Chapter 2 roadmap

1
Chapter 2 roadmap

• 2.1 What is network security?
• 2.2 Principles of cryptography
• 2.3 Authentication
• 2.4 Integrity
• 2.5 Key Distribution and certification
• 2.6 Access control firewalls
• 2.7 Attacks and counter measures
• 2.8 Security in many layers

2
Firewalls
isolates an organizations internal network from
a larger external network, allowing some packets
to pass, blocking others
firewall


3
Firewalls Why?

• Prevent denial of service attacks
• SYN flooding attacker establishes many bogus TCP
  connections, no resources left for real
  connections.
• Prevent illegal modification/access of internal
  data.
• e.g., attacker replaces CIAs homepage with
  something else
• Allow only authorized access to inside network
  (set of authenticated users/hosts)
• Prevent insider attacks on critical systems
• Critical systems (human resources, payroll, etc.)
  can be hidden behind their own firewalls to
  prevent attacks from the inside.

4
Firewalls Policies

• There are two main approaches to setting firewall
  policies regulating information flow.
• Default Permit
• Conditions are specified that will result in data
  being blocked any host or protocol not covered
  by these conditions will pass through by default.
• Simpler to use, easy to configure, and more
  dangerous.
• Default Deny
• The particular protocols allowed through and the
  hosts that may pass data or be contacted are
  specified all others are denied.
• Tends to be more secure.

5
Firewall Components Chokes/Packet Filters
Should arriving packet be allowed in? Departing
packet let out?

• Computers or devices (such as routers) that
  restrict the flow of packets between the
  internal and external networks.
• These filter packet-by-packet, making the
  decision to forward/drop packets based on
• source IP address, destination IP address
• TCP/UDP source and destination port numbers
• ICMP message type
• TCP SYN and ACK bits

6
Firewall Components Chokes/Packet Filters

• Example 1 Block incoming and outgoing datagrams
  with IP protocol field 17 or with either source
  or destination port 23.
• All incoming and outgoing UDP flows and telnet
  connections are blocked.
• Example 2 Block inbound TCP segments with ACK0.
• Prevents external clients from making TCP
  connections with internal clients, but allows
  internal clients to connect to outside.

7
Firewall Components Gates/Gateways

• Specifically designated programs, devices, or
  computers within the firewalls perimeter that
  receive and handle connections to and from the
  external network.
• For security and reliability, users should not
  have accounts on a gateway computer.
• Several kinds of programs can run on gateways
• Network client software such as telnet, ftp and
  netscape. Users get external access by logging
  on to the gateway and using this software.
  (Again, not recommended!)
• Proxy servers that forward requests through the
  firewall from the internal network to the
  external one.
• Network servers for receiving e-mail, serving web
  pages, and so on.

8
Firewall Components Gates/Gateways
gateway-to-remote host telnet session
host-to-gateway telnet session

• Example allow select internal users to telnet
  outside.

application gateway
router and filter
1. Require all telnet users to telnet through
gateway. 2. For authorized users, gateway sets up
telnet connection to destination host. Gateway
relays data between the 2 connections. 3. Router
packet filter blocks all telnet connections not
originating from gateway.
9
Dual-ported Host Firewalls

• The first Internet firewalls were Unix hosts with
  two network ports one for the internal network,
  and one for the external network.
• In this firewall, the dual-ported host functions
  as both a choke and a gate.
• Service is provided to internal users by either
  network clients or proxy servers.
• Packet forwarding between network ports is
  disabled to protect the internal network.

externalnetwork
internalnetwork
firewall
10
Packet Filtering Firewalls

• A simple firewall can be built be a single choke,
  using the packet filtering options on a router to
  block packets as needed between the external and
  internal networks.
• These firewalls are cheap and simple.
• Most firewalls built into cable/DSL routers are
  of this variety.
• How powerful are they though?

externalnetwork
internalnetwork

firewall
11
Screened Host Firewalls

• This is a more secure firewall built using a
  choke and a gateway computer.
• The gate is a specially chosen computer running
  network servers and proxy servers.
• Only external packets destined for the gateway
  are allowed through the choke.
• All internal packets destined for the external
  network must first pass through a proxy server on
  the gateway, or they are filtered by the choke.

gateway
externalnetwork
internalnetwork

firewall
12
Screened Subnet Firewalls

• For even higher security, two chokes and a
  gateway can be used to build a firewall.
• The external choke and gateway are configured as
  in a screened host firewall.
• The second choke is a failsafe if an attacker
  gains access to the gate, the internal choke
  prevents further attacks against the internal
  network.
• Additional gateways can be added to the perimeter
  network between the chokes for other services.

gateway
externalnetwork
internalnetwork
perimeternetwork

firewall
13
Limitations of Firewalls

• IP spoofing a firewall cant know if data really
  comes from the claimed source, so intruders
  maystill be let in.
• If multiple applications need special treatment,
  each has its own gateway.
• Client software must know how to contact the
  gateway.
• For example, users must set the IP address of a
  proxy in their web browsers.

