Title: Chapter 2 roadmap
1Chapter 2 roadmap
- 2.1 What is network security?
- 2.2 Principles of cryptography
- 2.3 Authentication
- 2.4 Integrity
- 2.5 Key Distribution and certification
- 2.6 Access control firewalls
- 2.7 Attacks and counter measures
- 2.8 Security in many layers
2Firewalls
isolates an organizations internal network from
a larger external network, allowing some packets
to pass, blocking others
firewall
3Firewalls Why?
- Prevent denial of service attacks
- SYN flooding attacker establishes many bogus TCP
connections, no resources left for real
connections. - Prevent illegal modification/access of internal
data. - e.g., attacker replaces CIAs homepage with
something else - Allow only authorized access to inside network
(set of authenticated users/hosts) - Prevent insider attacks on critical systems
- Critical systems (human resources, payroll, etc.)
can be hidden behind their own firewalls to
prevent attacks from the inside.
4Firewalls Policies
- There are two main approaches to setting firewall
policies regulating information flow. - Default Permit
- Conditions are specified that will result in data
being blocked any host or protocol not covered
by these conditions will pass through by default. - Simpler to use, easy to configure, and more
dangerous. - Default Deny
- The particular protocols allowed through and the
hosts that may pass data or be contacted are
specified all others are denied. - Tends to be more secure.
5Firewall Components Chokes/Packet Filters
Should arriving packet be allowed in? Departing
packet let out?
- Computers or devices (such as routers) that
restrict the flow of packets between the
internal and external networks. - These filter packet-by-packet, making the
decision to forward/drop packets based on - source IP address, destination IP address
- TCP/UDP source and destination port numbers
- ICMP message type
- TCP SYN and ACK bits
6Firewall Components Chokes/Packet Filters
- Example 1 Block incoming and outgoing datagrams
with IP protocol field 17 or with either source
or destination port 23. - All incoming and outgoing UDP flows and telnet
connections are blocked. - Example 2 Block inbound TCP segments with ACK0.
- Prevents external clients from making TCP
connections with internal clients, but allows
internal clients to connect to outside.
7Firewall Components Gates/Gateways
- Specifically designated programs, devices, or
computers within the firewalls perimeter that
receive and handle connections to and from the
external network. - For security and reliability, users should not
have accounts on a gateway computer. - Several kinds of programs can run on gateways
- Network client software such as telnet, ftp and
netscape. Users get external access by logging
on to the gateway and using this software.
(Again, not recommended!) - Proxy servers that forward requests through the
firewall from the internal network to the
external one. - Network servers for receiving e-mail, serving web
pages, and so on.
8Firewall Components Gates/Gateways
gateway-to-remote host telnet session
host-to-gateway telnet session
- Example allow select internal users to telnet
outside.
application gateway
router and filter
1. Require all telnet users to telnet through
gateway. 2. For authorized users, gateway sets up
telnet connection to destination host. Gateway
relays data between the 2 connections. 3. Router
packet filter blocks all telnet connections not
originating from gateway.
9Dual-ported Host Firewalls
- The first Internet firewalls were Unix hosts with
two network ports one for the internal network,
and one for the external network. - In this firewall, the dual-ported host functions
as both a choke and a gate. - Service is provided to internal users by either
network clients or proxy servers. - Packet forwarding between network ports is
disabled to protect the internal network.
externalnetwork
internalnetwork
firewall
10Packet Filtering Firewalls
- A simple firewall can be built be a single choke,
using the packet filtering options on a router to
block packets as needed between the external and
internal networks. - These firewalls are cheap and simple.
- Most firewalls built into cable/DSL routers are
of this variety. - How powerful are they though?
externalnetwork
internalnetwork
firewall
11Screened Host Firewalls
- This is a more secure firewall built using a
choke and a gateway computer. - The gate is a specially chosen computer running
network servers and proxy servers. - Only external packets destined for the gateway
are allowed through the choke. - All internal packets destined for the external
network must first pass through a proxy server on
the gateway, or they are filtered by the choke.
gateway
externalnetwork
internalnetwork
firewall
12Screened Subnet Firewalls
- For even higher security, two chokes and a
gateway can be used to build a firewall. - The external choke and gateway are configured as
in a screened host firewall. - The second choke is a failsafe if an attacker
gains access to the gate, the internal choke
prevents further attacks against the internal
network. - Additional gateways can be added to the perimeter
network between the chokes for other services.
gateway
externalnetwork
internalnetwork
perimeternetwork
firewall
13Limitations of Firewalls
- IP spoofing a firewall cant know if data really
comes from the claimed source, so intruders
maystill be let in. - If multiple applications need special treatment,
each has its own gateway. - Client software must know how to contact the
gateway. - For example, users must set the IP address of a
proxy in their web browsers.
