Security Issues on Distributed Systems MRL9903
-
Upload
amity-garrett -
Category
Documents
-
view
23 -
download
1
description
Transcript of Security Issues on Distributed Systems MRL9903
7 August, 1999 S 1
Security Issues on Distributed Systems
Prepared by : Lorrien K. Y. Lau
Student I.D. : 97077200
7 August 1999
The Chinese University of Hong Kong
Department of Computer Science and Engineering
7 August, 1999 S 2
Security Issues on Distributed Systems
- Objective
- What is “Firewall” ??
• Definition and goals
- Firewall Testing
• Methodology
• Design ( Hardware / Software/Configuration Setup) and Policy
• Performance and Security Testing
- Result Analysis
- Future Work and Conclusion
- Q & A
Agenda
7 August, 1999 S 3
Security Issues on Distributed Systems
Objective
- To survey on the various distributed systems security related topics such as encryption and decryption schemes and firewall in the literature review
- To evaluate the security control of different firewall configurations by doing testing on firewall with different security levels and proxy service
-To investigate the impact of different levels of firewall security and measures on the performance of firewall system
-To determine how well the various firewall systems in guarding the private network against some potential external attacks and scanning
- To examine and try to deduce a relationship between security and performance from the testing result
7 August, 1999 S 4
Security Issues on Distributed Systems
What is “Firewall” ?
Definition:
- Logically, a firewall is a separator, a restricter, an analyzer that are used to protect the internal network against any attack. Usually installed at a point where the protected internal network connects to the Internet
- A system, either software or hardware or both, that enforces access control policy between two networks.
-The manifestation of a company security policy
7 August, 1999 S 5
Security Issues on Distributed Systems
What is “Firewall” ?
Goals:-to restrict people to entering at a carefully controlled point
-to prevent intruders from getting close to your other defenses
-to restrict people to leaving at a carefully controlled point
Acts a castle used to prevent us from the outside attacks.
7 August, 1999 S 6
Security Issues on Distributed Systems
Firewall Testing - Methodology
- Setting up firewall with 7 different security levels by using different firewall policies , Level 1 < Level 2 …. < Level 7, by
• Screening rules set into the router
• Proxy server / system configurations
- Performance Testing - test the network performance against different security levels of firewall with FTP, HTTP
- Security Testing - verify the security levels by using network scanners such as “SAINT”, “NESSUS” and BSB monitor ..etc
7 August, 1999 S 7
Security Issues on Distributed Systems
Firewall Testing - Design
Test Bed Setup, HW, SW :
Firewall Server - Linux, FWTKHome - Linux
Router
Internet
Outside Attacker B
Outside Attacker C
Outside Attacker A
7 August, 1999 S 8
Security Issues on Distributed Systems
Firewall Testing - Policy
Firewall Policy 1- PERMIT any service unless it is expressly denied- Provide the maxi flexibility/access for internal & external users.
Firewall Policy 2- PERMIT any service unless it is expressly denied (same as config 1)- Disallow some problem service accesses from outside, but still provide flexible/easy access from outside, but no restriction on access from internal network to the Internet
7 August, 1999 S 9
Security Issues on Distributed Systems
Firewall Testing - Policy 2
Screening rules at router for Firewall policy 2- No ip source routing- No ip spoofing (e.g. traffic from mail server to pc89180)- Deny DNS(TCP) traffic from outside- Deny TFTPD(UDP) from outside to port 69- Deny link (TCP) from outside to port 97- Deny SunRPC(UDP) & NFS(TCP) from outside to port
111 & 2049- Deny lpd(TCP) from outside to port 515- Allow ALL others from outside to the pc89180 and email- Allow ALL traffic from the internal network to outside- IP Masquerader - IP being translated at the gateway
7 August, 1999 S 10
Security Issues on Distributed Systems
Firewall Testing - Policy 3
Firewall Policy 3 (Level 2 +)- PERMIT any service unless it is expressly denied (same as config. 2)- An additional protection is added with ‘proxy service’ enabled in the firewall server. Specific traffic is further shielded and screened by the proxy server installed.- Any traffic going into the private network would be pre-screened at the router first, then it would be passed into the proxy server for further authentication and screening. Security level is raised because the network traffic is examined by both the router and proxy server.
