Internet Attacks: The Gory Details Bill Cheswick - PowerPoint PPT Presentation

1 / 164

About This Presentation

Title:

Internet Attacks: The Gory Details Bill Cheswick

Description:

Internet Attacks The Gory Details 2 of 172 ... Port scanners. Easy to write. Half-open (SYN-only) scanners often don't show up in logs ... – PowerPoint PPT presentation

Number of Views:205

Avg rating:3.0/5.0

Slides: 165

Provided by: billch

Category:

more less

Transcript and Presenter's Notes

Title: Internet Attacks: The Gory Details Bill Cheswick

1
Internet Attacks The Gory DetailsBill Cheswick

ches_at_lumeta.com

2
(No Transcript)
3
Some Internet BasicsInternet communication
Client
Server
Application level
TCP/UDP
IP
Hardware
Internet
4
Some Internet BasicsInternet communication
Client
Server
Application level
TCP/UDP
IP
Hardware
Internet
5
Some Internet BasicsInternet communication
6
Application level

Talks to a host with some protocol
Examples
SMTP, POP3, IMAP (mail)
telnet, rlogin (login)
HTTP (web access)
DNS (name service)
RIP, BGP4, OSPF (routing)
NFS, SMB (network file access)
Any one can invent a new protocol between two
hosts.

7
TCP

TCP supplies a reliable connection to the other
end
Sets up circuit between client and server
Breaks a stream of data into packets
Reassembles packets into a stream
Services 1 - 65535

8
UDP

Connectionless messages
No error correction
No flow control
Suitable for some network services that dont
have to be reliable, like voice
Services are numbered
1-65535
As a rule, its connectionless-nature makes it
dangerous

9
IP

Packets have limited sizes
May be dropped in transit if congestion
May arrive out of order
May be duplicated
Addressing by IP number
Currently using IP Version 4
Version 6 is dubious
IP/SEC gives authentication and/or encryption
May be tunneled

10
ICMP

Provides various controls and auxiliary
functions
ping
ping replies
TTL time exceeded
source quench (TCP only)
net unreachable
host unreachable
packet filtered

11
TCP/IP stack is hard to do

25,000 lines of code is typical
RFCs dont give all the details
It takes practice and experience to get it right
Learning curve is still evident in Linux and
Microsoft

Usually kernel-level code debugging is tedious
Hard to debug error states in a protocol
crashme attacks
send random packets with valid checksums
IP options
TCP reassembly

12
Hardware level

Sniffable if on same net.
There are attacks that fiddle at this level

Ethernet, ATM, wireless
13
InternetWeaknesses
14
The Internet

Ad hoc collection of TCP/IP interconnections
No real central authority
No central knowledge of connections
maybe flows, but not yet
No per-packet billing, in most places
Core equipment too busy to help law enforcement
Large perimeters are impossible to control

15
Remote Attacks, and anonymity, are easy

Attacks can be laundered through many hosts
around the world
brief attacks are hard to track down
the average defender is clueless

16
Traceback can be very hard

clueless ISPs
ignorant law enforcement
treaties with foreign countries
may not be against the local law

attacker may cease attack before traceback is
completed

17
Monoculture

Small set of target types and versions
Microsoft OS and applications
Apache
Samba
DNS
Cisco IOS
Like planting Kansas with a single strain of
wheat, or vineyards with a single root stock

18
Attacking scripts are published and shared

Loners develop attack software for the rest of us
Hacking FAQs are common
Software tools are easily available
look up rootkit
Script kiddies are a major source of current
Internet attacks

19
Unsafe Services

Useful
Poorly written
Poor auditing
Found in most hosts
Safer services and protocols are rare
Vendors sell flawed software
Users dont fix holes
Host-based security is usually broken

Security requires discipline not found in market
leaders
And often not found in open source software either

20
Unsafe ServicesSome Typical Errors

Unchecked user input submitted to the shell or
Perl
wildcard and escape characters take over the
process
CGI scripts
Secret options, commands, or back doors
DEBUG and others in sendmail

Input string length is not checked
string buffer overrun corrupts stack
strcpy, gets, sprintf
caller supplies assembly code, and jumps to it
finger (Morris worm)
early Netscape
statd (latest)

