70 likes | 140 Views
REVE Secure presents a #WhitePaper on 2FA FOR UNIX/LINUX Security....<br>REVE Secure, one of the business verticals of the REVE Group, the Singapore based conglomerate, is a server security-focused organization. It renders the most advanced 2FA security solution to small, medium and large-scale enterprises around the globe for securing their UNIX/Linux SSH against malicious activities.<br><br>Content Real Source: https://www.revesecure.com/wp-content/uploads/2017/07/Whitepaper-July-20172.pdf
E N D
Two Factor Authentication Key to Strengthen SSH Security The Emerging Problem As per a study on SSH vulnerabilities by Ponemon Institute in 2014, around 74% organizations don’t enforce SSH key policies. With frequently occurring malicious attacks or suspicious activities, SSH security is an emerging problem for the system administrators. To get a better SSH security against cybercrooks and other sorts of intrusions, the primary focus of the system administrators should be to use an additional security layer, or highly secure authentication mechanism, for verifying the identity before granting the access completely. SSH Client / Server Applications Connection Protocol Authentication Protocol SSH Overview TCP/IP Stack Transport Protocol SSH, also referred to as Secure Socket Shell or simply Secure Shell, is a cryptographic network protocol that provides the system or network administrators a secure way to access a computer remotely over an unsecured channel; the Internet. Secure Shell, as its name suggests, provides secure & strong authentication between two computers connecting over an insecure network. SSH, being a secure protocol for remote logins, ensures highly secure encrypted data communications between two computers. In fact, it ofers a safe way to communicate with a server and to connect to systems remotely. SSH, a network protocol, allows data to be exchanged using a secure channel between two networked devices. The system administrators around the globe use Secure Shell for – ? Managing systems & applications remotely ? Logging to another computer over an insecure network ? Executing commands and moving fles from one computer to another Secure Shell uses the client-server model, connecting a secure shell client application, with SSH server. SSH suite consists of three utilities – slogin, ssh and scp. For authenticating a remote computer and allowing the remote computer to authenticate a user, SSH protocol uses public key cryptography. https://www.instagram.com/reve.secure/ https://plus.google.com/u/0/117280278001899562521 https://twitter.com/REVESecure https://www.facebook.com/REVESecure https://www.linkedin.com/company-beta/13244011/ www.revesecure.com
Whitepaper Important Functions of SSH Protocol > _ SSH SSH User Authentication SSH Transport Layer Protocol > _ SSH SSH Connection Protocol TCP ? Interactive and automated transfers of fles and data ? Provides secure remote access for the network administrators ? Managing the network infrastructure and other system components The above-listed functionalities of SSH refect that it is an important protocol, so the network administrators must take SSH security seriously. Open source infrastructure setups worldwide use and rely on SSH service. So far, Secure Shell has replaced many remote shells due to its features like ease of installation, maintenance, etc. The system administrators must take proper care at the time of installing and confguring SSH, because it is vulnerable to security breaches. In 93% of security breaches, the attackers take less than a minute to compromise systems. Most SSH vulnerabilities can be avoided through proper confguration and implementation. How Secure Socket Shell Works? Secure Shell runs as a daemon on UNIX/Linux servers. To connect to the server, client uses SSH client utility. For establishing communication, by default Secure Shell uses port 22. It ensures both data confdentiality and integrity. The SSH connection is implemented using a client-server model. For an SSH connection to be established, the remote machine must be running a software called SSH daemon. This software listens for connections on a specifc network port, authenticates connection requests and provides appropriate environment if the valid login credentials are entered by the user. Basic steps involved in this communication process are: https://www.instagram.com/reve.secure/ https://plus.google.com/u/0/117280278001899562521 https://twitter.com/REVESecure https://www.facebook.com/REVESecure https://www.linkedin.com/company-beta/13244011/ www.revesecure.com
Whitepaper Secure Shell Communication Process Client-server Handshake Secure Data Exchange Authentication During handshake phase, the information about SSH protocol version, cipher and compression algorithms is exchanged between both the sides; client and server. How SSH Authenticates the Users? Secure Shell provides two types of authentication mechanisms – password based authentication (less secure) and key based authentication using SSH keys (highly secure). Password logins are encrypted and can be easily understood by the new users as well. However, malicious users or intruders will repeatedly try to authenticate using brute force method, which can lead to security compromises. Therefore, setting up SSH key based authentication for most confgurations is a better option from security perspectives. SSH keys are a set of cryptographic keys used for authentication. Each set comprises both public and a private key. The public key can be shared, while the private key must be guarded and never exposed to anyone. X Server Real Display Key X Client Initial X connection packet REVESecure OK 5 1 11 6 Xlib SSH Client 10 7 SXAUTHORITY SSH 9 ~ / .Xauthority SSH Server Swap Keys 8 OK 2 4 “Xauth ADD….” Proxy display key 3 https://www.instagram.com/reve.secure/ https://plus.google.com/u/0/117280278001899562521 https://twitter.com/REVESecure https://www.facebook.com/REVESecure https://www.linkedin.com/company-beta/13244011/ www.revesecure.com
