520 likes | 660 Views
Chapter 15: Network Security. Principles of Computer Networks and Communications M. Barry Dumas and Morris Schwartz. Objectives. Describe the goals of network security and the issues most relevant to business
E N D
Chapter 15:Network Security Principles of Computer Networks and Communications M. Barry Dumas and Morris Schwartz
Objectives • Describe the goals of network security and the issues most relevant to business • Differentiate methods of attacks on corporate networks, provide protection strategies, and discuss the elements of an effective security policy • Illustrate how different types of firewalls function, and assess their effectiveness and impact on network performance • Differentiate between different types of attacks that might come from the Internet, and provide pre- and post-infection security measures • Discuss denial-of-service attacks, how they operate, and network defense strategies • Explain techniques associated with social engineering, including differentiating among pretexting, spam, spoofing, and phishing • Describe the role of proxy servers in network security and assess their utility • Explain the options and functionality of encryption systems • Describe security issues associated with virtual private networks and the role of network address translation • Illuminate the added security complications inherent in wireless networks • Provide criteria for assessing security compliance, including certification standards Principles of Computer Networks and Communications
Thwarting these challenges that can come from internal and external sources is the goal of network security. Overview • Network security covers a wide range of concerns, including • Physical intrusion and disruption • Software-based mischief and assaults • Unauthorized transmission capture • Terrorist attacks! Principles of Computer Networks and Communications
Overview “Consider that security is not an all-or-nothing proposition. Dealing with it adequately is an ongoing task that is bound to be substantial in terms of time and cost.” • Network security is • Policy based • Company specific Principles of Computer Networks and Communications
Overview Why require security measures? • Intrusion! • Any unauthorized network activity • On corporate or wide area networks • With the intent to disrupt operations • To alter stored data or transmissions in any way • Goal • Deter attacks on corporate networks • Protect corporate transmissions from meaningful interception intrusion prevention Principles of Computer Networks and Communications
Overview What security measures are required? First • Identify types of threats anticipated • Determine likelihood of occurrence • Estimate probable cost to the company from successful security breaches A company should always undertake a risk assessment/risk analysisbefore security measures are modified, enacted, or contemplated Conduct a risk assessment (aka risk analysis) Principles of Computer Networks and Communications
Overview Where/How should security measures be applied? • From the risk assessment/risk analysis, determine • Personnel • To monitor the network • To contain threats • Methods • Hardware • Software • Budget • Implementation • Security methods must be effective • Risk assessments and policies must be revisited to stay relevant Principles of Computer Networks and Communications
Security Perspectives • Not every disruption is a security breach • Power outages due to acts of nature • Damage from accidents • Equipment failure Even so . . . Risk assessments should consider these Action plans should respond to these Principles of Computer Networks and Communications
Security Perspectives • Five security issue perspectives (categorizing threats) • Source • Internal (employee) or external (outside company) • Type • Physical or electronic (e.g., illegal downloads) • Intent • Mischievous (pranks) or malevolent (deliberate) • Random or focused • Method • Breaking and entering, hacking, spoofing, denial of service • Target • Corporate networks, wireless networks, Internet Principles of Computer Networks and Communications
Security Perspectives • Threat prevention strategies based on source • Attacks from internal sources Strategy • Monitoring—recording employee activity (activity logs) • Limiting access (authorization) • Physically restricting access from areas (locks, badges) • Electronically restricting access (passwords) • Attacks from external sources Strategy • Devices • Firewall—principle corporate blockade method • Proxy servers—sit between user requests and corporate servers • Software • Protocols to secure transmissions (encryption, tunneling) • Anti-virus (detection/removal), anti-spam, anti-spyware, pop-up blockers Principles of Computer Networks and Communications
Security Perspectives • Generally speaking, security measures take two basic routes • Proactive • Cordoning off corporate networks to prevent attacks before they get into the network and take hold • Reactive • Invoking procedures to remove threats that are inside the network before they cause damage Example: Firewalls! Example: Virus removal software! Principles of Computer Networks and Communications
