400 likes | 588 Views
NETW 05A: APPLIED WIRELESS SECURITY Wireless VPN Technology. By Mohammad Shanehsaz Spring 2005. Objectives . Virtual Private Networks Implement, configure, and manage the following VPN solutions in a wireless LAN environment: PPTP IPSec L2TP
E N D
NETW 05A: APPLIED WIRELESS SECURITY Wireless VPN Technology By Mohammad Shanehsaz Spring 2005
Objectives • Virtual Private Networks • Implement, configure, and manage the following VPN solutions in a wireless LAN environment: • PPTP • IPSec • L2TP • Explain the importance and benefits of session persistence in a wireless VPN environment • Describe benefits of mobile VPN solutions
Objectives • Explain the differences, strengths, and limitations of each of the following as a wireless VPN solution • Routers • VPN • Concentrators • Firewalls
Objectives • Software solutions Implement software solutions for the following: • SSH2 Tunneling • Securing wireless thin clients • Port redirection • Transport Layer Security (TLS)
Virtual Private Network • Provides a means for a computer and network to securely communicate over public or unsecured network connections • VPN uses both authentication and encryption to ensure that only authorized users access the network and read data while data integrity is maintained from cryptographic checksums • VPN typically employs a form of encapsulation where one protocol is carried inside of another (Tunneling)
Wireless VPN • The use of VPN technology over wireless medium • Allows mobile users to securely access a corporate network from remote locations (such as a wireless hot spot)
VPN Process • A device that initiates a connection to a VPN server (VPN concentrator) is a VPN client • A VPN client can be an individual computer obtaining remote access or a router that obtains a peer-to-peer (router-to-router) VPN connection • The connection is referred to as a tunnel (encapsulating one protocol inside another) • During tunnel setup, the devices on each side of the tunnel agree on the details of authentication and encryption
VPN Process • Passwords, smart cards, biometrics and other methods are commonly deployed for VPN authentication • Some standard tunneling protocols are: • PPTP (Point-to-Point Tunneling Protocol) • L2TP Layer 2 Tunneling Protocol) • IPSec (Internet Protocol Security)
Wireless VPN Considerations • Wireless VPNs do not always fulfill every security design requirement • For maximum security in wireless VPN both layer 2 and layer 3 of the OSI model should be secured • This level of security carries a high price tag, • high administrative overhead and • reduced throughput
Wireless VPN Considerations • Advantages vs Disadvantages (coming slides) • Security Issues (unintentional sharing of the VPN connection) • Administration (VPNs administered remotely) • Scalability (solutions will grow with the organization without constant replacement and retraining ) • Subnet Roaming (MobileIP VPNs solution needed to solve the roaming, but it is complicated to configure and manage in large environment)
Wireless VPN Considerations • Role-based Access Control (assign privileges based on user’s role in network) • VLANs (since VPNs servers are encrypting routers with authentication support, segmentation will happen at layer 3 in the network and requires skilled & experienced IT professionals)
Advantages of using Wireless VPNs • Very secure encryption is available • Connections are point-to-point • Well established standards are readily available from many vendors • Many security administrators already understand VPN technology • Most VPN servers work with established authentication methods like RADIUS • Class-of-Service mechanisms like RBAC can be deployed • VPNs reduce broadcast domains in comparison with 802.1x/EAP solutions • Authentication can be performed through a web browser
Disadvantages of Wireless VPNs • Expensive • Hot failover designs are very expensive • Advanced routing is difficult • Lack of interoperability between vendors • Lack of OS support across multiple platforms • Configuration of clients and servers and deployment can be difficult • High encryption/decryption overhead • VPN connections can be broken by roaming across layer 3 boundaries
VPN Connections types • Remote Access Connections - created when a client initiates a connection to a VPN server • Peer-to-Peer Connections - connect two private networks
PPTP VPN protocol • Point-to-Point-Tunneling Protocol supports multiple encapsulated protocols, authentication and encryption • It uses a client/server architecture • Microsoft developed it so most of Microsoft’s desktop and server OS support it natively • It is based on the point-to-point protocol • PPTP supports Microsoft Point-to-Point encryption (MPPE) using the RC4 algorithm with a 128-bit key • PPTP support has been implemented in the Linux server software called POPTOP • The authentication methods used by PPTP are typically PAP. MS-CHAP or MS-CHAPv2
How does PPTP works? • Starts by forming a tunnel between the client and server • Many protocols can be encapsulated inside of IP for use with PPTP, but by far IP-in-IP is the most common • Client/server connection has an IP subnet, and the tunnel itself has a different subnet • DHCP can be used for both subnets inside and outside the tunnel • VPN server handles tunnel IP address • Client connects with the server by dialing the server • The server then authenticates the user, establishes tunnel addresses and begins passing traffics