7 August, 1999 S 11
Security Issues on Distributed Systems
Firewall Testing - Policy 4 & 5
Firewall Policy 4 (Level 3+)- PERMIT any service unless it is expressly denied (same as config. 1)- Allow even more restricted access from outside, and deny from selected bad HOSTs from outside. - Deny ICMP traffic from outside ( in response to the nessus report)
Firewall Policy 5- DENY any service unless it is expressly permitted. (or we say "that is not expressly permitted is prohibited")- Deny all access from outside by default, but allow access from inside. - Permit only authorized IPs access to the private network
7 August, 1999 S 12
Security Issues on Distributed Systems
Firewall Testing - Policy 6 & 7
Firewall Policy 6 (Level 5 + )- DENY any service unless it is expressly permitted- A more restricted policy to permit outside access to certain port no.range only - e.g. restrict the TCP from outside at port > 1023 to pc89180 at port 80- Permit only authorized IPs access to the private network
Firewall Policy 7 (Level 6 + )- DENY any service unless it is expressly permitted- Provide the least flexibility and services to the internal users, but incorporate maxi protection on the LAN. - Restrict the internal users using some Internet services e.g. Telnet, TFPT
7 August, 1999 S 13
Security Issues on Distributed Systems
Firewall Testing - Performance Test
- Performance indicators: Total transaction time , Latency
- FTP protocol
• Data Transfer from outside FTP server
• 5 M data, connections 1 to 10
• 1 M data, connection 1 to 10
• 395 K data, connection 1, 5, 10, 20, 40
- HTTP protocol
• Data retrieval from outside , 38.9 K data, connection 1 to 300
7 August, 1999 S 14
Security Issues on Distributed Systems
Firewall Testing - Security Test
Tools : Network Scanner such as Nessus
7 August, 1999 S 15
Security Issues on Distributed Systems
Firewall Testing - Security Test
Nessus Setup Screen:
7 August, 1999 S 16
Security Issues on Distributed Systems
Firewall Testing - Security Test
Nessus - Attacks and Scanning to be choose :
7 August, 1999 S 17
Security Issues on Distributed Systems
Firewall Testing - Security TestNessus Result Report generated after attack and scanning :
7 August, 1999 S 18
Security Issues on Distributed Systems
Firewall Testing - Security TestSAINT - Security Administrator's Integrated Network Tool
7 August, 1999 S 19
Security Issues on Distributed Systems
Firewall Testing - Security TestBSB - Monitor :
7 August, 1999 S 20
Security Issues on Distributed Systems
Result Analysis - Security TestWhen summarying all the report from scanner, it found that
No. of warning and vulnerability count(s)
Level1 10
Level 2 9
Level 3 7
Level 4 6
Level 5 6
Level 6 3
Level 7 0
7 August, 1999 S 21
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by HTTP
With 395K data retrieval, under firewall policy/configuration 1
TL transaction time on average VS no. of connection under firewall configuration 1
-
20.00
40.00
60.00
80.00
100.00
120.00
140.00
160.00
x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300
No. of connection
TL
Tra
nsa
ctio
n t
ime
in
seco
nd
s
Cfg1
7 August, 1999 S 22
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by HTTP
With 395K data retrieval, under firewall configuration 1,2
TL transaction time VS no. of connections under firewall configuration 1 & 2