An IDS can also be an IPS Security Perspectives • Intrusion detection systems (IDS) Goal • Focuses on network data or host activity • Network based—monitors packets by inspecting layer headers or applications data • Host based—monitors activity on host machine, looking for valid security certificates, signatures of known threats, suspicious sites vs. • Intrusion prevention system (IPS) Goal • Isolates and quarantines suspect files • Prevents access to particular sites • Refuses to download/install certain files Detect security threats (internal and external) Take action to prevent threats from affecting the network Principles of Computer Networks and Communications
External Attacks and Firewalls • Firewall • Purpose • Prevent intranet access by unauthorized parties • Stop transmissions that could harm or compromise corporate data or resource functioning • Concept • Screens traffic coming into one network from another • Combination of hardware and software • Corporate devices • Dedicated computers (PCs or routers—usually without keyboards) • Connected to but not part of internal networks Principles of Computer Networks and Communications
External Attacks and Firewalls All here are considered packet-filtering firewalls • Firewall types • Packet filtering • Check layer 3 network headers of packets from external networks • Run on corporate border routers • Circuit level • Check layer 4 transport headers • Monitor connection-oriented session creation attempts by TCP • Application • Check layer 5 application packet data for program-specific software • Identify harmful tendencies in applications All three in the same device = multilayer firewall Principles of Computer Networks and Communications
Rules must be kept up to date for filters to be effective. External Attacks and Firewalls • Firewall filtering modes • Admit/deny decisions are determined by a variety of criteria (rules) loaded into the firewall router • Rules can be based on • IP addresses or domain names • Port numbers • Protocols • Circuits or sessions • Applications • Other packet attributes, such as specific data patterns, words, or phrases • Two filtering modes (filtering rules) • Deny all but explicit—Transmit only packets that meet specific rules • Pass all but explicit—Transmit any packets that don’t match denial rules Risky! New threats won’t be on the denial list. Principles of Computer Networks and Communications
External Attacks and Firewalls • Firewall connection states • Stateful • Stores relevant aspects of each approved connection-oriented session in the router table • Packets are examined to see if they belong to the approved session (stateful inspection) instead of being compared with the entire rule set • More efficient than firewalls that do not use stateful operation • Can also be incorporated in network-layer packet filters • Stateless • Do not maintain state tables • Must treat each packet independently without regard to prior experience (i.e., comparing every packet with every rule) Principles of Computer Networks and Communications
Security Attacks via the Internet “In the end, the user is responsible for dealing with the variety of threats posed.” • Malware • What is it? • Software aimed at network or computer-related disruption • Some examples • Viruses • Denial-of-service attacks • Web-site substitution Principles of Computer Networks and Communications
Security Attacks via the Internet • Malware “highlights” • Viruses • Self-replicating; cannot propagate on their own • Worms • Self-replicating; can propagate on their own • Trojan horses • Cannot run on their own; must be executed • Spyware • Tracking software; records activity down to the keystrokes • Adware • Tracking software; presents advertisements based on usage Principles of Computer Networks and Communications
Security Attacks via the Internet • Viruses • Self-replicating; cannot propagate on their own • Spreads by infection, placing executable program code in a file • Damage is done by the actions the viruses take • Displaying messages or pictures • Modifying or erasing files (including deleting all files) • Reformatting drives • Crashing the computer • When the file is executed, the code reproduces itself and infects other computers Hundreds of viruses exist and new ones are created every day! Principles of Computer Networks and Communications
Security Attacks via the Internet • Worms • Self-replicating; can propagate on their own • Do not need to attach themselves to other programs (as viruses must) • Usually designed to travel along with transmissions so they rapidly spread • Each machine they move to send out worm transmissions • Worms tend to aim more at network disruption than individual computer damage E-mail is a common medium of worms Principles of Computer Networks and Communications
Security Attacks via the Internet • Trojan horses • Cannot run on their own; must be executed • Cannot propagate • Hide within legitimate software • Typically activated when a user unsuspectingly executes it believing it to be something else More recently, viruses and especially worms, have been designed to carry trojans Principles of Computer Networks and Communications
Security Attacks via the Internet • Spyware • Tracking software; records activity down to the keystrokes • Watches activity on the computer without your knowledge or consent • Recorded activity can be transmitted over the Internet to other parties • Might try to steal account information, passwords, and other sensitive information • Resides in particular files • Usually does not replicate • Adware • Tracking software; presents advertisements based on usage • Often considered a specific type of spyware • Consent to load adware on a computer is sometimes embedded in “terms of use” that accompany software Web pages are common carriers of spyware Principles of Computer Networks and Communications
