Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Internet Security
BIT-301Internet Methodologies
By:-Inderjeet Singh
BIT-301, IM Internet Security 1
Introduction
• Internet security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level as it applies to other applications or operating systems on a whole.
• Its objective is to establish rules and measures to use against attacks over the Internet.
• The Internet represents an insecure channel for exchanging information leading to a high risk of intrusion or fraud, such as phishing.
BIT-301, IM Internet Security 2
Need of Internet Security
• Identity Theft• Non- repudiation • establish rules and measures to use
against attacks over the Internet.• high risk of intrusion or fraud, such
as phishing.
BIT-301, IM Internet Security 3
BIT-301, IM Internet Security 4
What are Search Engines?• Designed to assist you in searching
through the enormous amount of information on the Web
• No single search tool has everything• Each engine is a large database which
utilizes different search techniques and tools (spiders or robots) to build indexes to the Internet (some also utilize submissions and administration)
BIT-301, IM Internet Security 5
Which Search Engine?
• Yahoo• Altavista• Excite• Google• NorthernLights• Hotbot• Infoseek
BIT-301, IM Internet Security 6
How to Choose
Consider• Size of the database (# of URLs)• Currency of the database
(updates)• Search interface• Help screens• Search features• Results listed (# of documents
retrieved)• Relevance of results
BIT-301, IM Internet Security 7
More About Search Engines
• Searches for matching terms (keywords or several keywords)
• Results “ranked” by relevancy (for some)• Can search by
– subject or category– keyword
• Learn about each search engine’s description, options, and rules and restrictions
BIT-301, IM Internet Security 8
GO TO
http://www.google.com/help.html
BIT-301, IM Internet Security 9
Searches for exact matches Try different versions of your search
term Example: “Boston hotel” vs. “Boston
hotels”
Rephrase query Example: “cheap plane tickets” vs.
“cheap airplane tickets”
BIT-301, IM Internet Security 10
• Automatically places “and” between words (expands search)
• To reduce search –– add more terms in original search
– refine search within the current search results. (adding terms to first words will return a subset of the original query)
• Exclude a word by using a – sign– Example: to search bass but not speaker bass –
speaker• Does not support “or” operator• Does not support “stemming” or “wildcard” searches• Not case sensitive
BIT-301, IM Internet Security 11
• Explicit Phrase– Example Search: "inbound marketing“
• Exclude Words– Example Search: inbound marketing –advertising
• Site-Specific Search– Example Search: "inbound marketing"
site:www.smallbusinesshub.com
• Similar Words/ Synonyms– Example Search: "inbound marketing" ~professional
• Specific Document Types– Example Search: "inbound marketing" filetype:ppt
• This OR That– Example Search: inbound marketing OR advertising
• Phone Listing– Example Search: phonebook:617-555-1212
BIT-301, IM Internet Security 12
• Numeric Ranges– Example Search: president 1940..1950
• Word Definition– Search Example: define:plethora
• Stock (Ticker ) Symbol– Search Example: define:plethora
• Calculator– Search Example: 48512 * 1.02
BIT-301, IM Internet Security 13
• Finds street maps– Just enter a U.S. street address,
including zip code or city/state into the search box
– Google recognizes query as a map request
Try your address
BIT-301, IM Internet Security 14
Phrase Searches and Connectors
• Phrase Searches are useful when searching for famous sayings or specific names “Gone with the Wind”
• Phrase Connectors are recognized– Hyphens– Slashes– Periods– Equal signs– Apostrophes
• Example: mother-in-law
BIT-301, IM Internet Security 15
Stop Words• Stop words are ignored • These rarely help narrow and slow down
search– http– com– certain single digits– certain single letters
• to include stop words use [space]+• Example
– Star Wars, Episode 1 Star wars episode +1
– OS/2 OS/ +2***don’t forget the space before the + - signs
BIT-301, IM Internet Security 16
How to Interpret Results
See Handout
BIT-301, IM Internet Security 17
• Basic Search• Power Search• Industry Search• Investext Search• News
Approaches to Searching
EDUC 478 Davina Pruitt-Mentle 18
“Meta” Search Tools• Multi-threaded search engines• Allows access to multiple databases
simultaneously or via a single interface• (-) Do not offer the same level of control
