IV. Network Security

Transcription

1 4MMSR Grenoble INP Ensimag 4MMSR - Network security course IV. Network Security Lecturers: Fabien Duchene, Dominique Vicard Chapters: IV.6. Internet

2 Plan thème IV. La sécurité des réseaux o 0. Introduction o Le réseau o Parano: mode d emploi 4. Intranet Authentification o 1. Menaces, vuln., attaques o Stéganographie o Partage de secret o P2P: l algo. Eigentrust o 3. Poste client o o o o o 2 Certifications Principes de la sécurité Principaux méchanismes NT4+ Unix Active Directory, Kerberos Conformance (IDS/ o Définitions o Attaques o 2. Qqes algorithmes 6. Internet IPS, Antimalware, NAC) 5. Protocoles RFID RAS: PPTP, L2F, L2TP RADIUS 802.1x wifi IPSec SSL/TLS VPN GSM 0.1. Introduction Firewall Proxy, Socks Web-Services PKI 7. Browser Privacy mode Javascript, XSS Flash, ActiveX, Java Sandbox HTLM5

3 IV. 6. Internet 3 Firewall Proxy, Socks Web-Services PKI

4 6.1. Firewall Introduction Firewall locations o Network edge o Endpoint & servers Packet filtering Stateful Packet Inspection Application firewalls Firewall policy Some stuff from Cyril Voisin s lecture: Base de la sécurité des réseaux", Principal Security Advisor, Microsoft 4

5 Perimeter security Security at the network layers (transport & network) Part of the in-depth defense mechanism Traditional security view But! Old, traditional mechanism This is NOT SUFICIENT today: a host protection is vital! Lack of flexibility, cost o Microsoft now pushes for a deperimeterization : IPSec boundaries 5

6 Firewall - introduction Filtering limits network access between at least two networks o 2 directions filtering o Rules, metrics o RFC2979 thus located between two networks o L2 switching capabilities o L3 router in an IP path Information Disclosure prevention: IPv4 network: Network Address Translation protects a network topology from being discovered o 1-to-1 mapping o 1-to-N mapping (discrimation regarding destination port) 6

7 Firewall introduction (2) Products Software firewall o Installable executable linux iptables Windows Advanced Firewall o Virtual machine Hardware accelerated firewall appliance = HW +SW o Eg: Juniper, NetASQ! 7

8 Firewall locations Endpoint & servers host-based firewall Software: in-depth defense principle! Tight OS interactions (each socket or routing operation!) Easier to hack than separate firewalls DMZ (DeMilitarized Zone) "perimeter network" Picture source: Wikipedia Network Edge o Software o Virtualized o Hardware LAN 8 (controlled network) Firewall WAN (public network)

9 some common DMZ network topologies Two firewall levels the multiculture principle => different brands!"#$%"*+& "$#,-%.& One firewall level:!"#$%"*+& "$#,-%.& 9!"#$%"$#& '()& '()&!"#$%"$#&

10 Stateless firewalls packet filtering 1st generation: o 1988 Dodong Sean James, Elohra (DEC) o Bill Cheswick and Steve Bellovin (AT&T Bell Labs) Filter packets for allowing some circuits: o Pass o Drop (silently discard) o Reject (error response to the sender) Depending of L3 (Network) and L4 (Transport) metrics o IP source/dest address o TCP/UDP source/dest port number Policy example: o allow TCP->21 traffic from networka to network B o deny all traffic from (any network) to (any network) 11!""#$%&'(#$)% /*00+12*3-"4&5$551-"4& 0%$5$"#*3-"67& *$'+)",$-% /8'94&:;97&.#-/,$0&/!97& 12+0%/$#<$%"$#7& 34()25'&%

11 Stateful packet inspection session filtering Attacks on 1st generation FW: o DoS: eg: SYN flood (firewall ressources consumption) 2rd generation o : Janardhan Sharma, Dave Presetto, and Kshitij Nigam o 1995: first commercial product by Nir Zuk s team (CheckPoint) Stores the connection state o is that new packet conform to that current connection? o or is it for a new connection? o see the NAT connection table (in your network lecture!) Additional conformance verification for: o TCP flags (SYN, ACK, RST, PSH, FIN) o Session state and the TCP sequence number! o If any packet does not correspond to the expected state, it is blocked! 12

12 Stateful firewalls TCP states 13

13 Stateful firewalls state table Statically limited size table Each entry: 6,7$5#% 8#)9+'9,+% ",$-% ",$-% 6,7$5#% :3% 8#)9+'9,+% :3% :3%+7;<#$% 3$,-,5,&% *2;#,7-%!"#$"%%&'(%!"#$"%%&'()!"#$"%%&'() A=& A>BC?AC>DECAA& >AFCDDC?EC=& B& G(:9&?=H=E& Understanding the FW-1 State Table, Lance Spitzner Flushing policy: if the connection is closed, or if no packet is sent during the TIMEOUT time Some Internet Protocol numbers: :3%+7;<#$% :3%+';#% >&!;(9& B& :;9& >I& 8'9& 14