21
Unsafe Services Privileged programs are much too
large

Sendmail is tens of thousands of lines of complex
code, running as root.
Netscape browser/communicator is huge
Operating systems are huge
Windows
Unix
Features are never retired, only added
A short, simple program is hard to get right

22
Unsafe Protocols

Passwords transmitted in the clear
Challenge/response is better, though subject to
dictionary attacks
EKE can hide this
Machine generated passwords are better, but
require devices or printouts
Address-based authentication
Can be OK in controlled environments
DNS and routing attacks can fool these

23
Weakest Link Compromisesmany targets

Vulnerabilities are common in network services
One break-in compromises
the rest of the host
the hosts net (via sniffers)
trusting hosts

non-vital targets may be vital

24
How Do They Find Dangerous Ports?

Port scanners
Easy to write
Half-open (SYN-only) scanners often dont show up
in logs
Harder to scan for UDP services, but not by much
Firewalking can scan through a firewall
Uses packets that a firewall often admits, such
as ICMP or TCP SYN/ACK

25
Attacks

Stack Smashing

26
Programs dont check their input

Routines like gets, strcpy, and sprintf, which
are inherently dangerous
If input length is too long, it can overwrite
memory in C, overwriting variables and subroutine
return addresses.
Every piece of external data must be checked
before it is used.
It doesnt hurt to check internal stuff, too
assert.h
CPU time is cheap

27
A Stack before a procedure call
Variables
28
A Stack while a procedure is running
Where to go after the procedure is finished
29
A Stack while a procedure is running
Input line goes in here
30
A Stack while a procedure is running
Input line goes in here
31
Stack smashing attack
New return address, points to...
32
Stack smashing attack
new code loaded in some space on the stack
The code runs with the privileges of the
attacked program, usually root
33
Some former victims of stack-smashing attacks

Fingerd (Morris worm)
sendmail
syslogd
rstatd
early Netscape browsers
file names in attachments to mail
sshd

IIS web server

34
Attacks

Portable Programs

35
Dangerous servicesportable programs

JAVA
ActiveXHHHHHHHCOMXHHHHSOAP
Viruses
PC
Word
Excel

36
Where do Programs Run?
37
Where do Programs Run?
This model is wrong!
38
Applets run in an incompletely-defined
environment
Kernel
Program
39
Javas sandbox

Is incompletely defined
Can be different for each vendor
Often optimized for speed, not security

Allows native methods, which can break the
security model
ActiveX
like Java, but no sandbox at all

40
Attacks

Sniffing attacks (eavesdropping)

41
Host withTCP Services
Client
Server
Attacker
42
Ethernet and Passwords

Was never secure from eavesdropping
Sniffing tools are common
grab host name, user name, and password
check any hacker collection
Credit card numbers are easy

Over 1,000,000 captured in 1994
It doesnt matter how good your password is if it
can be sniffed!
Still in wide use - even for root!

43
Wireless passwords
44
Wireless passwords
45
Attacks

IP Spoofing a trusted host

46
IP Spoofing

Defeats address-based authentication
i.e. rlogin, rsh, tcp wrappers
Common tools available to the hackers
they dont have to be TCP/IP experts
This was used to crack Tsutomu Shimomuras
machines in Takedown.
Robert Morris Jr. wrote a paper on this in 1984
Steve Bellovin republished it in 1989
First known use in 1994

47
Normal TCP connection,initial SYN packet
Client
Server
SYN,SEQ0
48
Response to Open, connection is half open
Client
Server
SYN,SEQ0
SYN,ACK, SEQ01,SEQ0
49
Client completes handshake, TCP connection is now
open
Client
Server
SYN,SEQ0
SYN,ACK, SEQ01,SEQ0
ACK, SEQ01,SEQ01
50
IP Spoof of a Trusted Client Determine Likely SEQ0
Client
Server
Attacker
51
IP Spoof of a Trusted ClientSuppress the Trusted
Client
Client
Server
killer packet or SYN attack
Attacker
52
IP Spoof of a Trusted ClientSuppress the Trusted
Client
Client
Server
Attacker
53
Attacker opens connection from trusted client
Client
Server
SYN,SEQ0
Attacker
54
Open seems to come fromtrusted client
Client
Server
SYN,SEQ0
Attacker
55
IP Spoof of a Trusted ClientServer responds to
dead client
Client
Server
SYN,ACK, SEQ01,SEQ0
Attacker
56
IP Spoof of a Trusted ClientSpoof final open
message
Client
Server
ACK, SEQ01,SEQ01
Attacker
57
IP Spoof of a Trusted ClientOpen is complete
Client
Server
Attacker
58
IP Spoof of a Trusted ClientOpen Server to
outside access
Client
Server
evil trusted command
Attacker
59
Preventing IP spoofing

Spoofing can be stopped at the perimeter
No internal addresses accepted from the outside
Helps to have a coherent address space
A firewall can prevent access also
Address-based authentication is a BAD IDEA.