Security Attacks via the Internet Whether firewall-, server-, or computer-based,anti-malware software must be kept up to date! • Malware antidotes • Firewalls • Can stop many malware attacks • Properly configured e-mail servers • Good at catching spyware and adware • Can incorporate scanning software to trap viruses and wormsin attachments • Operating systems • Can block pop-ups • ISP e-mail systems • Might scan outgoing mail and incoming attachments • Anti-virus software • Can detect malware in inbound and outbound attachments • Can delete/quarantine files identified with malware Blocking pop-ups might thwart adwarebut it will also block some legitimate traffic! Principles of Computer Networks and Communications
Security Attacks via the Internet • Denial-of-service (DoS) attacks • Designed to shut down particular resources by overwhelming them, denying their services to legitimate users • Not designed to destroy files or steal data • Current variations depend on flooding resources with packets Many older DoS versions relied on exploiting weaknesses in protocolimplementations. These no longer affect newer devices and systems. Principles of Computer Networks and Communications
Security Attacks via the Internet • Denial-of-service (DoS) attack forms • TCP-based SYN flood • Takes advantage of TCP’s handshaking procedure for setting up a session (SYN/ACK packets) • Requester sends a great many session requests, each with a bogus IP address • Server ends up trying to send SYN/ACK packets to the bogus address, leaving a number of half-open connections • UDP-based flood • Counterfeit UDP packets are sent requesting delivery to an application • Server gets overwhelmed trying to reply with “destination unreachable” messages • Broadcast attack (Smurf attack) • Engages many hosts to (unknowingly) bombard another host • Attacker spoofs the victim IP address and sends a broadcast ICMP echo request to the unknowing participants • Participants send responses to the victim IP address, overwhelming it Principles of Computer Networks and Communications
Security Attacks via the Internet • Denial-of-service (DoS) attack forms—older versions • Teardrop attack • Sends packets whose offset values overlap • Host crashes trying to perform impossible packet reassembly • Bonk attack • Sends packets whose offset values are too large • Host crashes trying to perform impossible packet reassembly • Ping of death • Sends an ICMP echo request with packets larger than the IP packet maximum (65,535 bytes) • Host crashes when packet reassembly overflows a buffer • Land attack • Sends a packet whose source and destination address are the same • Host gets confused and tries to set up a connection with itself Ignored by newer devices / systems Principles of Computer Networks and Communications
Security Attacks via the Internet • Distributed Denial-of-service (DDoS) attack • Actual attack is one of the DoS attacks • Many hosts are unknowingly enlisted in the process • Attack effectively comes from many computers • Commonly activated by sending trojans to many computers • When activated, the trojan installs code that allows the computer to be controlled by a remote host (the attacker) Because they are unaware of what they’re doing,the unsuspecting hosts participating in the attack are called zombies. Principles of Computer Networks and Communications
If you can’t find a way to block the flood, the shutdown will be repeated! Security Attacks via the Internet • Dealing with DoS and DDos attacks • Before the attack • (for SYN floods) Configure border routers and other nodes to • Limit the number of half-open sessions • Keep time-outs short • (for UDP floods) Close unused UDP ports at the firewall and at hosts • (for broadcast attacks) Configure devices not to respond • (for older versions) Update systems and software to remove vulnerability • During the attack • Try to block it before system shutdown • After the attack • Very difficult to deal with • Often an attack is not recognized until damage has occurred and the attacked services have shut down • Restore the system Principles of Computer Networks and Communications
Security Attacks via the Internet “Much security breach activity focuses on obtaining confidential, personal, private, or other sensitive information.” • Social engineering • Tricking people or systems into providing confidential information • Social security number • Bank account number • Passwords • Birthday Principles of Computer Networks and Communications
Security Attacks via the Internet • Social engineering schemes • Pretexting • Claiming to be someone you’re not (under the “pretext” of being another) • Pretending to be an agency representative (bank, police, social agency) and then obtaining confidential information during the conversation • Spam • Bulk e-mail • May be solicited (opt in) or unsolicited • Spoofing • Falsifying source addresses to lure one into revealing information • Phishing • Trolling for confidential information by randomly sending out spoofedspam Opt out is deliberately indicating you do not want to receive e-mail. Principles of Computer Networks and Communications