L2TP VPN Protocol • Developed jointly by Cisco and Microsoft • L2TP is a combination of Cisco’s Layer2 Forwarding (L2F) and Microsoft’s PPTP • There are two distinct parts to the L2TP network: • The L2TP Access Concentrator (LAC) where the client’s physical connection terminates • The L2TP Network Server (LNS) where the upstream LNS terminates the PPP session • Since it does not define any encryption standard, L2TP is often combined with IPSec for security
Similarities between PPTP and L2TP • Both provide a logical transport mechanism to send PPP frames • Both provide tunneling and encapsulation so that PPP frames based on any protocol can be sent across an IP network • Both rely on the PPP connection process to perform user authentication, typically using • a user name and password, and • protocol configuration
Differences between PPTP and L2TP • With PPTP data encryption begins after the PPP connection process is completed, so the user authentication process is not encrypted, while L2TP/IPSec user authentication is encrypted • PPTP uses MPPE encryption which is RC4 with 40,56,128 bit encryption keys where L2TP/IPSec uses DES ( 56 bit key) or 3DES.( Note: Microsoft L2TP/IPSec VPN client only supports DES ) • PPTP requires only user-level authentication while L2TP/IPSec connections require two levels, to create SAs (for protecting encapsulated data), first client must perform a computer-level authentication with a certificate or pre-shared key , then user-level authentication will be performed
Advantages of using L2TP • IPSec provides per-packet data origin authentication, data integrity, replay protection, and data confidentiality, where PPTP provides only per-packet data confidentiality • L2TP/IPSec requires stronger authentication. (two level authentication) • PPP frames exchanged during user-level authentication are encrypted
IPSec/IKE • Collection of IETF standards specify key management protocols and encrypted packet formats/protocols (RFCs 2401 to 241X) • Supports a wide variety of encryption algorithms (DES,3DES,AES,RC4) • It supports a variety of data integrity mechanisms (128-bit MD5,160-bit SHA-1) • Standards supports pre-shared secrets and X.509 digital certificates for authenticating VPN peers • IPSec is a network layer VPN technology independent of the applications that use it • IPSec encapsulates the original IP data packet with its own packet • The IPSec standards support IP unicast traffic only
IPSec Security Features • Prevent Eavesdropping by encrypting headers and data • Prevent Data modification by including a checksum with each packets • Prevent Forgery by keying the data and the encryption of identities • Replay attacks are prevented by sequencing the packets • Mutual authentication and shared keys prevent man-in-the-middle attacks • The packet filtering features of IPSec prevent denial-of-service by blocking the packets that do not come from a valid IP range
IPSec protocols • There are two main protocols used with IPSec: • Authentication Header • Encapsulating Security Payload
Authentication Header • Provides datagram authentication and integrity by applying a key (secret shared key between two systems) to create a one-way hash message digest • The AH function is applied to the entire datagram except for any mutable IP header fields that change in transit • The IP header and data payload is hashed for integrity • The hash is used to build a new header, which is appended to the original packet • After receiving the new packet ,the peer router hashes the IP header and data payload, and compares that with the transmitted hash from AH header
Encapsulating Security Payload • Provides confidentiality (encryption at IP layer), data origin authentication, integrity, optional anti-replay service, and limited traffic-flow confidentiality • ESP provides confidentiality by encrypting at the IP layer (original IP header is unencrypted) • It supports a variety of symmetric encryption algorithms, but for interoperability it uses 56-bit DES
Modes of IPSec • Transport mode, is used between end stations or between end station and a gateway, if it is being treated as a host (telnet session to a router from workstation ) where only the data portion of each packet gets encrypted • Tunnel mode, is the most commonly used between gateways or at the end station to a gateway where both the header and payload get encrypted • See figures 13.11 and 13.12 for comparison of AH and ESP with transport and tunnel modes
Choosing between AH or ESP • If you need to transfer data with integrity and don’t need confidentiality, use the AH protocol • If you need to transfer data with integrity and confidentiality, use the ESP protocol, because ESP will encrypt the upper-layer protocols in transport mode and the entire IP datagram in tunnel mode
IPSec/IKE Remote Access • The IP connection uses special encapsulation or header between two end-points • Client configuration is done through client software (native or third party), and consists of setting authentication and encryption rule (also called a policy)
