1 / 44

Chapter 10

Chapter 10. E-mail Security. Objectives. Understand the use of SMTP in e-mail and attacks on SMTP Explain how e-mail can be secured through certificates and encryption Discuss general techniques for securing e-mail Configure security in popular e-mail tools. Overview of SMTP.

knoton
Download Presentation

Chapter 10

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 10 E-mail Security

  2. Objectives • Understand the use of SMTP in e-mail and attacks on SMTP • Explain how e-mail can be secured through certificates and encryption • Discuss general techniques for securing e-mail • Configure security in popular e-mail tools Guide to Operating System Security

  3. Overview of SMTP • Enables exchange of e-mail across networks and the Internet • Provides reliable – but not guaranteed – message transport • No logon ID or password required • A client and server process Guide to Operating System Security

  4. Sending E-Mail by SMTP Guide to Operating System Security

  5. Parts of SMTP Messages • Address header • Envelope • Message header • Domain literal • Multihomed host • Host names • Message text Guide to Operating System Security

  6. Overview of SMTP • Protocols used to store and retrieve e-mail • Post Office Protocol (POP) • Internet Message Access Protocol (IMAP) Guide to Operating System Security

  7. Operating Systems That Use SMTP by Default • Microsoft Outlook Express on Windows 2000/XP/2003 • Microsoft Outlook in Windows-based systems that have Microsoft Office • Ximian Evolution Mail in Red Hat Linux 9.x • Mail in Mac OS X Guide to Operating System Security

  8. E-mail Server Software Systems That Use SMTP • Eudora • Lotus Domino Mail Server • Mailtraq • Merak Email • Microsoft Exchange • Sendmail • SuSE Linux Open Exchange Server Guide to Operating System Security

  9. E-mail Attacks on SMTP • Surreptitious alteration of a DNS server • Direct use of command-line e-mail tools to attack SMTP communications • Spread of unsolicited commercial e-mail (spam) Guide to Operating System Security

  10. DNS Server Directing E-mail Guide to Operating System Security

  11. E-mail Attacks Through Altering DNS Server Information Guide to Operating System Security

  12. Using Command-Line Tools for E-mail Attacks • Windows 2000/XP/2003 • Attacker can use maliciously constructed e-mail to attack an SMTP server • UNIX/Linux • Easier; attacker can use built-in e-mail command-line options Guide to Operating System Security

  13. Unsolicited Commercial E-mail (UCE) • Relatively inexpensive for sender • Expensive for users whose resources are diminished by UCE traffic • Expensive in terms of wasted time (estimated 25% of all Internet e-mail traffic is spam) Guide to Operating System Security

  14. Ways to Control UCE (Spam) • Turn off open SMTP relay capability • Configure SMTP server to have restrictions • Require a computer to authenticate to Microsoft Exchange before e-mail is relayed • Direct e-mail not addressed to internal recipients to a bogus IP address • Obtain tools to block e-mail Guide to Operating System Security

  15. Securing E-mail Through Certificates and Encryption • Ensures privacy • Reduces chances of forgery or someone other than sender adding an attachment • Accepted methods • Secure Multipurpose Internet Mail Extensions (S/MIME) • Pretty Good Privacy (PGP) Guide to Operating System Security

  16. Using S/MIME Encryption • Provides encryption and authentication fore-mail transmissions • An extension of MIME Guide to Operating System Security

  17. MIME • Provides extensions to original SMTP address header information • Different types of message content can be encoded for transport over the Internet • Additional header fields • MIME-version • Content-type • Content-transfer-encoding • Content-ID • Content-description Guide to Operating System Security

  18. Using S/MIME Encryption • Uses digital certificates based on X.509 standard • Has flexibility to use 168-bit key Triple DES • Designed to follow Public-Key Cryptography Standards (PKCS) Guide to Operating System Security

  19. Using PGP Security • Provides encryption and authentication fore-mail transmissions • Sometimes preferred by users of open systems (UNIX/Linux); enables use of X.509 or PGP digital certificates • Unique characteristic of PGP certificate: web of trust Guide to Operating System Security

  20. Contents of PGP Digital Certificate • PGP version number • Public key • Information about certificate holder • Digital signature of certificate holder • Validity period of the certificate • Preferred algorithm for the key Guide to Operating System Security

