Introduction to Computer Security Benoit Donnet Academic Year 2015-2016

Similar documents
Proxies. Chapter 4. Network & Security Gildas Avoine

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

CSCE 465 Computer & Network Security

Internet Security [1] VU Engin Kirda

Firewall Firewall August, 2003

TELE 301 Network Management. Lecture 17: File Transfer & Web Caching

Network Configuration Settings

Security Technology: Firewalls and VPNs

Configuration Example

Proxy Server, Network Address Translator, Firewall. Proxy Server

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Figure 41-1 IP Filter Rules

Step-by-Step Configuration

1 Introduction: Network Applications

Dissertation Title: SOCKS5-based Firewall Support For UDP-based Application. Author: Fung, King Pong

Firewalls (IPTABLES)

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Basic Network Configuration

Running the Tor client on Mac OS X

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

Firewalls P+S Linux Router & Firewall 2013

Device Log Export ENGLISH

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

Linux MDS Firewall Supplement

Step-by-Step Configuration

FAQs for Oracle iplanet Proxy Server 4.0

Firewalls. Chapter 3

Firewalls, IDS and IPS

SSL VPN Technology White Paper

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

P and FTP Proxy caching Using a Cisco Cache Engine 550 an

DMZ Network Visibility with Wireshark June 15, 2010

Source-Connect Network Configuration Last updated May 2009

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Setting Up Scan to SMB on TaskALFA series MFP s.

DMH remote access. Table of Contents. Project : remote_access_dmh Date: 29/05/12 pg. 1

Multi-Homing Security Gateway

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2006

F-Secure Messaging Security Gateway. Deployment Guide

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

How Your Computer Accesses the Internet through your Wi-Fi for Boats Router

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

File Transfer Protocol (FTP) & SSH

GS1 Trade Sync Connectivity guide

Firewall Configuration. Firewall Configuration. Solution Firewall Principles

Chapter 11 Cloud Application Development

Kaseya Server Instal ation User Guide June 6, 2008

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Basic Exchange Setup Guide

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Small Business Server Part 2

How to set up the HotSpot module with SmartConnect. Panda GateDefender 5.0

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

Network Configuration/Bandwidth Planning Scope

F-Secure Internet Gatekeeper

Monitoring Forefront TMG

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge

Configuring PA Firewalls for a Layer 3 Deployment

Introduction of Intrusion Detection Systems

Configuration Guide BES12. Version 12.2

Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE

Articles Fighting SPAM in Lotus Domino

Hosted CanIt. Roaring Penguin Software Inc. 26 April 2011

IP Filtering for Patton RAS Products

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

Click on Start Control Panel Windows Firewall. This will open the main Windows Firewall configuration window.

Networking Basics and Network Security

Overview - Using ADAMS With a Firewall

Pre Sales Communications

Endian Unified Threat Management

Securing Networks with PIX and ASA

Configuring Your Gateman Server

Overview - Using ADAMS With a Firewall

ΕΠΛ 674: Εργαστήριο 5 Firewalls

CMPT 471 Networking II

Internet Security Firewalls

Networking for Caribbean Development

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Volume SYSLOG JUNCTION. User s Guide. User s Guide

Lesson 13: DNS Security. Javier Osuna GMV Head of Security and Process Consulting Division

Security. TestOut Modules

Chapter 4: Security of the architecture, and lower layer security (network security) 1

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Enterprise Edge Communications Manager. Data Capabilities

Configuring Outlook to send mail via your Exchange mailbox using an alternative address

PAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

CompTIA Network+ (Exam N10-005)

Internet Security Firewalls

INTRODUCTION TO FIREWALL SECURITY

Transcription:

Introduction to Computer Security Benoit Donnet Academic Year 2015-2016 1 Agenda Networking Chapter 1: Firewalls Chapter 2: Proxy Chapter 3: Intrusion Detection System Chapter 4: Network Attacks Chapter 5: Spam Chapter 6: Virology 2

Agenda Chapter 2: Proxy - Definition - Features - Types of Proxies - Reverse Proxies 3 Agenda Chapter 2: Proxy - Definition - Features - Types of Proxies - Reverse Proxies 4

Definition Proxies are application relays They play the role of - server for the client - client for the server client TCP IP link phys. client TCP IP link phys. client TCP IP link phys. 5 Agenda Chapter 2: Proxies - Definition - Features - Types of Proxies - Reverse Proxies 6

Features Benefits of using proxies - they prevent direct connections from an internal network towards the Internet choke point possibly authentication - they can analyse data within the application's context and filter if required URL or DNS blacklists keyword filtering... - they can reformat pages for smartphones, tablets,... - they can be used to test a system from outside 7 Features (2) Cache features - the proxy can keep a local copy of all documents that it has fetched - when another client asks for the same document, it can deliver directly the local copy Advantages - transfer much faster increase in surf comfort - bandwidth saving limit cost 8

Features (3) Anonymous surf - user IP address hidden - open proxy 9 Agenda Chapter 2: Proxy - Definition - Features - Types of Proxies Transparent Proxy FTP Proxy SMTP Proxy DNS Proxy SOCKS Proxy HTTPS Proxy - Reverse Proxies 10