- Filters often use an all or nothing policy for
UDP. - Tradeoff degree of communication with outside
world, level of security - The more exceptions and specializations needed
for a firewall, the harder it is to configure and
get to work properly big troubles! - Many highly protected sites still suffer from
attacks, so are firewalls really the solution?
14Chapter 2 roadmap
- 2.1 What is network security?
- 2.2 Principles of cryptography
- 2.3 Authentication
- 2.4 Integrity
- 2.5 Key Distribution and certification
- 2.6 Access control firewalls
- 2.7 Attacks and counter measures
- 2.8 Security in many layers
15Internet Security Threats
- Mapping
- Before attacking you case the joint find out
what services are implemented on network. - Use ping to determine what hosts have addresses
on network. - Port-scanning try to establish TCP connection to
each port in sequence (see what happens). - nmap (http//www.insecure.org/nmap/) mapper
network exploration and security auditing. - Countermeasures?
16Internet Security Threats
- Mapping countermeasures
- Record and log traffic entering network.
- Look for suspicious activity (IP addresses, ports
being scanned sequentially). A lot of network
equipment can do this automatically now. - Have firewalls block ICMP packets and ping no
longer works. - Put a default deny policy in place on all
firewalls. If port numbers are blocked there,
the network cannot be mapped from the outside.
17Internet Security Threats
- Packet sniffing
- A problem for broadcast media.
- Promiscuous NIC reads all packets passing by.
- Can read all unencrypted data (e.g. passwords).
- e.g. C sniffs Bs packets
C
A
B
Countermeasures?
18Internet Security Threats
- Packet sniffing countermeasures
- All hosts in organization run software that
checks periodically if host interface is in
promiscuous mode. - Ensure all hosts in network require super-user
privileges to put an interface in promiscuous
mode. - Place one host per segment of broadcast media
(switched Ethernet at hub). - Encrypt all sensitive data (use ssh for remote
logins).
C
A
B
19Internet Security Threats
- Traffic analysis
- An attacker acquires sensitive information
without learning message content or sniffing
whole packets. - Bad things can come from innocent-looking
information. - e.g. C can learn what Bs work patterns are,
that B is carrying out transactions with A, and
so on.
C
A
B
Countermeasures?
20Internet Security Threats
- Traffic analysis countermeasures
- Use some form of traffic padding. Fake traffic
is inserted into the network to mask the real
traffic. - If you have spare network capacity, why not use
it? - Traffic padding can make other attacks harder too
how can you tell which data to attack and
attempt to compromise when it is not all real?
C
A
B
21Internet Security Threats
- IP Spoofing
- Can generate raw IP packets directly from an
application, putting any value into an IP
packets source address field. - Receiver cant tell if source is spoofed.
- e.g. C pretends to be B
C
A
B
Countermeasures?
22Internet Security Threats
- IP Spoofing ingress filtering
- Routers should not forward outgoing packets with
invalid source addresses (e.g., datagram source
address not in routers network). - Great, but ingress filtering can not be mandated
for all networks.
C
A
B
23Internet Security Threats
- Denial of service (DOS)
- A flood of maliciously generated packets swamp
receiver. - Distributed DOS (DDOS) multiple coordinated
sources swamp receiver. - e.g., C and remote host SYN-attack A.
C
A
B
Countermeasures?
24Internet Security Threats
- Denial of service (DOS) countermeasures
- filter out flooded packets (e.g., SYN) before
reaching host throw out good with bad - traceback to source of floods (most likely an
innocent, compromised machine) - use a dedicated hardware appliance to filter
excessive packets or process connection attempts
C
A
B
25Other Good Ideas
- Backups and Comparison Copies
- Making copies of data being transmitted or stored
can be very useful for security purposes. - If data is damaged or destroyed, it can be
restored. - If data is modified, a comparison copy can detect
when and how it was changed, and restore it as
well. - Backups can be to disk, tape, CD, DVD, or even
paper. - Backups can be either full or incremental.