-
20.00
40.00
60.00
80.00
100.00
120.00
140.00
160.00
x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300
No. of connection(s)
TL
tra
nsa
ctio
n i
n s
eco
nd
s
Cfg1
Cfg2
7 August, 1999 S 23
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by HTTP
With 395K data retrieval, under firewall configuration 1,2,3
TL transaction time on average VS no. of connection under firewall configuration 1, 2, 3
-
200.00
400.00
600.00
800.00
1,000.00
1,200.00
1,400.00
1,600.00
1,800.00
x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300
No. of connection(s)
TL
tra
nsa
ctio
n t
ime
in
seco
nd Cfg1
Cfg2
Cfg3
7 August, 1999 S 24
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by HTTP
With 395K data retrieval, under firewall configuration 1,2,3,4
TL transaction time on average VS no. of connectionunder firewall configuration 1,2,3,4 respectively
-
200.00
400.00
600.00
800.00
1,000.00
1,200.00
1,400.00
1,600.00
1,800.00
2,000.00
x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300
No. of connection (s)
TL
tra
nsa
ctio
n t
ime
in
seco
nd
s
Cfg1
Cfg2
Cfg3
Cfg4
7 August, 1999 S 25
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by HTTP
With 395K data retrieval, with all the 7 firewall configurations TL transaction time on average VS no. of connection
-
200.00
400.00
600.00
800.00
1,000.00
1,200.00
1,400.00
1,600.00
1,800.00
2,000.00
x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300
No. of connection(s)
TL
Tra
nsa
ctio
n t
ime
in s
eco
nd
s
Cfg1
Cfg2
Cfg3
Cfg4
Cfg5
Cfg6
Cfg7
7 August, 1999 S 26
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by HTTP
Latency - with 395K data retrieval, with all the 7 firewall config. Average Latency VS no. of connection per transaction
-2.004.006.008.00
10.0012.0014.0016.0018.0020.00
x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300
No. of connection(s)
La
ten
cy i
n s
eco
nd
s Cfg1
Cfg2
Cfg3
cfg4
Cfg5
Cfg6
Cfg7
7 August, 1999 S 27
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by FTP
TL average transaction time, with 5M data for transfer TL transaction time VS no. of conneciton
-
20.00
40.00
60.00
80.00
100.00
120.00
140.00
160.00
x1 x2 x3 x4 x5 x6 x7 x8 x9 x10
No. of connection(s)
Tl
Tra
nsa
ctio
n t
ime
in s
econ
d
s
Cfg1
Cfg2
Cfg3
Cfg4
Cfg5
Cfg6
Cfg7
7 August, 1999 S 28
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by FTP
TL min transaction time, with 5M data for transfer
TL min transaction time VS no. of connection(s)
-
20.00
40.00
60.00
80.00
100.00
120.00
140.00
160.00
x1 x2 x3 x4 x5 x6 x7 x8 x9 x10
No. of connection(s)
TL
tra
nsa
ctio
n T
ime
in s
eco
nd
Cfg1
Cfg2
Cfg3
Cfg4
Cfg5
Cfg6
Cfg7
7 August, 1999 S 29
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by FTP
TL average transaction time, with 1M data for transfer TL average transaction time VS no. of connection
-5.00
10.0015.0020.0025.0030.0035.0040.0045.0050.00
x1 x2 x3 x4 x5 x6 x7 x8 x9 x10
No. of connection(s)
Tra
nsa
ctio
n t
ime
in s
econ
d s
Cfg1
Cfg2
Cfg3
Cfg4
Cfg5
Cfg6
Cfg7
7 August, 1999 S 30
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by FTP
TL average transaction time, with 38.9K data for transfer TL average Transaction time VS no. of connection
-
10.00
20.00
30.00
40.00
50.00
60.00
70.00
38.9k x 1 38.9k x 5 38.9k x 10 38.9k x 20 38.9k x 40
Transaction time in second s
No.