• Filters often use an all or nothing policy for
  UDP.
• Tradeoff degree of communication with outside
  world, level of security
• The more exceptions and specializations needed
  for a firewall, the harder it is to configure and
  get to work properly big troubles!
• Many highly protected sites still suffer from
  attacks, so are firewalls really the solution?

14
Chapter 2 roadmap

• 2.1 What is network security?
• 2.2 Principles of cryptography
• 2.3 Authentication
• 2.4 Integrity
• 2.5 Key Distribution and certification
• 2.6 Access control firewalls
• 2.7 Attacks and counter measures
• 2.8 Security in many layers

15
Internet Security Threats

• Mapping
• Before attacking you case the joint find out
  what services are implemented on network.
• Use ping to determine what hosts have addresses
  on network.
• Port-scanning try to establish TCP connection to
  each port in sequence (see what happens).
• nmap (http//www.insecure.org/nmap/) mapper
  network exploration and security auditing.
• Countermeasures?

16
Internet Security Threats

• Mapping countermeasures
• Record and log traffic entering network.
• Look for suspicious activity (IP addresses, ports
  being scanned sequentially). A lot of network
  equipment can do this automatically now.
• Have firewalls block ICMP packets and ping no
  longer works.
• Put a default deny policy in place on all
  firewalls. If port numbers are blocked there,
  the network cannot be mapped from the outside.

17
Internet Security Threats

• Packet sniffing
• A problem for broadcast media.
• Promiscuous NIC reads all packets passing by.
• Can read all unencrypted data (e.g. passwords).
• e.g. C sniffs Bs packets

C
A
B
Countermeasures?
18
Internet Security Threats

• Packet sniffing countermeasures
• All hosts in organization run software that
  checks periodically if host interface is in
  promiscuous mode.
• Ensure all hosts in network require super-user
  privileges to put an interface in promiscuous
  mode.
• Place one host per segment of broadcast media
  (switched Ethernet at hub).
• Encrypt all sensitive data (use ssh for remote
  logins).

C
A
B
19
Internet Security Threats

• Traffic analysis
• An attacker acquires sensitive information
  without learning message content or sniffing
  whole packets.
• Bad things can come from innocent-looking
  information.
• e.g. C can learn what Bs work patterns are,
  that B is carrying out transactions with A, and
  so on.

C
A
B
Countermeasures?
20
Internet Security Threats

• Traffic analysis countermeasures
• Use some form of traffic padding. Fake traffic
  is inserted into the network to mask the real
  traffic.
• If you have spare network capacity, why not use
  it?
• Traffic padding can make other attacks harder too
  how can you tell which data to attack and
  attempt to compromise when it is not all real?

C
A
B
21
Internet Security Threats

• IP Spoofing
• Can generate raw IP packets directly from an
  application, putting any value into an IP
  packets source address field.
• Receiver cant tell if source is spoofed.
• e.g. C pretends to be B

C
A
B
Countermeasures?
22
Internet Security Threats

• IP Spoofing ingress filtering
• Routers should not forward outgoing packets with
  invalid source addresses (e.g., datagram source
  address not in routers network).
• Great, but ingress filtering can not be mandated
  for all networks.

C
A
B
23
Internet Security Threats

• Denial of service (DOS)
• A flood of maliciously generated packets swamp
  receiver.
• Distributed DOS (DDOS) multiple coordinated
  sources swamp receiver.
• e.g., C and remote host SYN-attack A.

C
A
B
Countermeasures?
24
Internet Security Threats

• Denial of service (DOS) countermeasures
• filter out flooded packets (e.g., SYN) before
  reaching host throw out good with bad
• traceback to source of floods (most likely an
  innocent, compromised machine)
• use a dedicated hardware appliance to filter
  excessive packets or process connection attempts

C
A
B
25
Other Good Ideas

• Backups and Comparison Copies
• Making copies of data being transmitted or stored
  can be very useful for security purposes.
• If data is damaged or destroyed, it can be
  restored.
• If data is modified, a comparison copy can detect
  when and how it was changed, and restore it as
  well.
• Backups can be to disk, tape, CD, DVD, or even
  paper.
• Backups can be either full or incremental.
• The backup copies themselves must be secured!
• Protect them from overwriting.
• Store them safely off-site under lock and key to
  prevent theft and possible damage.
• Encrypt them to protect the contents.
• Verify that the backups actually work properly!