Whitepaper For accessing SSH server, the system admin requires a key. If this key goes in the hands of an unauthorized user, then he can gain the access quite easily. Therefore, adding an extra layer is must for the system administrators to improve SSH security. The Leading Solution 34% of organizations do not have a crisis response plan for a data breach or cyberattack event. To get rid of rising data breaches and SSH security issues, Two Factor Authentication is the best and a proven solution. 80% of security breaches could be prevented with Two Factor Authentication. What Exactly This Solution Is, And How It Works? 1st Factor Success Login 2nd Factor How 2FA Works Two Factor authentication (2FA) is a security solution that adds an additional protection layer in the login process to verify identity of the user. 90% of IT Departments plan to implement Two Factor Authentication for access to cloud applications to overcome mobility’s security challenges. This security solution requires two diferent factors – password or keys and verifcation code to check whether the user is authentic or not. The frst factor; password, is known to the authentic user, but the second factor; verifcation code, is sent to his registered physical device, and is valid only for a few seconds. Without the combination of both these authentication factors, it is not possible for any user to gain the access successfully. If any unauthorized user knows your password or keys, then he needs access to your registered physical device as well for a successful login. In this way, Two Factor Authentication provides protection against all sorts of security threats. This security solution is also referred to as Two Step Verifcation. 86% of people who use Two Factor Authentication security solution feel their digital assets are more secure. Possible Authentication Factors ? Something you know – the knowledge factors ? Something you have – the possession factors ? Something you are – the inherence factors In general, Two Factor Authentication is the combination of ‘something you know’ + ‘something you have’ or ‘something you are’. Time and Location factors are additional authentication factors for verifying the users. https://www.instagram.com/reve.secure/ https://plus.google.com/u/0/117280278001899562521 https://twitter.com/REVESecure https://www.facebook.com/REVESecure https://www.linkedin.com/company-beta/13244011/ www.revesecure.com
Whitepaper Limit users’ SH access Disable root login Some additional tips that help enhance SSH security have been pointed Use Use SSH protocol version 2 diferent port than 22 Enable/ activate Port Knocking Use DSA public key authentication Conclusion SSH is one of the widely-used network services on all UNIX/Linux and BSD servers. It is not only a powerful tool for connecting and controlling servers, but also provides a secure server remote access. With Two Factor Authentication solution, SSH becomes highly secure because the system admin requires a verifcation code along with key to prove his identity and gain access to a computer remotely and securely over an insecure network. If an attacker manages to get the password, then he needs the second factor, i.e. verifcation code, to complete the login process. In this way, Two Factor Authentication acts as a powerful key to strengthen SSH security and provides protection against various suspicious activities. REVE Secure 2FA, being an advanced and strong authentication solution, is cost-efective, easy to install, manage, and efectively resolves SSH security issues. This solution provides secure user authentication, restricts fraudulent logins, protects from malicious attacks on Secure Shell, secures remote access, double checks identity, and several other crucial features. With today’s dangerous security threats on the servers, now is the time enterprises need to enable Two Factor Authentication solution to maximize SSH security. REVE Secure 2FA security solution features cross-platform support and compatibility with diferent operating systems. https://www.instagram.com/reve.secure/ https://plus.google.com/u/0/117280278001899562521 https://twitter.com/REVESecure https://www.facebook.com/REVESecure https://www.linkedin.com/company-beta/13244011/ www.revesecure.com
Whitepaper About REVE Secure REVE Secure, one of the business verticals of the REVE Group, renders strong 2FA (Two Factor Authentication) security solution to the enterprises for protecting their UNIX/Linux servers against diferent types of malicious attacks and security breaches. Our Two Factor Authentication security solution minimizes hacking risk, ensures the highest security level and enhances the user experience. REVE Secure 2FA is easy to enable on the enterprises’ UNIX/Linux servers, and provides server remote access security. Our Two Factor Authentication is a proven solution and 100% reliable alternative to just password-only verifcation. To Know more Web: https://www.revesecure.com/ Corporate Headquarters WCEGA Tower 21 Bukit Batok Crescent, Unit 15-84, Singapore 658065 https://www.instagram.com/reve.secure/ https://plus.google.com/u/0/117280278001899562521 https://twitter.com/REVESecure https://www.facebook.com/REVESecure https://www.linkedin.com/company-beta/13244011/ www.revesecure.com