Network Security - PowerPoint PPT Presentation

Loading...

PPT – Network Security PowerPoint presentation | free to download - id: 7b0153-YTg0Y



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Network Security

Description:

Network Security MET CS-625 Unit 6 – PowerPoint PPT presentation

Number of Views:115
Avg rating:3.0/5.0
Slides: 60
Provided by: Davi1802
Learn more at: http://bu.kidpub.com
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Network Security


1
Network Security
  • MET CS-625 Unit 6

2
Objectives
  • Discuss security tradeoffs
  • Examine specific threats in an enterprise network
  • Discuss development of a site security policy

3
Changes in security requirements
  • It used to be that computers were kept in locked
    rooms
  • Often users did not even have an account on the
    computer
  • Now everyone has a computer that attaches to a
    network of secure and insecure devices
  • When attached to the Internet the machine is
    potentially open to anyone in the world

4
The Orange Book
  • Government publication describing security of
    computing systems
  • Uses a gradation of security from D (insecure ie
    DOS) to A1 (super secure)
  • Security is not black and white...it is a
    continuum

5
Tradeoffs in security design
  • Services offered versus level of security
  • Ease of use versus security
  • Cost of security versus cost of loss

6
Extending the definition of security
  • Security doesnt only mean theft or compromise of
    data
  • Can also mean complete loss of data or assets
  • Example A fire destroys your disk farm
  • For our discussion well assume that the
    earthquake wont hit

7
Why have a security policy?
  • Inform users of the requirements for protecting
    information and assets
  • Spell out procedures mechanisms to meet the
    requirements
  • Provides a baseline to audit the site for
    compliance
  • May also include an appropriate use policy

8
Physical threats
  • Orange Book A1 security requires a machine in a
    vault with no external connections...including
    power
  • It points out that if someone can touch your
    machine, it can be compromised
  • This extends to all components of the
    network...switches, phone lines, etc

9
Social engineering
  • Kevin Mitnick testified before Congress that most
    of his hacker work was accomplished without the
    use of technology
  • Users are surprisingly naive when confronted by
    technology
  • Humans tend to fall into easily discernible
    patterns
  • Part of the security policy must acknowledge and
    plan for this

10
Network threats
  • Any time a computer is connected to a network it
    is open to a variety of threats
  • Well look at three broad categories
  • Unauthorized access
  • Impersonation
  • Denial of service

11
Unauthorized access
  • Intruder gains access to information
  • Hardest to protect against
  • Many avenues
  • Social engineering
  • Packet snooping
  • Eavesdropping

12
Impersonation
  • Related to unauthorized access
  • Means the ability to present credentials to make
    it seem you are someone or something you are not
  • Spoofing
  • Replay

13
Sequence number attack
  • TCP packets use a sequence number that increments
    in a known, non-random way for identification of
    a connection
  • By making valid connections to a machine it may
    be possible to deduce the next sequence
  • Attacker then starts sending packets to server
    with valid sequence numbers (possibly using DoS
    attack on some other machine)

14
Session hijacking
  • Intruder monitors traffic between two machines
  • Captures packets
  • Starts to send packets with authorized machines
    credentials
  • Somewhat easier than sequence number attack

15
Denial of service (DoS)
  • Purpose prevent use of a network resource
  • Many scenarios
  • Most rely on incapacitating a server with an
    overload of traffic
  • Often very difficult to trace
  • SYN
  • Ping of Death
  • SMURF

16
SYN attack (LAND.C)
  • Not used much anymore due to updates in server
    code
  • Send forged packets to server with the servers
    address in the destination field
  • Standard SYN flood generates multiple SYN
    requests to a server using bogus destination
    addresses
  • Server must allocate buffers for each connection
  • Eventually memory is exhausted

17
Ping of death
  • Max size of an IP packet is 64k
  • However packets may be fragmented
  • Fragments rely on sequence numbers and offsets
  • Using an offset with multiple large IP packets
    can result in buffer overflows and server crashes
  • This one is extremely difficult to trace

18
SMURF
  • Smurfing also uses ICMP Echo packets (pings)
  • In this attack the destination and source
    addresses are forged to be broadcast addresses
  • In a poorly protected network this may generate a
    cascade of thousands of echo responses for each
    individual smurf packet

19
teardrop.c
  • Teardrop attacks use IP fragment vulnerabilities
  • Ping of Death simply sends an extremely large IP
    packet
  • Teardrop sends fragments that overlap
  • Result Server crash

20
SMTP/Email attacks
  • Bombing
  • Multiple identical messages to a single recipient
  • Spamming
  • Multiple messages to multiple recipients
  • Filters are useful in preventing an attack,
    however spam continues to be used as a marketing
    tool