  21. Typical Encryption Methods Used by PGP • CAST • IDEA • Triple DES Guide to Operating System Security

  22. Other Techniques for Securing E-mail • Train users • Scan e-mail • Control the use of attachments Guide to Operating System Security

  23. Training Users for E-mail Security • Never send personal information or a password response via e-mail • Delete e-mail from unrecognized sources • Use message filtering, if available Guide to Operating System Security

  24. Scanning E-mail • Place virus scanning software on e-mail gateway • Update virus definitions frequently • Quarantine specific kinds of attachments • Scan zipped files • Scanner code should be written to be relatively fast Guide to Operating System Security

  25. Controlling the Use of Attachments • Delete attachments from unknown sources • Never configure software to automatically open attachments • Avoid using HTML format for opening e-mail • Use virus scanner on e-mail before opening it • Place attachments in quarantine Guide to Operating System Security

  26. Backing Up E-mail • For storage • To ensure that unread e-mail is not lost if server goes down Guide to Operating System Security

  27. Configuring Security in Popular E-mail Tools • Microsoft Outlook Express • Microsoft Outlook • Ximian Evolution Mail in Red Hat Linux 9.x • Mail in Mac OS X Guide to Operating System Security

  28. Microsoft Outlook Express • Included with Windows 2000/XP/2003 • Can obtain messages from SMTP-based servers running e-mail server software • Can be used to access newsgroups Guide to Operating System Security

  29. Microsoft Outlook Express Guide to Operating System Security

  30. Security Measures Supported by Outlook Express • S/MIME (version 3) • 40-bit and 128-bit RC2 encryption • 64-bit RC2 encryption • 56-bit DES encryption • 168-bit Triple DES encryption • Digital signatures encrypted using SHA-1 Guide to Operating System Security

  31. Configuration Options for Outlook Express Guide to Operating System Security

  32. Microsoft Outlook Express • Enables you to export e-mail to Microsoft Outlook or a Microsoft Exchange server • Can be used to back up messages from other systems • Enables you to block or filter messages from unwanted sources Guide to Operating System Security

  33. Microsoft Outlook • Included with Microsoft Office • Has multiple capabilities • E-mail communications • Calendar • Ability to track tasks, list contacts, and make notes Guide to Operating System Security

  34. Microsoft Outlook Security Features • S/MIME (version 3) • 40-bit and 128-bit RC2 encryption • 64-bit RC2 encryption • 56-bit DES encryption • 168-bit Triple DES encryption • Digital signatures encrypted using SHA-1 • V1 Exchange Server Security certificates Guide to Operating System Security

  35. Configuration Options for Microsoft Outlook Guide to Operating System Security

  36. Microsoft Outlook • Ability to back up messages by exporting to a file (many file types available) • Ability to add specific Web sites to junk e-mail list Guide to Operating System Security

  37. Ximian Evolution Mail inRed Hat Linux 9.x • Processes e-mail • Schedules activities on a calendar • Records tasks • Creates list of contacts • Summary function (weather, inbox/outbox totals, appointments, updates and errata) Guide to Operating System Security

  38. Ximian Evolution Mail inRed Hat Linux 9.x Guide to Operating System Security

  39. Ximian Evolution Mail inRed Hat Linux 9.x • Capability to configure more than one account with unique properties • Can be configured to use either PGP security or GnuPG Guide to Operating System Security

  40. Configuration Options for Evolution Mail Guide to Operating System Security

  41. Apple Mail (Continued) • Comes with Mac OS X • Focuses on handling e-mail activities • Enables creation of filters to reject mail from unwanted or unknown sources • Capability to configure different accounts Guide to Operating System Security

  42. Apple Mail (Continued) Guide to Operating System Security

  43. Apple Mail (Continued) • Uses PGP for security • Can specify use of SSL for security over Internet links to e-mail • Provides different authentication methods for verifying access to an e-mail account • Password authentication • Kerberos version 4 and version 5 • MD5 challenge-response Guide to Operating System Security

  44. Summary • How operating systems use SMTP for e-mail • Sources of e-mail attacks • Over 90% of malicious software strikes throughe-mail • How certificates and encryption can protecte-mail • How to configure security in e-mail software typically used with operating systems Guide to Operating System Security

More Related