14 SPI firewall - example Eg: web-server (HTTP on TCP 80) publishing over IPv4, protected by D-NAT (Destination NAT) in that case in 1-to-1 mapping Web Client A%!"#$%&'() M *+,)-&.)&)/01&2) -&%3.-&45)!6789) 678):+;9):+;() M Public IP addresses G% SPI G-J%2$9-%#K&:;9&@=ID@& '$53"*3-"9-%#K&:;9&DE& G-J%2$!9K&DICFD6& '$53"*3-"!9KF>C>A>6& GL9-%#K&:;9&DE& 'L9-%#K&:;9&@=ID@& GL!9K&F>C>A>C=>CAE=& 'L!9K&DI6& B% GL9-%#K&:;9&@=ID@& 'L9-%#K&:;9&DEDA& GL!9K&DI6& 'L!9K&>ECECEC=& 6=.% F% J% 6&>?@% GL9-%#K&:;9&DEDA& 'L9-%#K&:;9&@=ID@& GL!9K&>ECECEC=& 'L!9K&DI6& C% 6&>?@% AA% D% SYN processing E% 6=.%>?@% AH% Web-Server (listening on TCP 8082) Firewall 6=.%>?@% I% /28 6=.% #&>45?)1A'')B5) 3@"##53) 15. DMZ AB% The client can now send its HTTP requests and the same kind of checks are performed during the WHOLE communication

15 Application firewalls 3nd generation o : Bill Cheswick (AT&T), Marcus Ranum, and Gene Spafford (Purdue) Has a protocol description o Sequences, data types & size : eg: HTTP, DNS! QoS: traffic prioritization o Useful for applications with real-time requirements (eg: SIP)!""#$%&'(#$)% /*00+12*3-"4&5$551-"4& 0%$5$"#*3-"67& *$'+)",$-% /8'94&:;97& Performs Deep Packet Inspection o blocks known attacks (exploit signature) ~ 80% viruses (signature too) o force specific protocol behavior eg: limiting the HTTP header to x bytes o blocks specific content.#-/,$0&/!97& 12+0%/$#<$%"$#7& 34()25'&% eg: sending PDF files via gmail 16 Bill Cheswick, The Design of a Secure Internet Gateway, USENIX 1990

16 Firewall policy Set of rules Example: Block all outgoing FTP traffic except from host! to host! Allow only a subset of commands of the SIP protocol Least privilege principle: The last evaluated rule has to be o Deny All traffic from any network to any network 19

17 Additional cool stuff Policy depending of the identity of authenticated users: Role-Based Access Control Could also have additional functions: Proxy Failover, Load-Balancing 20

18 Firewall - interlude 26 Firewalls and Internet security: repelling the wily hacker, William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin

19 IV Proxy Acts as an intermediary for requests from clients to another service. Types Proxy!"#$%"$#& Forward Internal network Open Reverse Applications!"#$%"$#& Proxy!"#$%"$#& Proxy!"#$%"$#& Internal network Internal server (eg: webserver) o Squid o Microsoft Forefront Threat Management Gateway (ISA server) 27

20 IV Proxy - features Policy: Filtering at the application level o Similar to Deep-Packet Inspection eg: HTTP URL filtering DNS: blacklist Caching o Accelerating some requests o (eg: Forward proxy loading static content from google.fr from its cache rather than fetching it again from the Internet) Logging o Each corporation providing an internet access has to log requests (liability issues) the policy could be dependent of the authenticated user/comp. 30

21 IV Proxy - SOCKS SOCKet Security, RFC1928, default TCP port 1080 (server) The application has to "understand" a SOCKS dialog Eg: forward proxy in a corporation ; HTTP GET / allow HTTP, DNS from proxy to Internet Identity provider Client SOCKS U::9& Internal network :;9&!9&2+1$"#M5$%T$%& GV;WG& :;9&!9&2+1$"#M0%-XR& 31 Proxy!"#$%"$#& FW U::9& U::9& :;9& :;9&!9&/5-J%2$& Y&0%-XR7&!9&/5-J%2$&Y& 0%-XRHZ,7&

22 IV Services Oriented Architecture Web-Service WS-Security WS-Federation 34

23 Service Oriented Architecture Provides: UDDI: Service location WSDL: Service description SOAP: Remote Procedure Call Interesting: Interoperability Low-coupling Web-Services and Firewalls: [(\& o Generally TCP 80 or TCP 443 for the U::9&H&O9;& transport. :;9& o "classic DPI" is not enough, since the "real applications" function at a higher!9& level than HTTP! 35