26
Other Good Ideas

• Auditing and Logging
• Auditing refers to the process of monitoring to
  ensure that security mechanisms in place work and
  that any indications of misbehaviour are
  recorded.
• Logging is used to record what is happening
• User activity (logging in, logging out,
  unsuccessful login attempts, commands executed,
  and so on).
• Use of administrator or super-user privileges
  (e.g. su).
• Network traffic of various protocols at different
  periods.
• Logging can be used to produce audit trails
  tracing the history of the network or individuals
  using it.
• Logs are susceptible to modification attacks (to
  cover up attacks, falsely implicate others, and
  so on).
• Record logs to different physically secure
  machines or possibly even printers.
• Encrypt logs as they are written.

27
Chapter 2 roadmap

• 2.1 What is network security?
• 2.2 Principles of cryptography
• 2.3 Authentication
• 2.4 Integrity
• 2.5 Key Distribution and certification
• 2.6 Access control firewalls
• 2.7 Attacks and counter measures
• 2.8 Security in many layers
• 2.8.1. Secure email
• 2.8.2. Secure sockets
• 2.8.3. IPsec
• 2.8.4. 802.11 WEP

28
Secure E-Mail

• Alice wants to send confidential e-mail, m, to
  Bob.

• Alice
• Generates random symmetric private key, KS.
• Encrypts message with KS (for efficiency, as
  discussed before).
• Also encrypts KS with Bobs public key.
• Sends both KS(m) and KB(KS) to Bob.

29
Secure E-Mail

• Alice wants to send confidential e-mail, m, to
  Bob.

• Bob
• Uses his private key to decrypt and recover KS.
• Uses KS to decrypt KS(m) to recover his message
  m.

30
Secure E-Mail (Continued)

• Alice wants to provide sender authentication
  and message integrity.

• Alice digitally signs a digest of the message.
• Sends both message (in the clear) and the
  digitally signed digest.

31
Secure E-Mail (Continued)

• Alice wants to provide secrecy, sender
  authentication, and message integrity.

Alice uses three keys her private key, Bobs
public key, and the newly created symmetric key.
32
Pretty Good Privacy (PGP)

• Internet e-mail encryption scheme, de-facto
  standard.
• Uses symmetric key cryptography, public key
  cryptography, hash function, and digital
  signature as described.
• Provides secrecy, sender authentication,
  integrity.
• Inventor Phil Zimmerman, was the target of a
  3-year federal investigation for violating U.S.
  export restrictions on cryptographic software.

A PGP signed message

• ---BEGIN PGP SIGNED MESSAGE---
• Hash SHA1
• BobMy husband is out of town tonight.
  Passionately yours, Alice
• ---BEGIN PGP SIGNATURE---
• Version PGP 5.0
• Charset noconv
• yhHJRHhGJGhgg/12EpJlo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
  
• ---END PGP SIGNATURE---

33
Secure Sockets Layer (SSL)

• Transport layer security to any TCP-based
  application using SSL services.
• Used between Web browsers, servers for e-commerce
  (shttp).
• Security services
• Server authentication.
• Data encryption.
• Client authentication (optional).

• Server authentication
• SSL-enabled browser includes public keys for
  trusted CAs.
• Browser requests server certificate, issued by
  trusted CA.
• Browser uses CAs public key to extract servers
  public key from certificate.
• Check your browsers security menu to see its
  trusted CAs.

34
SSL (Continued)

• Encrypted SSL session
• Browser generates symmetric session key, encrypts
  it with servers public key, sends encrypted key
  to server.
• Using private key, server decrypts session key.
• Only the browser and server know session key.
• All data sent into TCP socket (by client or
  server) encrypted with session key.

• SSL basis of IETF Transport Layer Security
  (TLS).
• SSL can be used for non-Web applications, e.g.,
  IMAP.
• Client authentication can be done with client
  certificates which have also been issued by CAs.