60
Attacks

TCP hijacking

61
Attacker is watching an existing connection,
perhaps through the strong authentication stage
Client
Server
Attacker
62
Kill the client connection...
Client
Server
killer packet
Attacker
63
and continue the connection
Client
Server
Attacker
64
TCP hijacking

Takes over an existing, authenticated connection
Needs access to the packet flow
Common tools are available to the hackers now
Cryptographic signatures of packets can defeat
this

65
Attacks

Denial of Service

66
Host withTCP Services
Client
Server
Attacker
67
Denial-of-service Attacks

In your face - not subtle like traditional
hacking attacks
Random packets are very hard to trace
Can go on for weeks
Attackers can exploit poor local software or...
Simply flood the sites network with incoming
packets
These attacks are always possible on a public
service

68
Attacks

Denial of Service SYN packet attacks

69
Normal TCP open
Client
Server
SYN,SEQ0
SYN,ACK, SEQ01,SEQ0
ACK, SEQ01,SEQ01
70
Normal TCP open
Client
half-open lt300ms
71
SYN Attacks

First seen at Panix.com in fall 1996
Half-open processing was implemented poorly
Quadratic behavior
Wasnt much call for improving it
Weve been expecting it
The only thing we left out of our firewalls book
Removed at the last minute
We knew of no good solution
We are sorry we left it out

A new one appeared in fall 1997
SYN with same source and destination address
kills some TCP/IP implementation
There will be more attacks on TCP/IP
implementations
lots of code involved
hard to test code in a kernel

72
Attacks

Denial of Service
Ping flood (smurf)

73
Identify ping generatornetworks
G
G
target
G
G
G
G
74
Trigger packets withspoofed return address
G
G
target
G
G
G
G
packet cannon
75
Generators flood the targetwith packets
G
G
target
G
G
G
G
packet cannon
76
Traceback

The target cannot tell where the trigger is
coming from
Attacking hosts may not know that they are being
used
Broadcast storms can generate more load

77
Attacks

DNS, routing, and infrastructure attacks

78
Routing attacksPacket Diversion and
man-in-the-middle attacks
Client
Server
Attacker
79
Routing attacksPacket Diversion and
man-in-the-middle attacks
Client
Server
(router)
Attacker
80
Routing attacksPacket Diversion and
man-in-the-middle attacks
Client
Server
(router)
Attacker
81
DNS attacks

Include an extra glue record on a DNS query
short cache time-out hides the evidence
newest bind program checks for this
DNS cache poisoning
Capture DNS server and return incorrect result
DNSSEC can fix this
going through final comments now

82
Infrastructure attacks

Our tools are still weak
authenticated SBGP4 is coming, maybe
Keep up with the latest name server
Move to secure router implementations, when
available
Question what will you do if the entire
Internet is down for a week?

83
Attacks

Social Engineering
(a.k.a. spying)

84
Social Engineering (cont.)
Click here to infect your computer.
85
Another problem with strange programs
86
Social Engineering
Hello, this is Dennis Ritchie calling. Im in
Israel now and I have forgotten my
password. Hello, ltadmin-namegt, Ive
just started work here. ltBoss-namegt said I
should have an account on lttarget-hostgt
87
Attacks

