Internet Security

Literature:Forouzan: TCP/IP Protocol Suite : Ch 28

Int ernet w orking

Internet Security

● Internet security is difficult● Internet protocols were not originally designed for security● The protocols are full of security holes. In all levels of the stack:

– ARP - L2 hijacking

– IP - spoofing, fragments, broadcast,

– UDP - stateless – easy to spoof

– TCP - hijacking sessions, denying service

– DNS – contaminating DNS caches

– Dynamic routing – false RIP messages

– Tunneling - bypass firewall rules

Attack Examples

● Spoofing – forging someone else’s address● Dictionary attack – getting passwords● Port scanning – finding open services● Sniffing – listening on internal traffic● Denial of service attacks (DOS)● Distributed DOS (DDOS)● Man-in-the-middle● Virus● Trojan horse ● Worm● Ping of death - killer packets

Address spoofing

● Forge addresses– L2 / IP addr / UDP ports / Names – Easy to do

● ARP & L2 spoofing redirects ARP caches and learning tables– Hijacking of sessions

● blind spoofing : return traffic goes to wrong host– attacking of the spoofed source

● man-in-the middle– pretend to be other host

● DNS– forging DNS RR entries

Denial of service – DOS/DDOS● Prevent normal use of a service

– TCP syn attack at TCP connection setup

– routing attacks – make networks unaccessable

– web defacing

– mail attacks

– fragment attacks

● Distributed DOS (DDOS)

– use many hosts to launch a DOS

– smurf: use ping to directed multicast and spoofed src

Aspects of security (Forouzan)

● Privacy

– Message readable only by receiver and sender

– Unreadable by others

● Authentication

– The receiver is certain of the sender’s identity

– No imposter

● Integrity

– Message receives exactly as it was sent.

– No changes during transmission.

● Nonrepudiation

– A receiver can prove that message came from a specific sender.

Secret key encryption

● Secret-key encryption/decryption

– symmetric encryption

– same key used at both parties

● Advantage

– Efficient algorithms: good for large messages

● Disadvantages

– Lots of keys: n(n-1)/2

– Key distribution

● KDC – Key Distribution Center● Examples

– Data Encryption Standard (DES)

– Advanced Encryption Standard (AES)

Public key encryption

● Disadvantages

– Algorithm complexity

– Public key needs verification

● Certification Authority (CA)● Example:

– Rivest, Shamir, Adleman (RSA)

● Use two keys

– Public key – available to all

– Private key – secret

● Advantages

– No shared keys

– Fewer keys

Digital Signature

● For authentication, integrity and nonrepudiation● Signing the document – digital signature● Approach 1: Public-key encryption (RSA) for signing the

whole document– Use own private key to encrypt, public key to decrypt

● Approach 2: Signing a digest of the document– Use a secure hash function (one-way)

– SHA-1, MD5

Sender signing the digest

● Sender produces a digest using hashing

● Digest is encrypted using its private key signed digest

● Singed digest appended to message

Receiver verifies signature ● Receiver extracts signed digest

– decrypts it using sender’s public key

● Produces a digest using hashing● Verification by comparing the two

Application/Transport layer security

● Security can be implemented in different layers of the IP stack– Application/Transport/Networking

● Kerberos– Authentication and key distribution

● PGP – Pretty Good Privacy– Digital signature using hashing and public-key encryption– combined secret-/public-key encryption for privacy

● SSH – Secure Shell– A ”secure version” of rlogin– Numerous functions

● SSL – Secure Socket Layer – (https:)– IETF version: TLS – Transport Layer Security– Confidential pipe between browser and web server– Server authentication

● S/MIME – Mail security

Security in the IP layer: IPsec

● A sender and receiver agree on a set of security schemes, – Security Association (SA) – a cleartext index (SPI)– SA includes: encryption algorithm, keys, lifetime, addresses

● IPsec implemented in the IP header– Part of IP stack, network layer

● IPsec consists of two protocols– Privacy: Encapsulation Security Payload (ESP) – Authentication, etc: Authentication Header (AH)

● IPsec has two modes– Tunnel mode useful for VPNs– Transport mode – end-to-end

● Dynamic key management – ISAKMP – Internet SA and Key Management Protocol– IKE – Internet Key Exchange

IPsec Transport Mode

● End-to-end security– Only end-host is trusted

● Security Association (SA) between H1 and H2.