The best way to avoid being dupedis to be on guard! Security Attacks via the Internet • Dealing with social engineering schemes • Never open an e-mail message whose source subject looks suspicious • Misspelled subject lines • Subjects with symbols • Missing subject • Never reply to a suspicious source • Never open an attachment from a suspicious source • Confirm suspicious e-mails from someone you know by asking the sender for verification • Keep your scanning software up to date • Never provide confidential information in reply to an unsolicited e-mail Principles of Computer Networks and Communications
Security Attacks via the Internet A packet sniffer is a device for eavesdropping on network traffic that includes software for discovering protocols being used. • Hacker packet sniffing • When hackers use a packet sniffer to break into networks and their attached systems • Hackers can obtain sensitive data and disrupt systems • Dealing with hacker packet sniffing • For intranets • Secure wiring closets and unused network connections • For Internets • Use encryption to render intercepted data meaningless Principles of Computer Networks and Communications
Proxies • Proxy server—basic operation • What it is • The proxy server acts as an intermediary, sitting between the client and the requested server • How it works • A client requesting a file that resides on a particular server actually gets connected to the proxy server • The proxy server requests the file from (the real server) and supplies it to the client • The client is never actually directly connected with the requested server Proxy servers typically act for web servers Principles of Computer Networks and Communications
Proxies • Proxy server—guardian of corporate networks • Security • Keeps a direct doorway to the corporate network closed • Performance • Sizeable cache enables the proxy server to satisfy repeat web page (file) requests without involving the web server • Filtering • Proxy servers can filter sensitive or offensive material from web pages or block the pages all together • Formatting • Proxy servers can reformat pages to fit particular devices (e.g., small screens of PDAs or cell phones) Common Gateway Interface (CGI) enables direct client/server transactions,enabling particular users to directly access a site that is otherwise blocked. Principles of Computer Networks and Communications
Encryption “The idea behind encryption is a simple one— obfuscate the data so that it will not be intelligible to anyone but the intended recipient.” • Plaintext • The original unencrypted document • Ciphertext • The encrypted document Cipher derives from various languages, all of which leave it meaning zeroemptynothing Principles of Computer Networks and Communications
Encryption • Encryption • Is done by algorithm • Algorithms are manipulations based on rules to disguise the plaintext • Examples • A substitution code where one symbol is substituted for by another (e.g., replacing every alphabet letter with the one following) • Use of a key that, when applied, converts plaintext to ciphertext; the same key (or another key) is required to convert the ciphertext back into plaintext Principles of Computer Networks and Communications
Encryption • Key ciphers • Most relevant to computer systems • Mathematical algorithms use keys to encrypt plaintext and decrypt ciphertext • Two versions of key ciphers • Asymmetric keys • Both a public and a private key are in play • Symmetric keys • Sender and receive use samekey Principles of Computer Networks and Communications
Encryption • Asymmetric keys • Both a public and a private key are in play • Both must be used to complete the transmission • Example • A wants to send a ciphertext to B • B publishes a public key that A uses to encrypt the plaintext • After it is encrypted, in can be decrypted only with B’s private key (which only B has) Even if A’s signal is intercepted, it cannot be understood without the private key. Principles of Computer Networks and Communications
Encryption • Asymmetric keys—similar process • Digital signature—provides • Authentication • Message is actually from the party it appears to be from • Non-repudiation • Prevents the sender from claiming it did not send the message • Digital signature—process • For A to send a digital signature to B, A publishes a public key and uses A’s own private key to encrypt the message • B then uses A’s public key to decrypt the message and verify that it must have been sent from A Principles of Computer Networks and Communications
Encryption • Symmetric keys • Sender and receive use same key(sender to encrypt; receiver to decrypt) • Because there is only one key, it must be kept private from everyone except the authorized sender and receiver Major weakness • Getting the key to the receiver (risk of interception) Symmetric keys work best for internal use within company networks, orvia a third-party key manager Principles of Computer Networks and Communications
Encryption “Key-based systems, whether asymmetric or symmetric, face the problem of reliable key exchange.” • Key management via third parties • Digital certificate • Most reliable method for online key exchange • Copy of a key that is digitally signed by a trusted third party • Verifies that the key is authentic • The key it contains is genuine • The key comes from the named source Certificate authority (CA) Principles of Computer Networks and Communications