24 WS-Security A way of ensuring integrity and confidentiality properties on SOAP messages. o Author: OASIS (Microsoft, IBM,!) Credentials: transport of security tokens SAML Security Assertion Markup Language o Authentication o Authorization o.. between "security domains" (eg: Active Directory domains) Kerberos X.509 Integrity: XML signature Encryption: XML encryption 37

25 WS-Federation & SAML: identity federation An user authenticates through his Identity Provider (eg: corp A) and gets access to applications published by a Service Provider (eg: corp B) ~ Web-Browser SSO Some definitions (see ADFS 1.0 example next slide) Identity Provider (eg: LDAP, SQL database!) Claims (FR: revendication) o Eg: User.Age >=18 Token (FR: jeton) Service Provider: provides the application 38

26 Active Directory Federation Services 1.0 o Example in Business2Businness Web-Browser Single-Sign-On Corporation A (Authentication) Intranet D Identity Provider Corporation R (Ressource) DMZ FS-A - obtains the attributes from IP - build the claims (c1,c2) - add some information regarding C - signs them = SAML token [C,c1,c2]FS-A X.509 cert. exchange FS-R accepts FS-A tokens K6L>% 3.2 HTTP 302 FS-A User authentication SAML Token Request C B K6LM#<L 3$,N(%>% n F Token construction: - checks the FS-A token signature - and builds [C,c1,c2]FS-R A FSm o fr K6LM#<L 3$,N(%O% e ovid r p Plz [C,c1,c2!]FS-A R 3.1. ]FS. HTTP POST. A 2 = c n,c1, mai C E [ o d 1 7. urity c e s 2.2 G HTTP POST 2.1 Authenticate to FS-P B (HTTP 302). I need the claims c1,c2.. A Client C 39 ke a to DMZ Intranet HTTP GET / web app. B 8: HTTP 200 OK, servicing I Web Application Active Directory Federation Services 2.0 (2010), Philippe BERAUD, Microsoft

27 IV Public Key Infrastructure Defintion Components Certification Authority Chain of trust Certificate issuance Revocation Example PKCS Implementation & use cases Fabien Duchene, Introduction to the Microsoft PKI Active Directory Certificate Services 2008 R2, Sogeti-ESEC 40

28 PKI - definition Hardware, software, people, policies and procedures to manage the lifecycle of digital certificates o (manage, distribute, use, store and revoke) It uses: asymmetric cryptography o! and is ONE solution to associate certificates with identity = hierarchical model o! other models exist: local trust model (eg: SPKI) web of trust (eg: PGP) U«V» V«U» U V V«W» W«V» V«Y» Y«V» Y W W«X» X«W» X«Z» C X«C» Y«Z» Z«Y» Z«X» Z X A X«A» B Z«B» TISO /d04 Figure 4 CA hierarchy A hypothetical example 41

29 PKI - components W$R5&*"Q&2$%3]2*#$5&&?#$9P5'9,+%>7-4,$2-(%?#$9P5'-#%"7<&25'9,+%'+Q% S*"*P$S$"#&&#--+54&*JQ13"P6& $#R,5'9,+%Q2)-$2<79,+%",2+-)%% /;^7& /;O\4&V;G97& G$2J%1#R&0-+12R& 8O\5& <_0KHH&& ]+$KHH&& ;$%3]2*#$&$"%-++S$"#&*"Q& +Q*0KHH& O$T-2*3-"&0-+12R& *J#<$"32*3-"&?#$9P5'-#S)7& O#T7#)-,$)&&&&&&&&&&/2-S0J#$%4&J5$%7& Applications and services.. able to interact with certificates 42 :Q#+9-(%3$,R2Q#$% /$PK&^''G7&

30 Certification Authority A trusted party (server), as part of a PKI: Verify the identity of a certificate requestor Issue certificates to requestors (users, comp) according to the issuance policy Manage certificate revocation* *revocation: designing a certificate as no more valid, even if its expiration date is future. 43

31 PKI Trust topology ^&42#$'$5425'&&#%J5#&S-Q$+K& 85$%5H2-S0J#$%5&#%J5#&#<$&O--#&;^& :%*"513T$&#%J5#&%$+*3-"&3++&#<$&+$*Z5& I trust that Root CA! thus I also trust these CA (issued cert. by the Root CA) Sheldon Cooper! thus I also trust the identity of that user/comp (issued cert..) Issued certificate Kim Cameron 44 GeekCompany Root CA

32 6.4.4 Certificate insuance A Root CA self-signs its certificate The most common model: the requester generates the KeyPair o Certificate template: set of parameters (key length, authentication requirements (1/2/3 factor(s)), permissions! Certificate Template store A% Certificate Templates fetching H% Authentication D% Verifications Authenticated Certificate request C% (public key, validity, certificate template!) Client KeyPair generation B% (according to the chosen certificate template parameters) 45 Identity Provider F% Certificate (template parameters) Certification Authority E% Certificate issuance (see next slide)