Unsafe services

88
Host withTCP Services
Client
Server
Attacker
89
Host withTCP Services
Client
Server
Attacker
90
Default servicesSGI workstation
ftp stream tcp nowait root
/v/gate/ftpd telnet stream tcp nowait root
/usr/etc/telnetd shell stream tcp
nowait root /usr/etc/rshd login stream tcp
nowait root /usr/etc/rlogind exec
stream tcp nowait root /usr/etc/rexecd
finger stream tcp nowait guest
/usr/etc/fingerd bootp dgram udp wait
root /usr/etc/bootp tftp dgram udp
wait guest /usr/etc/tftpd ntalk dgram
udp wait root /usr/etc/talkd tcpmux
stream tcp nowait root internal echo
stream tcp nowait root internal discard
stream tcp nowait root internal chargen
stream tcp nowait root internal daytime
stream tcp nowait root internal time
stream tcp nowait root internal echo
dgram udp wait root internal discard
dgram udp wait root internal chargen
dgram udp wait root internal daytime
dgram udp wait root internal time
dgram udp wait root internal sgi-dgl
stream tcp nowait root/rcv dgld uucp
stream tcp nowait root
/usr/lib/uucp/uucpd
91
More default services
mountd/1 stream rpc/tcp wait/lc root
rpc.mountd mountd/1 dgram rpc/udp wait/lc
root rpc.mountd sgi_mountd/1 stream rpc/tcp
wait/lc root rpc.mountd sgi_mountd/1 dgram
rpc/udp wait/lc root rpc.mountd rstatd/1-3
dgram rpc/udp wait root rpc.rstatd
walld/1 dgram rpc/udp wait root
rpc.rwalld rusersd/1 dgram rpc/udp wait
root rpc.rusersd rquotad/1 dgram rpc/udp
wait root rpc.rquotad sprayd/1 dgram
rpc/udp wait root rpc.sprayd
bootparam/1 dgram rpc/udp wait root
rpc.bootparamd sgi_videod/1 stream rpc/tcp wait
root ?videod sgi_fam/1 stream
rpc/tcp wait root ?fam
sgi_snoopd/1 stream rpc/tcp wait root
?rpc.snoopd sgi_pcsd/1 dgram rpc/udp wait
root ?cvpcsd sgi_pod/1 stream rpc/tcp
wait root ?podd tcpmux/sgi_scanner
stream tcp nowait root ?scan/net/scannerd tcp
mux/sgi_printer stream tcp nowait root
?print/printerd 9fs stream tcp
nowait root /v/bin/u9fs u9fs webproxy
stream tcp nowait root
/usr/local/etc/webserv
92
Some Dangerous Services

Telnet
FTP
NFS
RPC
secure RPC
rlogin/rsh/rcp
X11

DNS
(web servers)

93
Why are they insecure?telnet

Eavesdropping attacks sniff passwords
gt1,000,000 sniffed in 1994 from hacked ISPs
TCP hijacking takes over authenticated
connections strong passwords arent enough
Insecure accounts are subject to probes and use
Corruption of client host compromises the session

94
Why are they insecure?FTP

Same as telnet, plus
history of bugs in servers
setup errors for anonymous FTP
get permissions wrong
distribute the real password file to the masses
why

95
Why are they insecure?NFS

Root file handle can be sniffed
Relies on RPC software

96
Why are they insecure?RPC and secure RPC

RPC
address-based
local relay feature can obscure address
information from the server

Secure RPC
cryptographically weak

97
Why are they insecure?Rlogin, rsh, rcp

rlogin, rsh, rcp
can be hijacked
can be spoofed
use addressed-based authentication
.rhosts and /etc/hosts.equiv leak trusted host
information
.rhosts users should not be making security
policy

98
Why are they insecure?X11

Clear text leaks secrets
Cookie authentication is in the clear
Advanced authentication not widely available
xhost configuration errors
Historically, bugs in xdm

99
Why are they insecure?DNS - domain name system

Bind runs as root
it is big, and not well understood
runs on vital hosts
Cache poisoning cache wrong answers
attack address-based auth
spoof servers