over search interface and logic as individual engines
• (+) Fast• (+) Improvements
– Results sorted by site used for search, or location of Website
– Able to select search engines to include– ability to modify results
EDUC 478 Davina Pruitt-Mentle 19
Popular Meta-Search Engines
• Dogpile• Metacrawler• Profusion• SavvySearch
EDUC 478 Davina Pruitt-Mentle 20
Subject-Specific Search Engines
• Do not index entire web• Focus within specific Websites/pages
within defined subject area, geographical area, type of resource
• Specialized search - depth rather than breath
EDUC 478 Davina Pruitt-Mentle 21
Selected Subject-Specific Engines
Companies • Companies Online
(http://www.companiesonline.com/) • Hoover's Online (http://www.hoovers.com/) • Wall Street Research Net (http://www.wsrn.com/)
People (E-mail and Phone) • Bigfoot (http://bigfoot.com/) • WhoWhere? (http://www.whowhere.lycos.com) • Yahoo! People Search (http://people.yahoo.com/)
• Switchboard.Com (http://www.switchboard.com)
EDUC 478 Davina Pruitt-Mentle 22
Selected Subject-Specific Engines
Images • The Amazing Picture Machine
(http://www.ncrtec.org/picture.htm) • Lycos Image Gallery
(http://www.lycos.com/picturethis/) • WebSeek
(http://disney.ctr.columbia.edu/webseek/)
• Yahoo! Image Surfer (http://ipix.yahoo.com/)
EDUC 478 Davina Pruitt-Mentle 23
Selected Subject-Specific Engines
Jobs • Hotjobs.com (http://www.hotjobs.com/)• Monster.com (http://www.monster.com/) • The Riley Guide (http://www.rileyguide.com/)
Games • CNET Gamecenter.com
(http://www.gamecenter.com/) • Games Domain (http://www.gamesdomain.com/) • Gamesmania (http://www.gamesmania.com/) • GameSpot (http://www.gamespot.com/)
EDUC 478 Davina Pruitt-Mentle 24
Selected Subject-Specific Engines
Software • Jumbo (http://www.jumbo.com) • Shareware.com (http://www.shareware.com) • ZDNet Downloads
(http://www.zdnet.com/downloads/) Health/Medicine • Achoo (http://www.achoo.com/) • BioMedNet (http://www.bmn.com/) • Combined Health Information Database
(http://chid.nih.gov/) • Mayo Clinic Health Oasis (http://www.mayohealth.org/) • Medical World Search (http://www.mwsearch.com/) • OnHealth (http://www.onhealth.com)
EDUC 478 Davina Pruitt-Mentle 25
Selected Subject-Specific Engines
Education/Children's Sites • AOL NetFind Kids Only
(http://www.aol.com/netfind/kids/) • Blue Web'n
(http://www.kn.pacbell.com/wired/bluewebn/) • Education World (http://www.education-
world.com/) • Kid Info (http://www.kidinfo.com/) • Kids Domain (http://www.kidsdomain.com) • KidsClick! (http://sunsite.berkeley.edu/KidsClick!/) • Yahooligans! (http://www.yahooligans.com)
EDUC 478 Davina Pruitt-Mentle 26
Subject Directories
• Hierarchically organized indexes of subject categories
• User can browse through lists of Websites by subject in search of relevant information
• Maintained by human• May include a search engine for
searching their own database
EDUC 478 Davina Pruitt-Mentle 27
Examples of Subject Directories
• INFOMINE (Academic Scholarly Subject Directory - http://infomine.ucr.edu/)
• LookSmart• Lycos• Magellan
(http://www.magellan.excite.com/)• Open Directory
(http://www.dmoz.org/)• Yahoo Many of these have aspects of both search and
directory
BIT-301, IM Internet Security
Cryptography
28
BIT-301, IM Internet Security
Summary
• Symmetric Encryption• Public Encryption• Digital Signature• Key Distribution
29
BIT-301, IM Internet Security
Basic Terminology
• plaintext - the original message • ciphertext - the coded message • cipher - algorithm for transforming plaintext to
ciphertext • key - info used in cipher known only to
sender/receiver • encipher (encrypt) - converting plaintext to
ciphertext • decipher (decrypt) - recovering ciphertext from
plaintext• cryptography - study of encryption
principles/methods• cryptanalysis (codebreaking) - the study of
principles/ methods of deciphering ciphertext without knowing key
• cryptology - the field of both cryptography and cryptanalysis
30
BIT-301, IM Internet Security
The language of cryptography
symmetric key crypto: sender, receiver keys identicalpublic-key crypto: encryption key public, decryption
key secret (private)
plaintext plaintextciphertext
KA
encryptionalgorithm
decryption algorithm
Alice’s encryptionkey
Bob’s decryptionkey
KB
31
BIT-301, IM Internet Security
Symmetric Encryption
• or conventional / secret-key / single-key
• sender and recipient share a common key
• all classical encryption algorithms are private-key
• was only type prior to invention of public-key in 1970’s
32
BIT-301, IM Internet Security
Symmetric Cipher Model
33