Transparent Proxy Transparent proxy - a proxy that does not modify the request or response beyond what is required by the proxy authentication and identification - [RFC2616] Any traffic targeting at a certain port (e.g., 80) is automatically redirected towards the proxy by the firewall Typical usage - force the usage of a proxy - load balancing Limit - does not work if server does not use standard port 11 FTP Proxy FTP - File Transfer Protocol - network protocol used to transfer files from one computer to another - [RFC959] FTP establishes 2 connections between both hosts - command connection used for exchanging command and replies between client and server based on telnet - data connection data is transferred over this connection can be directed towards the client active mode can be directed towards the server passive mode 12

FTP Proxy (2) FTP Proxy using HTTP - browsers allow specifying URLs such as FTP:// my.server.com/toto.txt - if the browser is configured to use a HTTP proxy, it will ask the proxy for the URL - the HTTP proxy carries out the FTP transfer and provides the document as part of the HTTP reply User HTTP connection to the proxy proxy get ftp://my.server.com/toto.txt HTTP/1.0 FTP connection USER anonymous PASS toto RETR toto.txt www.my.server.com 13 FTP Proxy (3) User@ FTP Proxy - the User@ server behaves like a standard FTP server - it can be used by any FTP client - how to access a remote server Bob with user name Joe provide Joe@Bob as username to the proxy the proxy connects to the server and relays the passwords, commands, and data the two connections can use active or passive mode independently User proxy FTP connection to proxy bob.com FTP connection to bob USER joe@bob.com PASS maison2 RETR toto.txt USER joe PASS maison2 RETR toto.txt 14

SMTP Proxy SMTP - Simple Mail Transfer Protocol - protocol for email transmission conceived to relay email hop by hop - [RFC821, RFC5321] An SMTP server can act as a proxy - outbound (forward path) the proxy is specified as SMTP server for the outgoing mail in the mail client - inbound (reverse path) the proxy has to be registered in the DNS as the official server for that domain the proxy has to be configured to forward all mails to the internal server that should receive the mails 15 DNS Proxy DNS - Domain Name System - hierarchical distributed naming system for computers mainly ensures domain names IP addresses translation requests are retransmitted from server to server - defined in [RFC882] and [RFC883] DNS servers can work as proxies DNS servers have a cache to limit traffic and reduce response time Good idea to define a DNS proxy to direct all requests towards a bigger server - to take advantage of a bigger cache 16

SOCKS Proxy SOCKS proxy is a general proxy for TCP and UDP connections It accepts a client's connection and opens another one towards the server - the data is then transferred between the two connections Advantage - SOCKS allows any protocol to pass via a proxy Drawback - SOCKS allows any protocol to pass via a proxy 17 HTTPS Proxy HTTPS is a secure version of HTTP - authentication - encryption HTTPS proxies are not a secure version of HTTP proxies HTTPS encrypts and authenticates end-to-end - if the proxy was able to create the connection to the server, we would loose all advantages HTTPS proxy does no more than transparently relaying data between client's connection and server's connection - pretty much like SOCKS proxy 18

HTTPS Proxy (2) Implementation - HTTPS proxy uses the HTTP command connect that indicates the server address - it replies with a status and becomes transparent connect www.my.server.com HTTP/1.0 User proxy www.my.server.com GET secret.txt HTTP/1.0 GET secret.txt HTTP/1.0 19 HTTPS Proxy (3) Security issues - HTTPS proxy allows relaying any type of protocol - to limit abuses, the available ports are often limited to 443 (HTTPS) and 563 (NNTPS) - to allow any protocol to cross a firewall, it is sufficient to run the server on port 443 and pass through an HTTPS proxy 20

Agenda Chapter 2: Proxy - Definition - Features - Types of Proxies - Reverse Proxies Principle Reverse HTTP Proxy Reverse HTTPS Proxy Protocol Translation 21 Principle In the forward path, the client knows he must pass through a proxy - he can adapt his requests accordingly In the return path, the client does not know if he is talking to a server or to a proxy The proxy must behave like a server For protocols that do not support relaying (e.g., HTTP, FTP), the reverse proxy can relay only to one server 22

Reverse HTTP Reverse HTTP proxy allows for - filtering of requests i.e., blocking exploits see Part 3 of the course - authenticating clients before they speak to the server you can't attack the server, unless you are authenticated - accelerating servers Server accelerators - reverse proxies work just like caches - the proxy provides static documents the server is in charge of building dynamic documents - workload dispatcher 23 Reverse HTTPS HTTPS proxies are used as encryption accelerators - they can reduce the workload of servers by taking care of the encryption and the authentication - the proxy can have a hardware accelerator for HTTPS The connection between the proxy and the server is of HTTP - not HTTPS 24

Protocol Translation The proxy can use different protocols each side - a web mail application can accept HTTPS requests from the Internet generate IMAP requests towards the mail server - an e-commerce application can accept HTTPS requests from the Internet generate CORBA or SQL requests towards the servers The protocol diversity strongly limits the chances of exploiting a vulnerability across a proxy 25

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information