Internet

Security Associat ion

IPsec Transport m ode

H2H1

IPsec Tunnel Mode

● Security Association (SA) between R1 and R2.– Cleartext packet to H1/H2.– H1 - R1 and R2-H2 trusted

● IPsec headers encapsulate the packet

Internet

Security Associat ion

H2H1 R2R1

Authentication Header - AH

● AH supports a digital signature– digest produced by hash function– addresses integrity, authentication, non-repudiation

● Some AH header fields:– SA index, message digest, sequence number (may not re-occur),

originaldatagram

AH hdr

IP hdr TCP hdr Payload

IP hdr TCP hdr Payload

AH hdrIP hdr TCP hdr Payload

transportmode

tunnelmode

IP hdr

New proto: 51

New hdr

authenticated

authenticated

Encapsulation Security Payload - ESP● ESP encrypts the payload of an IP datagram

– But ESP also has authentication– ESP addresses privacy, but also authentication, etc.

● In tunnel mode, the whole datagram is encrypted● Some ESP header fields:

– SA index, sequence number (may not re-occur), padding

originaldatagram

ESP hdr ESP trailer ESP auth

IP hdr TCP hdr Payload

IP hdr TCP hdr Payload

ESP hdr ESP trailer ESP authIP hdr TCP hdr Payload

transportmode

tunnelmode

IP hdr

New proto: 50

New hdr

encryptedauthenticated

encryptedauthenticated

Automatic key distribution – IKE/ISAKMP

● Basic IPsec requires manual key configurations. But keys are long and difficult to administer:

– We need key distribution protocols – ”automatic keying”

● Also, sequence numbers in ESP/AH do not wrap around

– New keys need to be used after 232 messages

For further information see:● Internet Security Association and Key Management Protocol

(ISAKMP)● The Internet Key Exchange (IKE/IKEv2)

Firewalls

(on six slides)

Firewalls

● Keeping the bad guys out● Prevent unauthorized access● Forward some packets and blocks others● But the roles are not always clear● What do we mean by secure?

InternetInt ranet

Ext ranet

Servers(DMZ)

?

Packet-filter firewall

● A router with filtering capabilities● The firewall uses packet-filters (ACLs) to drop or pass traffic● Stateful inspection

– keep state of every TCP/UDP flow and allow reverse traffic

– traffic from inside ”opens” the firewall for incoming traffic dynamically

● Example:

– permit out on eth0 from 77.2.3.0/24 to any proto tcp keep state

– permit inout on eth0 proto icmp

– deny default

unt rustedInternet

t rustedInt ranet

Firewall routerwith packet filtering

Example rules

● ICMP– allow all output, filter input (path MTU discovery)

● TCP– allow connections created from inside, block all other input

● UDP– block all input and output,...

● H.323/SIP– use the phone?

● WWW– allow all output/proxy, block all input, put web server in DMZ

● DNS– block internal info from outside

● SSH– allow all input and output

Free from Cheswick et al ”Firewalls and Internet Security”

Proxy firewall / Application-level gateway

● Better application-level understanding than packet-filtering● An ALG is a firewall program that runs in user-space – at the

application level– typically in combination with packet-filtering

● Two separate TCP connections– one from a client to the ALG; one from the ALG to the server– The ALG terminates the connections

● Disadvantages– slower: more memory and processing– one proxy per new application: web, sip, ftp, ...

unt rustedInternet

t rustedInt ranet

Applicat ion-levelgateway

Demilitarized Zone

● A DMZ contains server accessible from the Internet– but the intranet is not accessible from the outside– two levels of defence: defence in depth– If a server is attacked, the intranet is still safe

● Can be combined with application proxies

untrustedInternet

t rustedInt ranet

Servers / Proxies

DMZ

OuterBarrier

InnerBarrier

Firewall Design Criteria

● There is no absolute security

– It is always a question of economics

● Defense in depth

– place several firewalls after each other

● Weakest link

– The strength of your security system is bounded by the weakness of your weakest link

● Least privilege

– Give the smallest amount of privilege possible

● Fail safe

– Even if everything is going wrong, the security system should not leave any security hole in the system.

● Keep it simple!