35
IPsec Network Layer Security

• Network-layer secrecy
• Sending host encrypts the data in IP datagram.
• TCP and UDP segments ICMP and SNMP messages.
• Network-layer authentication
• Destination host can authenticate source IP
  addresses.
• Two principle protocols
• Authentication header (AH) protocol
• Encapsulation security payload (ESP) protocol

• For both AH and ESP protocols, the source and
  destination handshake
• Create network-layer logical channel called a
  security association (SA).
• Each SA unidirectional.
• Uniquely determined by
• Security protocol (AH or ESP).
• Source IP address.
• 32-bit connection ID.

36
Authentication Header (AH) Protocol

• AH header includes
• Connection identifier.
• Authentication data source-signed message digest
  calculated over original IP datagram.
• Next header field specifies type of data (e.g.,
  TCP, UDP, ICMP).
• Sequence number to prevent playback attacks.

• Provides source authentication, data integrity,
  but not confidentiality.
• AH header inserted between IP header, data field.
• IP protocol field 51
• Intermediate routers process datagrams as usual.

37
Encapsulation Security Payload (ESP) Protocol

• Provides secrecy, host authentication, and data
  integrity.
• Packet data and the ESP trailer are encrypted.
• Next header field is in the ESP trailer.

• Sequence number and connection identifier are in
  the ESP header.
• ESP authentication field is similar to AH
  authentication field.
• IP protocol field 50.

authenticated
encrypted
ESP header
IP header
TCP/UDP segment
38
IPsec SA and Key Management

• To successfully deploy IPsec, a scalable and
  automated SA and key management scheme is
  needed.
• Several protocols have been defined.
• The Internet Key Exchange (IKE) algorithm, which
  is the default key management protocol for IPsec.
• The Internet Security Association and Key
  Management Protocol (ISKMP) defines procedures
  for setting up and tearing down SAs and working
  with keys.

39
IEEE 802.11 Security

• War-driving drive around the community and see
  what 802.11 wireless networks are available.
• In 2001, in the San Francisco Bay area alone,
  more than 9000 were accessible from public
  roadways.
• 85 used no encryption/authentication!
• Packet-sniffing and various attacks would be
  easy!
• Recent studies have shown similar results only
  with way more access points!
• Wired Equivalent Privacy (WEP) authentication as
  in protocol ap4.0
• Host requests authentication from access point.
• Access point sends 128 bit nonce.
• Host encrypts nonce using shared symmetric key.
• Access point decrypts nonce, authenticates host.

40
IEEE 802.11 Security

• Wired Equivalent Privacy (WEP) data encryption
• Host and access point share 40 bit symmetric key
  (semi-permanent).
• Host appends 24-bit initialization vector (IV) to
  create 64-bit key.
• 64 bit key used to generate stream of keys, kiIV.
• kiIV used to encrypt ith byte, di, in frame
• ci di XOR kiIV
• IV and encrypted bytes, ci sent in frame.

41
802.11 WEP Encryption
Sender-side WEP encryption
42
Breaking 802.11 WEP Encryption

• Security Hole
• 24-bit IV, one IV per frame, -gt IVs eventually
  reused
• IV transmitted in plaintext -gt IV reuse detected
• Attack
• Trudy causes Alice to encrypt known plaintext d1
  d2 d3 d4
• Trudy sees ci di XOR kiIV
• Trudy knows ci di, so can compute kiIV
• Trudy knows encrypting key sequence k1IV k2IV
  k3IV
• Next time IV is used, Trudy can decrypt!

43
802.11b Security At Western

• Wireless users at Western are forced to
  authenticate themselves securely before accessing
  the network.
• This prevents outsiders from easily getting
  inside access to the campus network.
• Once a wireless device contacts an access point,
  access is restricted until a web browser is
  opened and redirected to a secure login page.
• You can then provide your UWO user id and
  password to authenticate with the network.
• Once authenticated, access is opened up and you
  are allowed fuller access of network services.

44
802.11b Security At Western

• Western does not currently use traditional
  WEP-based encryption, and does not plan to.
• How could you safely share a secret WEP key
  between 20,000-30,000 users? You cant!
• Besides, as we just saw, WEP might not be very
  safe.
• Western is continuing to look at more advanced
  wireless encryption protocols as they continue to
  develop.
• Just to be safe, use higher-level security
  protocols as much as possible (such as SSL, SSH,
  and so on).
• Many insecure unencrypted protocols are blocked,
  so you cannot use them anyways!

45
Network Security Summary

• Basic techniques...
• cryptography (symmetric and public)
• authentication
• message integrity
• key distribution
• . used in many different security scenarios
• secure email
• secure transport (SSL)
• IPsec
• 802.11 WEP