BIT-301, IM Internet Security
Symmetric Key Cryptography
symmetric key crypto: Bob and Alice share know same (symmetric) key: K
• e.g., key is knowing substitution pattern in mono alphabetic substitution cipher
plaintextciphertext
KA-B
encryptionalgorithm
decryption algorithm
A-B
KA-B
plaintextmessage, m
K (m)A-B
K (m)A-Bm = K ( )
A-B
34
BIT-301, IM Internet Security
Requirements
• two requirements for secure use of symmetric encryption:– a strong encryption algorithm– a secret key known only to sender /
receiverY = EK(X)
X = DK(Y)
• assume encryption algorithm is known
• implies a secure channel to distribute key
35
BIT-301, IM Internet Security
Cryptography
• can characterize by:– type of encryption operations used
• substitution / transposition / product
– number of keys used• single-key or private / two-key or public
– way in which plaintext is processed• block / stream
36
BIT-301, IM Internet Security
Summary
• Symmetric encryption• Public encryption• Digital Signature• Key distribution
37
BIT-301, IM Internet Security
Private-Key Cryptography
• traditional private/secret/single key cryptography uses one key
• shared by both sender and receiver • if this key is disclosed
communications are compromised • also is symmetric, parties are equal • hence does not protect sender from
receiver forging a message & claiming is sent by sender
38
BIT-301, IM Internet Security
Public-Key Cryptography
• probably most significant advance in the 3000 year history of cryptography
• uses two keys – a public & a private key
• asymmetric since parties are not equal
• uses clever application of number theoretic concepts to function
• complements rather than replaces private key crypto
39
BIT-301, IM Internet Security
Public-Key Cryptography
• public-key/two-key/asymmetric cryptography involves the use of two keys: – a public-key, which may be known by
anybody, and can be used to encrypt messages, and verify signatures
– a private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures
• is asymmetric because– those who encrypt messages or verify
signatures cannot decrypt messages or create signatures
40
BIT-301, IM Internet Security
Public-Key Cryptography
41
BIT-301, IM Internet Security
Public-Key Characteristics
• Public-Key algorithms rely on two keys with the characteristics that it is:– computationally infeasible to find
decryption key knowing only algorithm & encryption key
– computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known
– either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)
42
BIT-301, IM Internet Security
Public-Key Cryptosystems
43
BIT-301, IM Internet Security
Public-Key Applications
• can classify uses into 3 categories:– encryption/decryption (provide
secrecy)– digital signatures (provide
authentication)– key exchange (of session keys)
• some algorithms are suitable for all uses, others are specific to one
44
BIT-301, IM Internet Security
Security of Public Key Schemes
• like private key schemes brute force exhaustive search attack is always theoretically possible
• but keys used are too large (>512bits) • security relies on a large enough
difference in difficulty between easy (en/decrypt) and hard (cryptanalysis) problems
• more generally the hard problem is known, its just made too hard to do in practise
• requires the use of very large numbers• hence is slow compared to secret key
schemes
45
BIT-301, IM Internet Security
Summary
• Symmetric encryption• Public encryption• Digital Signature• Key distribution
46
BIT-301, IM Internet Security
Digital Signatures
Cryptographic technique analogous to hand-written signatures.
• sender (Bob) digitally signs document, establishing he is document owner/creator.
• verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document
47
BIT-301, IM Internet Security
Digital Signatures
Simple digital signature for message m:
• Bob signs m by encrypting with his private key KB, creating “signed” message, KB(m)
--
Dear AliceOh, how I have missed you. I think of you all the time! …(blah blah blah)
Bob
Bob’s message, m
Public keyencryptionalgorithm
Bob’s privatekey
K B-
Bob’s message, m, signed
(encrypted) with his private key
K B-(m)
48
BIT-301, IM Internet Security
Digital Signatures (more)
• Suppose Alice receives msg m, digital signature KB(m)
• Alice verifies m signed by Bob by applying Bob’s public key KB to KB(m) then checks KB(KB(m) ) =
m.
• If KB(KB(m) ) = m, whoever signed m must have
used Bob’s private key.
+ +
-
-
- -
+
Alice thus verifies that: Bob signed m. No one else signed m. Bob signed m and not m’.