100
DNS lookupA asks D for Bs IP address
D
B 1.2.3.4
cache
Server
B -gt 1.2.3.4
A
B?
Client
Attacker
101
DNS lookup D asks B (or someone who knows about
B)
D
B 1.2.3.4
cache
Server
B?
B -gt 1.2.3.4
A
Client
Attacker
102
DNS lookup B answers, D caches the answer, and
tells A
D
B 1.2.3.4
cache
Server
B -gt 1.2.3.4
B -gt 1.2.3.4
A
Client
B -gt 1.2.3.4
Attacker
103
DNS lookupA uses the answer
D
B 1.2.3.4
cache
Server
B -gt 1.2.3.4
B -gt 1.2.3.4
A
Client
X 5.6.7.8
Attacker
104
DNS lookup D remembers the answer for a given
period
D
B 1.2.3.4
cache
Server
B -gt 1.2.3.4
B -gt 1.2.3.4
A
Client
X 5.6.7.8
Attacker
105
DNS cache poisoning attackAttacker C arranges
for D to ask him a question
D
B 1.2.3.4
cache
Server
B -gt 1.2.3.4
A
X?
Client
X 5.6.7.8
Attacker
106
DNS cache poisoning attackAttacker C arranges
for D to ask him a question
D
B 1.2.3.4
cache
Server
B -gt 1.2.3.4
A
Client
X?
X 5.6.7.8
Attacker
107
DNS cache poisoning attack The attacker gives an
answer, plus
D
B 1.2.3.4
cache
Server
X -gt 5.6.7.8
B -gt 5.6.7.8
B -gt 1.2.3.4
A
Client
X 5.6.7.8
Attacker
108
DNS cache poisoning attackA gets his answer,
and uses it
D
B 1.2.3.4
cache
Server
X -gt 5.6.7.8
B -gt 5.6.7.8
B -gt 1.2.3.4
A
Client
X 5.6.7.8
X -gt 5.6.7.8
Attacker
109
DNS cache poisoning attackThe cache has an
extra answer
D
B 1.2.3.4
cache
Server
X -gt 5.6.7.8
B -gt 5.6.7.8
B -gt 1.2.3.4
A
Client
X 5.6.7.8
Attacker
110
DNS cache poisoning attackNow A asks for Bs
address
D
B 1.2.3.4
cache
Server
X -gt 5.6.7.8
B -gt 5.6.7.8
B -gt 1.2.3.4
A
B?
Client
X 5.6.7.8
Attacker
111
DNS cache poisoning attack D knows the answer
already, and returns it
D
B 1.2.3.4
cache
Server
X -gt 5.6.7.8
B -gt 5.6.7.8
B -gt 1.2.3.4
A
Client
X 5.6.7.8
B -gt 5.6.7.8
Attacker
112
DNS cache poisoning attack A uses the answer
D
B 1.2.3.4
cache
Server
X -gt 5.6.7.8
B -gt 5.6.7.8
B -gt 1.2.3.4
A
Client
X 5.6.7.8
B -gt 5.6.7.8
Attacker
113
DNS cache poisoning

Gives the wrong answer on inverse lookups,
foiling rsh, rlogin
If you connect to the wrong site they can
spoof a login, and capture passwords
spoof a web page, and give wrong answers
set themselves up for man-in-the-middle attacks,
relaying info to the real server

114
DNS cache poisoning

Older versions of bind fall for this
You can even send an answer without a query, to
some implementations!
DNS responses can be spoofed to
what if the query gets two answers use the
first?!
DNSSEC fixes this

115
Why are they insecure?Web servers

Complex, and buggy
stack smashing attacks, etc
CGI scripts it is always dangerous to add
programs

Numerous configuration options
Apache security relies on good configuration
Needs access to internal databases

116
Unsafe services SMB

Protocol uses weak authentication
samba is big I prefer using chroot

117
Unsafe services Microsoft authentication over
PPTP

Weak authentication
Probably weak encryption implementation
see Bruce Schneiers paper in ACM CCS-5

118
Other services

POP3 and IMAP
IRC - no!
Realaudio
UDP is dangerous, TCP ok
Mbone
hard to gate
some UDP implementations respond to multicast
packets

119
Exponential attacks
120
Viruses

PC viruses
there are tens of thousands of them, including
variants
defense is best made at the host, with a virus
checker
update the database often
Unix viruses
Tom duff made one
Shell viruses are easy
Unix viruses are rare!