of
con
nec
tion
Cfg1
Cfg2
Cfg3
Cfg4
Cgf5
Cfg6
Cfg7
7 August, 1999 S 31
Security Issues on Distributed Systems
Result Analysis - Performance Testing - Data Transfer by FTP
Average Latency VS no. of connection
-
0.20
0.40
0.60
0.80
1.00
1.20
1.40
1.60
38.9k x 1 38.9k x 2 38.9k x 3 38.9k x 4 38.9k x 5
No. of connection(s)
Lat
ency
in
sec
ond
s
Cfg1
Cfg2
Cfg3
Cfg4
Cgf5
Cfg6
Cfg7
Average latency Time, with 38.9K data for transfer
7 August, 1999 S 32
Security Issues on Distributed Systems
Result Summary & Conclusion
• More connection requests, more traffic collision, performance be more affected by external traffic interference
• Overhead - significant when it outweighs/is comparable with the transaction time used, especially using proxy servers
• Larger/smaller size of data for transfer, more/less transaction time
• More security --> more overhead ---> poor performance L1>L3
• Security - Performance Relationship ~~ overhead added with more security control with respect to higher level of security, except that the added security control NOT incur any overhead
7 August, 1999 S 33
Security Issues on Distributed Systems
Future Work
Performance index (Rating from 0 to 1).0 .1 .2 .3 .4 .5 .6 .7 .8 .9 1
7 0,7 L7
1,7
6L6
Security 5L5
Index 4L4
(Rating 3L3
from 2L2
1 to 7) 1L1
(0, 1) (1,1)
Security-performance matrix
0,1 poorest performance, lowest security0,7 poorest performance, highest security1,1 best performance, lowest security1,7 best performance, highest security
If we assume the firewall of level 1 security in this project -- already best performs, it is 1,1.
7 August, 1999 S 34
Security Issues on Distributed Systems
Calculate performance index ?
Latency of L1 = 4.79
L1 performance index = 1L2 1/(L2 latency / L1 latency ) = 1/(5.29/4.79) = 0.9L3 1/(L3 latency / L1 latency) = 1/(6.53/4.79) = 7.3 ~ 0.7L4 1/(L4 latency / L1 latency) = 1/(6.61/4.79) = 7.2 ~ 0.7L5 1/(L5 latency / L1 latency) = 1/(6.17/4.79) = 7.8 ~ 0.7L6 1/(L6 latency / L1 latency) = 1/(6.41/4.79) = 7.5 ~ 0.7L7 1/(L7 latency / L1 latency) = 1/(6.45/4.79) = 7.4 ~ 0.7
Average latency for data transfer ( FTP with 38.9K data for transfer ) Cfg1 Cfg2 Cfg3 Cfg4 Cgf5 Cfg6 Cfg7
38.9k x 1 0.05 0.80 0.80 0.83 0.80 0.67 0.88 38.9k x 2 1.12 1.10 1.32 1.33 1.28 1.47 1.33 38.9k x 3 1.16 1.10 1.48 1.47 1.32 1.43 1.40 38.9k x 4 1.23 1.21 1.44 1.48 1.37 1.43 1.41 38.9k x 5 1.23 1.08 1.49 1.49 1.40 1.41 1.44 TL : 4.79 5.29 6.53 6.61 6.17 6.41 6.45 with Cfg1 1.00 0.90 0.73 0.72 0.78 0.75 0.74
7 August, 1999 S 35
Security Issues on Distributed Systems
More about future work ...
• More repeated testing on different size of data , connection numbers and some other firewall parameters
• Restructure the security of seven levels -- more difference between one another
7 August, 1999 S 36
Security Issues on Distributed Systems
Finally ….
7 August, 1999 S 37
Security Issues on Distributed Systems
Mainly 2 Problems ...
1. Outside interference to performance testing
~ irregularities of curves needs more testing to smooth out
2. Security level definition for firewallEasy to define, difficult to achieve and guarantee
7 August, 1999 S 38
Security Issues on Distributed Systems
Screening rule ….. checkingsPhase 2 :access-list 100 deny udp any host 137.189.89.250 eq tftpaccess-list 100 deny tcp any host 137.189.89.250 eq 97access-list 100 deny tcp any host 137.189.89.250 eq sunrpcaccess-list 100 deny udp any host 137.189.89.250 eq sunrpcaccess-list 100 deny tcp any host 137.189.89.250 eq 2049access-list 100 deny tcp any host 137.189.89.250 eq lpdaccess-list 100 permit ip any any
The no. of rules to permit packet
Phase 7 12
Phase 6 20
Phase5 20
Phase 4 24
Phase 3/2 7