33 Chain of trust & certificate issuance Trust hierarchy: trusting the Root CA Signature: each CA signs all issued certificates! including the child PKI ones! 46

34 Chain of trust - signature ;+$*%&#$X#&2$%3]2*#$& 1"Z-%S*3-"& Thumbprint computation Thumbprint signed with the issuing CA private key Cert. Signature field * hash: function that takes a block of data and returns a fixed size bit string. (eg: MD5, SHA-1, SHA-512!) 47

35 How could the chain of trust be broken? For any certificate in that chain: Validity time: certificate expired? Subject name: the certificate information is different to what the application expects? (eg: loading an https website by its IP, instead of FQDN) Revocation: has that certificate been revoked at the CDP?! and of course if the Root CA of that chain is not trusted! 48 Technical overview of the Microsoft PKI ADCS 2008 R2

36 PKI - Revocation CRL (Certificate Revocation List) List of revocated certificates hashes periodically fetched Periodical CRL download (HTTP, SMB, LDAP!) Certificate hash Is the hash present in the signed CRL? yes no! The certificate is not trusted " The certificate is trusted (by the issuing CA) OCSP (Online Certificate Status Protocol) Real-Time web request Certificate hash 51 Is the certificate revoked? OCSP Request yes! The certificate is no OCSP signed Reply not trusted " The certificate is trusted

37 PKI certificate verification example Consider the following scenario: Should I trust the customer CA certificate, knowing I 0. Get the AIA information periodically obtained the Root CA (URL, download the Root CA public key) cert from the AIA? 3. Is the Root CA cert. revoked or expired? (CRL, OCSP) Is it the right computer (DNS FQDN)? 4. Check the Ext. Pol. CA certificate signature (parent CA) ! 1. The Customer CA is presenting us its certificate (!and the related chain of trust) Do I trust the Root CA certificate? ( Trusted Root Certification Authorities?)

38 PKI - PKCS Public-Key Cryptography Standards Based on Diffie & Hellmann research (1976) asymetric crypto OS neutral Used in many standards relying on asymetric crypto 58 PKCS #1: RSA Encryption Standard PKCS #3: Diffie-Hellman KeyAgreement Standard PKCS #5: Password-Based Cryptography Standard PKCS #6: Extended-Certificate Syntax Standard PKCS #7: Cryptographic Message Syntax Standard PKCS #8: Private-Key Information Syntax Standard PKCS #9: Selected Attribute Types PKCS #10: Certification Request Syntax Standard PKCS #11: Cryptographic Token Interface Standard PKCS #12: Personal Information Exchange Syntax Standard PKCS #13: Elliptic Curve Cryptography Standard PKCS #15: Cryptographic Token Information Format Standard

39 Some implementations & use cases Web-Security SSL: website authentication and data encryption signature and encryption Corporate security 2 factors authentication Application/Data integrity Java Applets Apple ios applications Microsoft Windows updates Antimalware signatures 59

40 IV.6. Internet - summary `1%$,*++& a G#*#$ZJ++H5#*#$+$55& a N<12<&+*R$%5&2-J"#& Z-%&Q$21Q1"Pb& a ^00+12*3-"& a :%*"50-%#& a c$#,-%.& a '-&#<$R&0$%Z-%S& S*5dJ$%*Q1"Pb& a ep&c^:&1"&!9t@& a '$$0M9*2.$#&!"50$23-"& a \-2*3-"K&$"Q0-1"#& -%&"$#,-%.b& a f-gb& 61 9%-XR& a :R0$5& a `-%,*%Q& a V0$"& a O$T$%5$& a `$*#J%$5& a `1+#$%1"P&/'9!7& a ;*2<1"P& a \-PP1"P& /%$+*3-"5<10&#-& *J#<$"32*3-"7& a GV;WG& a \=&0%-#-2-+& a e*51$%&#-& *QS1"15#%*#$& ]%$,*++5& N$gMG$%T12$5& a GV^& a G$%T12$& a O$dJ$5#-%& a h%-.$%& a 9%-T1Q$%& a NGMG$2J%1#R& a NGM`$Q$%*3-"& a G^(\&#-.$"& a ^'`G&>CE&$X*S0+$& 9W!& a ^5RS$#%12& 2%R0#-P%*0<R& a OG^& a :%J5#&S-Q$+& a ;$%3]2*3-"& ^J#<-%1#R& a!55j*"2$& a G1P"*#J%$& a GS*%#&;*%Q& a O$T-2*3-"&;O\& a ;$%3]2*#$& a 9W;G& a ^00+12*3-"5& a G-i,*%$&1"#$P%1#R& a ^J#<$"32*3-"& a '*#*&$"2%R03-"&