- The backup copies themselves must be secured!
- Protect them from overwriting.
- Store them safely off-site under lock and key to
prevent theft and possible damage. - Encrypt them to protect the contents.
- Verify that the backups actually work properly!
26Other Good Ideas
- Auditing and Logging
- Auditing refers to the process of monitoring to
ensure that security mechanisms in place work and
that any indications of misbehaviour are
recorded. - Logging is used to record what is happening
- User activity (logging in, logging out,
unsuccessful login attempts, commands executed,
and so on). - Use of administrator or super-user privileges
(e.g. su). - Network traffic of various protocols at different
periods. - Logging can be used to produce audit trails
tracing the history of the network or individuals
using it. - Logs are susceptible to modification attacks (to
cover up attacks, falsely implicate others, and
so on). - Record logs to different physically secure
machines or possibly even printers. - Encrypt logs as they are written.
27Chapter 2 roadmap
- 2.1 What is network security?
- 2.2 Principles of cryptography
- 2.3 Authentication
- 2.4 Integrity
- 2.5 Key Distribution and certification
- 2.6 Access control firewalls
- 2.7 Attacks and counter measures
- 2.8 Security in many layers
- 2.8.1. Secure email
- 2.8.2. Secure sockets
- 2.8.3. IPsec
- 2.8.4. 802.11 WEP
28Secure E-Mail
- Alice wants to send confidential e-mail, m, to
Bob.
- Alice
- Generates random symmetric private key, KS.
- Encrypts message with KS (for efficiency, as
discussed before). - Also encrypts KS with Bobs public key.
- Sends both KS(m) and KB(KS) to Bob.
29Secure E-Mail
- Alice wants to send confidential e-mail, m, to
Bob.
- Bob
- Uses his private key to decrypt and recover KS.
- Uses KS to decrypt KS(m) to recover his message
m.
30Secure E-Mail (Continued)
- Alice wants to provide sender authentication
and message integrity.
- Alice digitally signs a digest of the message.
- Sends both message (in the clear) and the
digitally signed digest.
31Secure E-Mail (Continued)
- Alice wants to provide secrecy, sender
authentication, and message integrity.
Alice uses three keys her private key, Bobs
public key, and the newly created symmetric key.
32Pretty Good Privacy (PGP)
- Internet e-mail encryption scheme, de-facto
standard. - Uses symmetric key cryptography, public key
cryptography, hash function, and digital
signature as described. - Provides secrecy, sender authentication,
integrity. - Inventor Phil Zimmerman, was the target of a
3-year federal investigation for violating U.S.
export restrictions on cryptographic software.
A PGP signed message
- ---BEGIN PGP SIGNED MESSAGE---
- Hash SHA1
- BobMy husband is out of town tonight.
Passionately yours, Alice - ---BEGIN PGP SIGNATURE---
- Version PGP 5.0
- Charset noconv
- yhHJRHhGJGhgg/12EpJlo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
- ---END PGP SIGNATURE---
33Secure Sockets Layer (SSL)
- Transport layer security to any TCP-based
application using SSL services. - Used between Web browsers, servers for e-commerce
(shttp). - Security services
- Server authentication.
- Data encryption.
- Client authentication (optional).
- Server authentication
- SSL-enabled browser includes public keys for
trusted CAs. - Browser requests server certificate, issued by
trusted CA. - Browser uses CAs public key to extract servers
public key from certificate. - Check your browsers security menu to see its
trusted CAs.
34SSL (Continued)
- Encrypted SSL session
- Browser generates symmetric session key, encrypts
it with servers public key, sends encrypted key
to server. - Using private key, server decrypts session key.
- Only the browser and server know session key.
- All data sent into TCP socket (by client or
server) encrypted with session key.
- SSL basis of IETF Transport Layer Security
(TLS). - SSL can be used for non-Web applications, e.g.,
IMAP. - Client authentication can be done with client
certificates which have also been issued by CAs.
35IPsec Network Layer Security
- Network-layer secrecy
- Sending host encrypts the data in IP datagram.
- TCP and UDP segments ICMP and SNMP messages.