Non-repudiation: Alice can take m, and signature KB(m) to court and
prove that Bob signed m. -
49
BIT-301, IM Internet Security
large message
mH: Hashfunction H(m)
digitalsignature(encrypt)
Bob’s private
key K B-
+
Bob sends digitally signed message:
Alice verifies signature and integrity of digitally signed message:
KB(H(m))-
encrypted msg digest
KB(H(m))-
encrypted msg digest
large message
m
H: Hashfunction
H(m)
digitalsignature(decrypt)
H(m)
Bob’s public
key K B+
equal ?
Digital signature = signed message digest
50
BIT-301, IM Internet Security
Summary
• Symmetric encryption• Public encryption• Digital Signature• Key distribution
51
BIT-301, IM Internet Security
Key Distribution
• symmetric schemes require both parties to share a common secret key
• issue is how to securely distribute this key
• often secure system failure due to a break in the key distribution scheme
52
BIT-301, IM Internet Security
Key Distribution
• given parties A and B have various key distribution alternatives:
1. A can select key and physically deliver to B
2. third party can select & deliver key to A & B
3. if A & B have communicated previously can use previous key to encrypt a new key
4. if A & B have secure communications with a third party C, C can relay key between A & B
53
BIT-301, IM Internet Security
Trusted Intermediaries
Symmetric key problem:• How do two entities
establish shared secret key over network?
Solution:• trusted key distribution
center (KDC) acting as intermediary between entities
Public key problem:• When Alice obtains
Bob’s public key (from web site, e-mail, diskette), how does she know it is Bob’s public key, not Trudy’s?
Solution:• trusted certification
authority (CA)
54
BIT-301, IM Internet Security
Key Distribution Center (KDC)
• Alice, Bob need shared symmetric key.• KDC: server shares different secret key
with each registered user (many users)• Alice, Bob know own symmetric keys, KA-KDC
KB-KDC , for communicating with KDC.
KB-KDC
KX-KDC
KY-KDC
KZ-KDC
KP-KDC
KB-KDC
KA-KDC
KA-KDC
KP-KDC
KDC
55
BIT-301, IM Internet Security
Key Distribution Center (KDC)
Aliceknows
R1
Bob knows to use R1 to communicate with Alice
Alice and Bob communicate: using R1 as session key for shared symmetric
encryption
Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other?
KDC generates
R1
KB-KDC(A,R1)
KA-KDC(A,B)
KA-KDC(R1, KB-KDC(A,R1) )
56
BIT-301, IM Internet Security
Key Management (public)
• public-key encryption helps address key distribution problems
• have two aspects of this:– distribution of public keys– use of public-key encryption to
distribute secret keys
57
BIT-301, IM Internet Security
Distribution of Public Keys
• can be considered as using one of:– Public announcement– Publicly available directory– Public-key authority– Public-key certificates
58
BIT-301, IM Internet Security
Public Announcement
• users distribute public keys to recipients or broadcast to community at large– eg. append PGP keys to email messages
or post to news groups or email list
• major weakness is forgery– anyone can create a key claiming to be
someone else and broadcast it– until forgery is discovered can
masquerade as claimed user
59
BIT-301, IM Internet Security
Certification Authorities
• Certification authority (CA): binds public key to particular entity, E.
• E (person, router) registers its public key with CA.– E provides “proof of identity” to CA. – CA creates certificate binding E to its public key.– certificate containing E’s public key digitally
signed by CA – CA says “this is E’s public key”Bob’s public
key K B+
Bob’s identifying informatio
n
digitalsignature(encrypt)
CA private
key K CA-
K B+
certificate for Bob’s public
key, signed by CA60
BIT-301, IM Internet Security
Certification Authorities
• When Alice wants Bob’s public key:– gets Bob’s certificate (Bob or
elsewhere).– apply CA’s public key to Bob’s
certificate, get Bob’s public key
Bob’s public
key K B+
digitalsignature(decrypt)
CA public
key K CA+
K B+
61
BIT-301, IM Internet Security
A certificate contains:• Serial number (unique to issuer)• info about certificate owner, including
algorithm and key value itself (not shown)
• info about certificate issuer
• valid dates
• digital signature by issuer62
BIT-301, IM Internet Security
Summary
• Symmetric encryption• Public encryption• Digital Signature• Key distribution
63
Firewalls
• A choke point of control and monitoring • Interconnects networks with differing trust• Imposes restrictions on network services
– only authorized traffic is allowed
• Auditing and controlling access– can implement alarms for abnormal behavior
• Itself immune to penetration• Provides perimeter defence
BIT-301, IM Internet Security 64
Packet Filter Firewall• A router with filtering capabilities• The firewall uses packet-filters (Access Control List-
ACLs) to drop or pass traffic• Stateful inspection– keep state of every TCP/UDP flow and allow reverse traffic– traffic from inside “opens” the firewall for incoming traffic
dynamically
• Example:– permit out on eth0 from 77.2.3.0/24 to any proto
tcp keep state– permit inout on eth0 proto icmp– deny default
BIT-301, IM Internet Security 65
The ACK signifies that the packet is part of an ongoing conversation
Packets without the ACK are connection establishment messages, which we are only permitting from internal hosts
BIT-301, IM Internet Security 66
Security & Performance of Packet Filters• Tiny fragment attacks
– Split TCP header info over several tiny packets
– Either discard or reassemble before check• Degradation depends on number of
rules applied at any point• Order rules so that most common traffic
is dealt with first• Correctness is more important than
speed
BIT-301, IM Internet Security 67
BIT-301, IM Internet Security 68
Proxy firewall / Application-levelgateway
• Firewall runs set of proxy programs– Proxies filter incoming, outgoing packets– All incoming traffic directed to firewall – All outgoing traffic appears to come from firewall
• Policy embedded in proxy programs• Two kinds of proxies
– Application-level gateways/proxies• Tailored to http, ftp, smtp, etc.
