Security Basics

3YSTEMSAND)NTERNET)NFRASTRUCTURE3ECURITY

II

.ETWORKAND3ECURITY2ESEARCH#ENTER$EPARTMENTOF#OMPUTER3CIENCEAND%NGINEERING0ENNSYLVANIA3TATE5NIVERSITY5NIVERSITY0ARK0!

CSE598K/CSE545 - Advanced Network Security - McDaniel Page

Security Basics

CSE598K/CSE545 - Advanced Network SecurityProf. McDaniel - Spring 2008

1


A cautionary tale ...

2

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."


Network Security Network security covers a spectrum of security from

global protections to single port firewalls.

This course will sample from amongst these.

3

Global Security(BGP)

Enterprise Security(VPNs)

Host Security(Personal Firewalls)

LargerSmaller


Network vs. Web The network is a service ...

A conduit for data to be passed between systems. Layers services (generally) to allow flexibility. Highly scalable. This is a public channel.

The Web is an application

This is an application for viewing/manipulating content. The services are unbounded by services, e.g., Java. This can either be public (as in CNNs website), or private (as

in enterprise internal HR websites).

4


The E2E Argument Idea: most systems require end-to-end communication

service, but low-level features have costs (performance) incurred by all users ... thus ...

It is important that the features provided at a low level remain very simple ... yielding ...

Smart endpoints ... dumb minimal network

Consequence: the network is simple and not very receptive to new (often complicated) security services being added into them. Need to implement security as a service (e.g., bump in the stack--IPsec)

5


Challenges The network is ...

administered unevenly and often poorly hard to change very simple unreliable ...

Not designed to be secure.6


Security Terms Guarantees

Confidentiality Integrity Non-repudability Availability

Attacks

Passive vs. active Denial of service Traffic analysis

7

Make sure you have these in your head!


Case Study: Host Access The first systems used telnet as the primary

utility for accessing systems remotely.

Telnet connects across the network on port tcp/23 Remotely allows a user access to the login prompt

Username/passwords are supplied, allowed access to shell

Everything is sent in cleartext across the network (eavesdropping)

even the password!

8


RSH/RCP Remote shell (rsh) was introduced as a means of

allowing remote access without having to login.

Users would assert their identity implicitly in the call, and could invoke whatever scripts were allowed by that machine.

-c run whatever scripts were needed

The /etc/hosts.equiv file indicates which machines should be allowed to invoke whatever users they want.

The ~/.rhosts file allows users to identify trusted hosts

9


Problems? Of course both of these models were terrible from a

security standpoint

Users could be asserted Traffic could be eavesdropped Passwords could be guessed

Sadly, the standard in remote access until about 2000.10


SSH Secure shell (ssh) - an alternate to telnet that looks

and feels just like telnet!

The difference is that it transparently uses cryptographic keys to provide for confidentiality, integrity, and authentication

Concepts: Each machine has an identity

recorded by each user Ever user has an identity

Stored in each users home directory They perform mutual authentication at startup, negotiate session

keys, and use it to secure all the session communication

11


SSH Server Configuration files

/etc/ssh/ssh_host_key.pub (pub identifies host) ~/.ssh authorized_keys2 (pub user keys)

Client Configuration files ~/.ssh/known_hosts2 (pub keys of known hosts) ~/.ssh/id_dsa (priv key of user)

12


SSH Authentication

13

Client

(1) SSH_MSG_USERAUTH_REQUEST

(user, service ....)

(2) SSH_MSG_USERAUTH_INFO_REQUEST

(user, authtype, prompt, challenge, ...)

(3) SSH_MSG_USERAUTH_INFO_RESPONSE

(user, response, ..)

Server


What it means? Security model of ssh:

I can configure a .rhosts if you want, but no longer forgable Note: you can still use password if host not configured

You authenticate hosts based on first interaction Build a map of known identities over time, warned when the

identity changes (typically upon reinstall, or refresh - most ignore)

Cant solve: Password cracking

Traffic analysis

Covert channels

Thus: limited but highly usable way to access hosts.14

Security Basics

Documents

Transcript of Security Basics