121
Viruses

Firewalls can filter them
It seems like the right place
It requires a lot of work, and they can be hidden
Macro viruses are the most alarming
They have access to the entire PC, with a little
work

122
The Morris Worm

November 2, 1988
Spread using
fingerd (stack smashing)
sendmail (DEBUG back door)
password guessing
Poorly controlled exponential growth
A team of experts fought it quickly

123
Attacks

Unsafe programs

124
Root the gateway to privilege
find / -perm -4000 -user root -print wc -l
125
Setuid-root
AIX 4.2 242 a staggering
number \\ BSD/OS 3.0 78\\ FreeBSD
4.3 42 someone's guard
machine\\ FreeBSD 4.3 47 2
appear to be third-party\\ FreeBSD 4.5
43 see text for closer analysis \\ HPUX
A.09.07 227 about half may be
special for this host \\ Linux (Mandrake 8.1)
39 3 appear to be third-party \\ Linux
(Red Hat 2.4.2-2) 39 2 third-party
programs \\ Linux (Red Hat 2.4.7-10) 31
2 third-party programs\\ Linux (Red Hat 5.0)
59\\ Linux (Red Hat 6.0) 38 2--4
third-party \\ Linux 2.0.36 26
approved distribution for one university \\ Linux
2.2.16-3 47 \\ Linux 7.2
42\\ NCR Intel 4.0v3.0 113 34
may be special to this host \\ NetBSD 1.6
35 \\ SGI Irix 5.3 83 \\ SGI
Irix 5.3 102 \\ Sinux 5.42c1002
60 2 third-party programs\\ Sun
Solaris 5.4 52 6 third-party
programs\\ Sun Solaris 5.6 74 11
third-party programs\\ Sun Solaris 5.8
70 6 third-party programs\\ Sun Solaris 5.8
82 6 third-party programs\\ Tru64
4.0r878 72 \\
126
Insecure clients

This is not the same as TCP hijacking
encryption on the link wont fix this
any persistent connection is vulnerable
rlogin, ftp, ssh
Tsutomu left an rlogin session running when he
went skiing
YOU HAVE TO BE ABLE TO TRUST YOUR CLIENT
laptop PCs vs. terminal rooms

127
Insecure clientsattacker takes over client host
Client
Server
Attacker
128
Insecure clientsattacker takes over client host
Client
Server
Attacker
129
installs the TAP kernel load module
Client
Server
TAP
Attacker
130
user makes authenticated connection to server
Client
Server
TAP
Attacker
131
hacker takes over terminal connection with TAP
Client
Server
TAP
Attacker
132
Weve been losing ground for decades

Bad guys are figuring out attacks that we have
been waiting for over the years
Very few surprises
Defense has not improved much
Ssh
IPsec
Better Linux and Unix systems

133
How Do We Fix All This?
134
How Do We Fix All This?

Hide behind a perimeter defense?

135
Firewalls Perimeter defenses
136
Firewalls Not a panacea

Backdoors usually diminish the effectiveness
Commercial firewalls are probably OK
May give community a false sense of security

The firewall is often the only secure part of a
configuration
People go around them
People go through the bad ones
No protection from insiders

137
Anything large enough to be calledan intranet
is probably out of control
138
(No Transcript)
139
This was Supposed To be a VPN
140
Some intranet statisticsfrom Lumeta clients
141
You dont know to whom you are connected

Modems are cheap and easy to hook up.
Suns fax machines
Home commuting networks may link to spouses
company, or the Internet.
even routing worked!

Remote managers can make extranet connections
that arent authorized.
these connections can be very hard to find
but the security threat is still there

142
You dont know how many hosts you have

Most control is at the network level, not the
host level.
Name server entries are optional.
Nobody keeps the reverse name service information
up-to-date.
Mapping takes work, and doesnt catch hosts that
are down
Some network links are ephemeral.

143
Lucents intranetc. 1997
The Internet
Columbus
Murray Hill
Murray Hill
Holmdel
Allentown
SLIP PPP ISDN X.25 cable ...
Lucent - 130,000, 266K IP addresses, 3000 nets
ann.
thousands of telecommuters
200 business partners
144
None of this protects us from an insider threat,
so
145
How Do We Fix All This?

Life without a firewall
skinny dipping

146
Secure computing needs

Safe clients
Secure communication
Safe servers
Strong, 2-factor authentication
Something you have and something you know
Emergency 1-factor authentication, something you
know, used extremely rarely

147
Safe clients and servers need

A trustable Trusted Computing Base
Simple, well-specified and debugged kernel
Check out the semantics of setuid in Unix flavors
(Setuid Demystified. Chen, Wagner, and Dean
Usenix Security 2002)
MAC controls more permissions, use of file
system permissions, and programs that know how to
use them
root is bad see Multics!)
Better, more routing sandboxing
Make chroot much better, and easier

148
Free, new servers by Don Knuth?

Hes busy with Volume 4
Literate programming of key servers might be the
way to go
Other languages might be better C and C still
have buffer overflow problems
Modula 3?
Java?