21
Session replay
  • Record an entire TCP/IP stream
  • Modify the stream
  • Replay it

22
Cookie Poisoning
  • Analyze the format of data stored in a cookie
  • Not all sites encrypt data
  • Modify cookie
  • Log back on to site
  • Ex LastPageVisited2Fkidpub2Fschools2Fkidpub-sc
    hools-directory.phpwww.kidpub.com/1024249897292829
    604757327755579229604673AuthorIDP3c2236b9bc029www
    .kidpub.com/10246215201282960468232773557922960467
    3

23
Parameter tampering
  • Change parameters in URL request strings
  • Ex http//www.com/order?price9.99item1234
  • Can also examine hidden fields in forms
  • Simple to avoid by using POST instead of GET in
    http sources

24
Buffer overflows
  • Attacker crafts code that overwrites a portion of
    stack
  • Code replaces return address on stack with one
    attacker chooses
  • Return address point either to Attacking code or
    somewhere else malicious
  • Results can be crash or control

25
Cross-site scripts
  • Insert script code (such as JavaScript) into form
    fields
  • Script is executed on the browser
  • Social engineering attack
  • To avoid, use server-side parsing of inputs (data
    validation)

26
Code injection
  • Pass extra SQL commands on http request string
  • Ex http//my.com/getCart?SQLselect creditCard
    from master where ID12345
  • Mod http//my.com/getCart?SQLselect creditCard
    from master where ID12345OR ID

27
File enumeration
  • Examine source code and site to find file names,
    directories, etc
  • Use files to determine if site is vulnerable to
    other attack modes

28
Forceful browsing
  • Access site pages out of order
  • May be able to bypass security checks
  • Data validation may also be weak on pages deep in
    site
  • Can be used with other attacks such as parameter
    tampering

29
Other vulnerabilities
  • Weak encryption
  • Open access to admin pages
  • Information leakage
  • Access to logs

30
Way to avoid problems
  • Practice least privilege
  • Users get no more access than what they need to
    do job
  • Secure defaults
  • Validate all data from external sources
  • Data are called tainted if from outside
  • Prevent information leakage
  • Defense in depth

31
Application layer options
  • SHTML
  • PGP
  • Block encryption
  • 3DES
  • Blowfish
  • IDEA
  • RC5
  • Message digests (MD5 etc)

32
Hashing
  • Used to provide evidence that message has not
    been tampered with
  • No key involved
  • Algorithms are collision resistant
  • Hash algorithm is one-way
  • SHA1 and MD5 are in common use
  • Typically will hash an encrypted message twice
  • Original encrypted

33
SHTML
  • Uses encryption of data stream between client and
    server
  • Only recently has strong encryption become
    available in the US
  • Still vulnerable to certain attacks because key
    exchange must happen in the clear

34
Symmetric vs asymmetric cryptography
  • Symmetric
  • Algorithm uses same key on both sides of
    transaction
  • Keys must be exchanged in trusted manner
  • Rotation keys often used
  • Asymmetric
  • Only one key is available to public
  • No need to exchange keys
  • PGP/PKI is example

35
PGP
  • Pretty Good Privacy
  • Uses private/public key encryption
  • Extremely strong encryption
  • Used both for encryption and digital signatures
  • Until recenty PGP was a controlled technology

36
(No Transcript)
37
Public-Key Encryption Components
  • Plaintext
  • Encryption algorithm
  • Public and private key
  • Ciphertext
  • Decryption algorithm

38
Public-Key Encryption Operation
39
Public-Key Signature Operation
40
Characteristics of Public-Key
  • Computationally infeasible to determine the
    decryption key given knowledge of the
    cryptographic algorithm and the encryption key
  • Either of the two related keys can be used for
    encryption, with the other used for decryption

41
Steps in Public Key Encryption
  • Each user generates a pair of keys to be used for
    the encryption and decryption of messages.
  • Each user places one of the two keys in a public
    register or other accessible file. This is the
    public key. The companion key is kept private.
  • If Bob wishes to send a private message to Alice,
    Bob encrypts the message using Alice's public
    key.
  • When Alice receives the message, she decrypts it
    using her private key. No other recipient can
    decrypt the message because only Alice knows
    Alice's private key.

42
Digital Signature Process
43
RSA Encryption Algorithm
  • Developed in 1977, first published in 1978
  • Widely accepted and implemented approach to
    public-key encryption
  • For plaintext block M and ciphertext block C
  • C Me mod n
  • M Cd mod n (Me)d mod n Med mod n
  • Both sender and receiver must know values of n
    and e only receiver knows value of d
  • Public key of KU e, n
  • Private key of KR d, n.