Policies • Policy items may include most, if not all, of the following: • Whether to secure a single connection or all connections • Connection type and ID (such as a secure gateway tunnel and IP address) • Mode ( Transport or Tunnel ) • ID Type ( Digital Certificate or Pre-Shared Key ) • Negotiation Mode (Main or Aggressive) • Perfect Forward Secrecy (enabled/disabled) • PFS Key Group (Diffie-Hellman type) • Replay Detection (enabled/disabled) • Phase 1 proposal (encryption algorithm, hash algorithm SA life key group) • Phase II proposal (SA life, compression, ESP/AH)
IPSec VPNs Pros • All IP types and services are supported • Failover without dropping sessions is available from multiple vendors • High performance is available • Dynamic re-keying, strong algorithms, and long key lengths make encryption very strong • Same technology base works in client-to-site, site-to-site, and client-to-client • Supports strong authentication technologies and directory integration
IPSec VPNs Pros (continue) • VPN server/gateway is typically co-resident, and therefore integrated, with firewall functions for access control, content screening, and other security controls • IPSec client solution manufacturers are starting to bundle personal firewall, and other security functions (e.g. anti-virus and intrusion detection) with IPSec client products • Once a key exchange is complete, many connections can utilize the established tunnel
IPSec VPNs Cons • Typically requires a client software installation; not all required client OS may be supported • Connectivity can be adversely affected by firewalls between the client and gateway • Connectivity can be adversely affected by NAT or proxy devices between the client and gateway • Requires client configuration before the tunnel is established • Weak interoperability between IPSec clients and servers/gateways due to configuration issue • Once a client has a tunnel into an organization, this can be a target of hackers, unless mitigated by personal firewalls or access controls at the VPN gateway
Advantages and Disadvantages of Using Digital Certificate for Authentication • Users no longer have to maintain a set passwords for entities that need to be authenticated when using certificates • L2TP/IPSec connections still need passwords for user authentication (entity being authenticated using certificate is a computer) • CAs issue certificates only to trusted entities • It is difficult to impersonate a certificate holder • The main disadvantage is that a PKI needed to issue certificates to users
Advantages and disadvantages of Pre-Shared Key Authentication • The advantage is that it does not require PKI • The disadvantages are: • A single key for all L2TP/IPSec connections in WIN2k server and Microsoft L2TP/IPSec VPN client • The key can be mistyped • The difficulty in method of distribution • The origin, history and valid lifetime can not be determined
SSH2 • IETF open standard • Provides secure TCP/IP tunnel between two computers with authentication • Encryption at transport layer while authentication is implemented within the application • Requires client and server software • Clients get authenticated using its public key or username and password or both methods • Uses public key/private key encryption scheme • Uses Message Authentication Code (MAC) algorithms for data integrity (SSH1 uses 32-bit CRC)
SSH2 protocol • SSH2 provides three main capabilities: • Secure command shell • Secure file transfer • Port forwarding (uses IP port 22 to route encrypted traffic from client to server and vice versa ) • Can be handled “locally” on the client computer Client is preconfigured with redirected ports • Can be handled “remotely" on the server • SSH2 mitigates the following attacks: • Eavesdropping • Man-in-the middle attacks • Insertion and Replay attacks
Mobile IP • Specified in RFC 2002 • It is combined with IPSec to provide security • Made up of two primary components: • Home Agent (HA) a server or router with static IP address that serves as VPN tunnel server • Client with a mobile IP software (vendor-specific) installed registers with HA • When client roams to a foreign network, it registers (notifies the HA) its new address, “ care-of ” address • Foreign Agent (FA), which is preconfigured with HA connectivity information that act as liaison between the client and the HA, when there is no DHCP server
Mobile IP Process • The mobile node roams onto a foreign network and requests an IP address from DHCP server • If there is no DHCP, the client locates the FA, through broadcasting • The FA registers the mobile node’s new care-of address with HA • The HA accepts packets destined to the mobile node on its behalf • The HA redirects the packets to mobile node by creating a new IP header with a destination address of the care-of address • The FA unwraps the packet and forwards it to the destination • Whenever the mobile node moves, it registers a new care-of address with its HA
Mobile IP security • The Mobile IP specification addresses only redirection attacks • All other security issues open for resolution by employing additional security layering
Resources • CWSP certified wireless security professional, from McGraw-Hill