149
We need better suspenders

We should never trust the application writers to
get it right, though they should try hard
Jails/chroot/sandboxes need to be easy and
common-place
More restrictive jails should be possible
Unprivileged user should be able to set these up,
even if he is already in a jail
The /etc/passwd problem
Static builds should be easier
Careful documentation of what a program needs to
access.

150
Improve chroot

Already some new work in this area FreeBSD jail
Goal routine jailing of everything that
processes external input
Netscape client routinely jailed
mail readers
SpamAssassin
Openssl (!)
See Plan 9 for some good ideas
Network access through the file system?!

151
Related chroot wishes

Easier builds of static binaries dynamic
libraries make the TCB tougher to build
Chroot options to all the useful network
services they should jail themselves!
Apache (Ben Laurie is considering this)
Samba
Ntp
DNS (done)

152
Microsoft desperately needs to do this

I am convinced that they actually are trying to
get better
They have a long way to go
I wonder if they can wedge good sandboxing into
their OS

153
Simpler Software

One of the underlying problems with Microsoft
applications is creeping featurism
For most uses, is Word much better than WordStar
or any of the other early word processors?
Is this version of PowerPoint that much better
than the first ones (bugs aside)?

154
Simpler Software in Unix

Skim through the Unix V7 man pages
(http//plan9.bell-labs.com)
How many options does cat(1) need?
How many setuid-to-root programs does your system
have?

155
New file system switch

Revisit the DOOFUS wars of the mid 80s
Check Plan 9 for possible uses
Kernel file system switch that has userland file
system computation
Must be robusthung inodes, etc.
Does not involve the network, as NFS does
Reimplement SFS, Samba client, etc.,

156
Communications
157
Communication encryption options

Ssh
IPsec
SSL

158
Communications solutions ssh

Source code is available
Widely examined
But 2 protocol flaws found so far
stack smashing scare
Tunneling is valuable
IPsec has better crypto, maybe

159
IPsec

Protocol well-vetted by expert community
We have the CPUs, I want everyone to use it, for
all communications
Needs simpler setup
Microsoft requires certificates, no?
Secret key pairs are fine for small setups
Key exchange daemons worry me
They gotta run as root, no?
They can use complicated crypto libraries, and
are exposed network services

160
SSL

Well-documented and ver. 3 is probably ok
Implemented by openssl
which uses X.509
which uses ASN.1
which is complicated, a monoculture, and has had
several bugs exposed
Can you jail the SSL parts of your web server?
(I have sslwrap chroot)

161
Authentication
162
Security doesnt need to be inconvenient

Modern hotel room keys
Modern car keys

163
Some solutionsHardware tokens

SecureID
time-based
S/Key
software or printout solution
Many others
usually proprietary server software
New USB dongles are just the ticket!

Digital Pathways SNK-004
164
One-time Passwords
RISC/os (inet) Authentication Server. Id?
ches Enter response code for 70202
04432234 Destination? cetus
165
How does it work? Server and client share a
secret key
Client
Server
166
How does it work? Server generates a unique
challenge
Client
Server
70202
challenge
167
How does it work? The client encrypts the
challenge with key
Client
Server
70202
168
How does it work?and returns the result
Client
Server
70202
04432234
169
How does it work?The server checks the result
Client
Server
70202
04432234
04432234
170
One-time passwords

The client proves he has the key, without
revealing it
With hardware, he may not even know the key
the keys are computer-generated
no weak passwords
If the challenges dont repeat, an eavesdropper
cant predict the answer, unless the encryption
(DES) is broken

171
One-time passwords

The key can be generated from a password but the
challenge/response pair is subject to a
dictionary attack
This extra work for the user is worth the effort
very strong authentication
spies use this
needs about a page of C code
can be implemented in a remote authentication
server

172
Human-computed one-time password a research
project
challenge 00193 Wed Sep 11 112209
2002 response ab0dh1kd0jkfj1kye./
173
Not Gory Enough For You?