44
RSA Requirements
  • It is possible to find values of e, d, n such
    that Med M mod n for all M lt n.
  • It is relatively easy to calculate Me and Cd for
    all values of M lt n.
  • It is infeasible to determine d given e and n.
  • This requirement can be met with large values of
    e and n

45
Approaches to Defeating RSA
  • Brute force approach try all possible private
    keys.
  • The larger the number of bits in e and d, the
    more secure the algorithm.
  • However, the larger the size of the key, the
    slower the system will run.
  • Cryptanalysis factoring n into its two prime
    factors
  • A hard problem, but not as hard as it used to be
  • Currently, a 1024-bit key size is considered
    strong enough for virtually all applications

46
Key Management
  • Symmetric encryption requires both parties to
    share a secret key
  • Secure distribution of keys is the most difficult
    problem for symmetric encryption
  • Public key encryption solves this problem, but
    adds the issue of authenticity
  • Public key certiciates address this issue

47
Public Key Certificates
48
Public Key Certificate Process
  • 1. A public key is generated by the user and
    submitted to Agency X for certification.
  • 2. X determines by some procedure, such as a
    face-to-face meeting, that this is authentically
    the users public key.
  • 3. X appends a timestamp to the public key,
    generates the hash code of the result, and
    encrypts that result with Xs private key forming
    the signature.
  • 4. The signature is attached to the public key.

49
Virtual Private Networks (VPNs)
  • Internet connectivity provides easier access for
    telecommuters and off-site employees
  • Use of a public network exposes corporate traffic
    to eavesdropping and provides an entry point for
    unauthorized users
  • A variety of encryption and authentication
    packages and products are available to secure and
    authenticate remote access
  • Need for a standard that allows a variety of
    platforms to interconnect securely

50
Applications of IPSec
  • Secures communications across a LAN, WANs, and/or
    the Internet
  • Can encrypt and/or authenticate all traffic at
    the IP level
  • Examples of use
  • Secure branch office connectivity over the
    Internet
  • Secure remote access over the Internet
  • Establishing extranet and intranet connectivity
    with partners
  • Enhancing electronic commerce security

51
Benefits of IPSec
  • When implemented in a firewall or router,
    provides strong security for all traffic crossing
    the perimeter
  • IPSec in a firewall is resistant to bypass
  • Runs below the transport layer (TCP, UDP) and so
    is transparent to applications
  • Can be transparent to end users
  • Can provide security for individual users if
    needed

52
IPSec Functions
  • IPSec provides three main facilities
  • authentication-only function referred to as
    Authentication Header (AH)
  • combined authentication/encryption function
    called Encapsulating Security Payload (ESP)
  • a key exchange function
  • For VPNs, both authentication and encryption are
    generally desired

53
ESP Transport and Tunneling
  • Transport Mode
  • provides protection primarily for upper-layer
    protocols.
  • Typically used for end-to-end communication
    between two hosts
  • encrypts and optionally authenticates the IP
    payload but not the IP header
  • useful for relatively small networks for a
    full-blown VPN, tunnel mode is far more efficient
  • Tunnel Mode
  • Provides protection to the entire packet
  • Original packet is encapsulated in ESP fields,
    protecting contents from examination
  • Used when one or both ends is a security gateway
  • Multiple hosts on networks behind firewalls may
    engage in secure communications without
    implementing IPSec

54
IPSec Key Management
  • Manual
  • System administrator manually configures each
    system with its own keys and with the keys of
    other communicating systems
  • Practical for small, relatively static
    environments
  • Automated
  • Enables the on-demand creation of keys for SAs
    and facilitates the use of keys in a large
    distributed system
  • Most flexible but requires more effort to
    configure and requires more software

55
IPSec and VPNs
  • Organizations need to isolate their networks and
    at the same time send and receive traffic over
    the Internet
  • Authentication and privacy mechanisms of secure
    IP allow for security strategy
  • IPSec can be implemented in routers or firewalls
    owned and operated by the organization, allowing
    the network manager complete control over
    security aspects of the VPN

56
Transport layer
  • Secure socket layer (SSL)
  • Secure shell (SSH)
  • Socket security (SOCKS)

57
Network layer / Link layer
  • IPSec (IP Security suite)
  • Cisco layer 2 forwarding protocol for VPN
  • Point to point tunneling

58
Creating security policies
  • What are you trying to protect?
  • What are you protecting it from?
  • How likely are the threats?
  • Implement measures to protect your assets
  • Continuously review and revise your policy

59
Resources
  • www.rootshell.com
  • www.cert.org
About PowerShow.com