Encryption • Digital certificates—What’s in it? • Serial number • Name and key of its owner (sender) • Certificate’s valid dates (from/to expiration) • Name and digital signature of the CA • Algorithm used to create the CA’ssignature CA is certificate authority Principles of Computer Networks and Communications
Encryption • Digital certificates—in practice • A sender applies to a CA for a certificate • CA transmits its public key to the applicant • Sender uses CA’s public key to encrypt its own key and sends it to the CA • CA issues a certificate for the owner • Sender transmits the encrypted message, with the certificate attached, to the recipient • Recipient uses CA’s public key to decrypt the certificate, uncovering the sender’s key and using it to decrypt the message. Recipient can use that same key or its own certificate to send a reply. Principles of Computer Networks and Communications
Virtual Private Networks • Virtual private network (VPN) • Way to transmit secure data over a network that may not be secure • Created by tunneling • This technique is used to send one network’s packets through another network using secure protocols, without those packets having to conform to the other network’s protocols • How tunneling works • One network’s packets are encapsulated within the protocols of another network • Encapsulating protocols are removed on exit Principles of Computer Networks and Communications
Virtual Private Networks • Virtual private network (VPN)—protocol sets • Internet protocol security (IPsec) • Point-to-point tunneling protocol (PPTP) • Layer 2tunneling protocol (L2TP) • Multiprotocol label switching (MPLS) Most frequently used Principles of Computer Networks and Communications
Virtual Private Networks • Virtual private network (VPN) • Internet protocol security (IPsec) • Developed by IETF • Group of open standards used to create VPNs • Operates at the network layer • Two IPsec modes • Transport • Layer 3 payload is encrypted; IP header is not • Used for protected end-to-end between two hosts • Tunnel • Both Layer 3 payload and header are encrypted • Used for protected transmission between two nodes, one of which is not a host End points are a weakness Hackers might read trafficbefore encryption occurs or after emerging from tunnel Principles of Computer Networks and Communications
Network Address Translation • Network address translation (NAT) • Originally designed as a short-term solution for the dwindling availability of IPv4 addresses • NAT maps a single public IP address to many internal (private) IP addresses • With proper protocols installed in the NAT router, internal hosts gain a measure of security from malicious external sources • Unless specific protocol support is included, NAT routers will obstruct TCP connection attempts and UDP traffic initiated from outside the organization • With a NAT-enabled border router, there is no direct route between an external source and an internal host Principles of Computer Networks and Communications
Wireless Security • Wireless network—security goals • Same as wired networks • Protecting against • Disruption of service • Interception of private or sensitive data • Corruption of private or sensitive data • Mischief With one addition Tempting target as backdoorinto the wired network Principles of Computer Networks and Communications
Wireless Security • Wireless network—security measures • (1999) Wired equivalent privacy (WEP) • Encryption between stations or between a station and an access point • 64-bit encryption using RC4 stream cipher • All WLAN members share the same static 40-bit key, which is concatenated with a 24-bit initialization vector (IV) • (2002) WiFi protected access (WPA) • Incorporated WEP features • 172-bit encryption (key size: 128 bits, IV size: 48 bits) using RC4 • Improved security with the temporal key integrity protocol (TKIP)that dynamically changes the key before encryption • (2004) 802.11i (certified as WPA2) • Official replacement for WEP • 172-bit encryption (key size: 128 bits, IV size: 48 bits) • Replaced RC4 stream cipher with advanced encryption standard (AES) block cipher Not very secure! Good for home/home office Good for corporate Principles of Computer Networks and Communications
Compliance and Certification Standards for Computer Security • (2004) Common criteria (CC) • International effort that combined three pre-existing standards • Trusted Computer System Evaluation Criteria (TCSEC) • U.S. standard (aka “Orange Book”) (1985- U.S. National Computer Center) • Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) • Canadian government (1989) • Information Technology Security Evaluation Criteria (ITSEC) • European standard (1990) • Provides guidelines for establishing security claims and comparing products • Protection profile (PP)—focuses on security product users • Security target (ST)—focuses on product/system functions and a target of evaluation (TOE) to determine hardware/software compliance • Provides assistance for creating security specifications (PPs and STs) • Security functional requirements (SFRs)—list of security functions for documenters • Security assurance requirements (SARs)—steps for achieving compliance • Evaluation assurance levels (EALs)—testing has been performed Principles of Computer Networks and Communications