other programs (e.g. macros) All require the code to be executed Proves users continue to do dumb things SpringSometimes 2000 John Kristoff software is at fault too 30 Example: Securing Routers ! version 12.0 service tcp-keepalives-in service timestamps debug datetime msec localtime service timestamps log datetime msec localtime service password-encryption clock timezone cst -6 clock summer-time cdst recurring no ip source-route no ip finger no ip bootp server ! interface FastEthernet1/0 description backbone router ip address a.b.c.d 255.255.255.0 ip access-group 100 in no ip unreachables no ip directed-broadcast no cdp enable Spring 2000 John Kristoff 31 Example: Securing Routers [continued] router rip passive-interface Serial1/0 network a.b.0.0 distribute-list 1 in Serial2/0 logging logging logging logging logging history warnings trap debugging facility local7 source-interface Loopback0 a.b.c.d access-list access-list access-list access-list access-list Spring 2000 1 deny any 10 permit a.b.c.0 0.0.0.255 10 deny any 100 permit tcp a.b.0.0 0.0.255.255 any eq telnet log 100 deny ip any any log John Kristoff 32 Example: Securing Routers [continued] snmp-server community password RO 10 snmp-server location computing center snmp-server contact Network Administrator banner motd^C This host is to be used by authorized personnel only!^C ! line vty 0 4 exec-timeout 0 5 access-class 100 in password 7 823442561E01034A12 login transport input telnet ssh ! ntp source Loopback0 ntp server a.b.c.d end Spring 2000 John Kristoff 33 Example: Securing UNIX Remove unnecessary UDP/TCP servers Startup scripts in /etc/rc.d directories /etc/inetd.conf Use secure versions of servers ssh tcpwrappers Many useful tools available Tripwire, IP Filter, ipchains, lsof, tcpwrappers, etc... Spring 2000 John Kristoff 34 Example: Securing Windows Disable file/printer sharing Use virus protection software Keep current on latest service packs Disable unnecessary protocols Spring 2000 John Kristoff 35 Network Address Translation NAT is a hack! Provides some level of security, but with a great deal of cost If security is the only goal, avoid NAT NAT has been required for sites with IP address allocation problems RSIP may get NAT users back on track Spring 2000 John Kristoff 36 NAT Illustrated Spring 2000 John Kristoff 37 Virtual Private Networks Spring 2000 John Kristoff 38 Key Idea A session between two endpoints that is secured from eavesdroppers and all threats on the network in between, usually through the use of encryption technology. Spring 2000 John Kristoff 39 Why Is This Worthwhile? Cost, Cost, Cost! Ability to make use of a public, insecure network, rather than building your own private, secure network Spring 2000 John Kristoff 40 Challenges Increased overhead Complexity Performance Quality Management Spring 2000 John Kristoff 41 Oh, and One More Thing Spring 2000 John Kristoff 42 Some Terms/Technology Thrown Around with VPNs IPsec PPP/PPTP/L2TP/L2F CHAP, PAP Encapsulation Tunneling AAA RADIUS/TACACS/TACACS+ Firewalls Spring 2000 John Kristoff 43 Security Tools ssh TripWire tcpwrappers IP Filter, ipchains nmap tcpdump, windump syslog ntp Spring 2000 snort logcheck, swatch crack, l0pftcrack kerberos PGP kerberos S/MIME SSL John Kristoff 44 Final Thoughts Network Address Translation Think about long term implications Security as a end-to-end problem Java, Javascript and ActiveX Certificates Intrusion Detection Spring 2000 John Kristoff 45