– Circuit-level gateways/proxies• Working on TCP level
BIT-301, IM Internet Security 69
Proxy firewall / Application-levelgateway
BIT-301, IM Internet Security 70
Demilitarized Zone• In computer security, a DMZ or demilitarized
zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet.
• The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network.two levels of defence: defence in depth
• If a server is attacked, the intranet is still safe• Can be combined with application proxiesBIT-301, IM Internet Security 71
Demilitarized Zone
BIT-301, IM Internet Security 72
Application-Level Filtering• Has full access to protocol
– user requests service from proxy – proxy validates request as legal – then actions request and returns result to
user
• Need separate proxies for each service – E.g., SMTP (E-Mail)– NNTP (Net news)– DNS (Domain Name System)– NTP (Network Time Protocol)– custom services generally not supportedBIT-301, IM Internet Security 73
App-level Firewall Architecture
Daemon spawns proxy when communication detected
Network Connection
Telnet daemon
SMTP daemon
FTP daemon
Telnet
proxy
FTP proxy SMTP
proxy
BIT-301, IM Internet Security 74
Bastion Host
• A bastion host is a computer that is fully exposed to attack. The system is on the public side of the demilitarized zone (DMZ), unprotected by a firewall or filtering router.
• Frequently the roles of these systems are critical to the network security system.
BIT-301, IM Internet Security 75
Where to Deploy App-level FirewallBastion Host: highly secure host system • Potentially exposed to "hostile"
elements • Hence is secured to withstand this
– Disable all non-required services; keep it simple
• Runs circuit / application level gateways – Install/modify services you want
• Or provides externally accessible services
BIT-301, IM Internet Security 76
Screened Host Architecture• The screened host firewall combines a packet-filtering
router with an application gateway located on the protected subnet side of the router.
• The application gateway needs only one network interface. The application gateway's proxy services would pass TELNET, FTP, and other services for which proxies exist, to site systems. The router filters or screens inherently dangerous protocols from reaching the application gateway and site systems.
• It rejects (or accepts) application traffic according to the following rules: – application traffic from Internet sites to the application
gateway gets routed, – all other traffic from Internet sites gets rejected, and – the router rejects any application traffic originating from
the inside unless it came from the application gatewayBIT-301, IM Internet Security 77
Screened Host Architecture
BIT-301, IM Internet Security 78
Screened Subnet using Two Routers
• The outer router restricts Internet access to specific systems on the screened subnet, and blocks all other traffic to the Internet originating from systems that should not be originating connections (such as the modem pool, the information server, and site systems).
• The inner router passes traffic to and from systems on the screened subnet according to the following rules:
– application traffic from the application gateway to site systems gets routed,
– e-mail traffic from the e-mail server to site systems gets routed, – application traffic to the application gateway from site systems
get routed, – e-mail traffic from site systems to the e-mail server gets routed, – ftp, gopher, etc., traffic from site systems to the information
server gets routed, – all other traffic gets rejected.
BIT-301, IM Internet Security 79
Screened Subnet Using Two Routers
BIT-301, IM Internet Security 80
Firewall Design Criteria• There is no absolute security
– It is always a question of economics
• Defense in depth– place several firewalls after each other
• Weakest link– The strength of your security system is bounded by
the weakness of your weakest link
• Least privilege– Give the smallest amount of privilege possible
• Fail safe– Even if everything is going wrong, the security system
should not leave any security hole in the system.
• Keep it simple!BIT-301, IM Internet Security 81