- Network-layer authentication
- Destination host can authenticate source IP
addresses. - Two principle protocols
- Authentication header (AH) protocol
- Encapsulation security payload (ESP) protocol
- For both AH and ESP protocols, the source and
destination handshake - Create network-layer logical channel called a
security association (SA). - Each SA unidirectional.
- Uniquely determined by
- Security protocol (AH or ESP).
- Source IP address.
- 32-bit connection ID.
36Authentication Header (AH) Protocol
- AH header includes
- Connection identifier.
- Authentication data source-signed message digest
calculated over original IP datagram. - Next header field specifies type of data (e.g.,
TCP, UDP, ICMP). - Sequence number to prevent playback attacks.
- Provides source authentication, data integrity,
but not confidentiality. - AH header inserted between IP header, data field.
- IP protocol field 51
- Intermediate routers process datagrams as usual.
37Encapsulation Security Payload (ESP) Protocol
- Provides secrecy, host authentication, and data
integrity. - Packet data and the ESP trailer are encrypted.
- Next header field is in the ESP trailer.
- Sequence number and connection identifier are in
the ESP header. - ESP authentication field is similar to AH
authentication field. - IP protocol field 50.
authenticated
encrypted
ESP header
IP header
TCP/UDP segment
38IPsec SA and Key Management
- To successfully deploy IPsec, a scalable and
automated SA and key management scheme is
needed. - Several protocols have been defined.
- The Internet Key Exchange (IKE) algorithm, which
is the default key management protocol for IPsec. - The Internet Security Association and Key
Management Protocol (ISKMP) defines procedures
for setting up and tearing down SAs and working
with keys.
39IEEE 802.11 Security
- War-driving drive around the community and see
what 802.11 wireless networks are available. - In 2001, in the San Francisco Bay area alone,
more than 9000 were accessible from public
roadways. - 85 used no encryption/authentication!
- Packet-sniffing and various attacks would be
easy! - Recent studies have shown similar results only
with way more access points! - Wired Equivalent Privacy (WEP) authentication as
in protocol ap4.0 - Host requests authentication from access point.
- Access point sends 128 bit nonce.
- Host encrypts nonce using shared symmetric key.
- Access point decrypts nonce, authenticates host.
40IEEE 802.11 Security
- Wired Equivalent Privacy (WEP) data encryption
- Host and access point share 40 bit symmetric key
(semi-permanent). - Host appends 24-bit initialization vector (IV) to
create 64-bit key. - 64 bit key used to generate stream of keys, kiIV.
- kiIV used to encrypt ith byte, di, in frame
- ci di XOR kiIV
- IV and encrypted bytes, ci sent in frame.
41802.11 WEP Encryption
Sender-side WEP encryption
42Breaking 802.11 WEP Encryption
- Security Hole
- 24-bit IV, one IV per frame, -gt IVs eventually
reused - IV transmitted in plaintext -gt IV reuse detected
- Attack
- Trudy causes Alice to encrypt known plaintext d1
d2 d3 d4 - Trudy sees ci di XOR kiIV
- Trudy knows ci di, so can compute kiIV
- Trudy knows encrypting key sequence k1IV k2IV
k3IV - Next time IV is used, Trudy can decrypt!
43802.11b Security At Western
- Wireless users at Western are forced to
authenticate themselves securely before accessing
the network. - This prevents outsiders from easily getting
inside access to the campus network. - Once a wireless device contacts an access point,
access is restricted until a web browser is
opened and redirected to a secure login page. - You can then provide your UWO user id and
password to authenticate with the network. - Once authenticated, access is opened up and you
are allowed fuller access of network services.
44802.11b Security At Western
- Western does not currently use traditional
WEP-based encryption, and does not plan to. - How could you safely share a secret WEP key
between 20,000-30,000 users? You cant! - Besides, as we just saw, WEP might not be very
safe. - Western is continuing to look at more advanced
wireless encryption protocols as they continue to
develop. - Just to be safe, use higher-level security
protocols as much as possible (such as SSL, SSH,
and so on). - Many insecure unencrypted protocols are blocked,
so you cannot use them anyways!
45Network Security Summary
- Basic techniques...
- cryptography (symmetric and public)
- authentication
- message integrity
- key distribution
- . used in many different security scenarios
- secure email
- secure transport (SSL)
- IPsec
- 802.11 WEP