SSL

Summary Security at the network level Security at the transport level IPSec Security at the transport level SSL (Secure Socket Layer) Security at the application level S/MIME PGP Kerberos SET

SSL & SSH Secure Shell (SSH) allows: Log into a remote machine Execute commands on that machine Transport files from one machine to the other It provides strong encryption and secure communications over insecure channels SSL (initially developed by Netscape) provides: Authentication, data integrity, and privacy No protection against traffic analysis attacks Most widely used as a secure transport layer for HTTP traffic

SSL Protocol Application Transport SSL Network Link Physical SSL runs between the Application and Transport Protocols The SSL protocol includes two sub-protocols: the SSL record protocol and the SSL handshake protocol. The SSL record protocol defines the format used to transmit data. The SSL handshake protocol involves using the SSL record protocol to exchange a series of messages between an SSL-enabled server and an SSL-enabled client when they first establish an SSL connection. Application Physical Link Network Transport SSL

SSL Handshake Protocol The SSL handshake protocol involves following actions: Authenticate the server to the client. Allow the client and server to select the ciphers, that they both support. Optionally authenticate the client to the server. Use public-key encryption techniques to generate shared secrets. Establish an encrypted SSL connection.

Ciphers used with SSL 1 Triple DES, which supports 168-bit encryption, with SHA-1 message authentication. Triple DES is the strongest cipher supported by SSL, but it is not as fast as RC4. Triple DES uses a key three times as long as the key for standard DES. Because the key size is so large, there are more possible keys than for any other cipher—approximately 3.7 x 1050. RC4 with 128-bit encryption and MD5 message authentication. Because the RC4 has 128-bit encryption, it is the second strongest next to Triple DES with 168-bit encryption. RC4 128-bit encryption permits approximately 3.4 x 1038 possible keys, making it very difficult to crack. RC4 cipher is the fastest of the supported ciphers.

Ciphers used with SSL 2 RC2 with 128-bit encryption and MD5 message authentication. (Better to use RC4) DES, which supports 56-bit encryption, with SHA-1 message authentication. DES is stronger than 40-bit encryption, but not as strong as 128-bit encryption. DES 56-bit encryption permits approximately 7.2 x 1016 possible keys. Was broken in a day!!! (few seconds?) RC4 with 40-bit encryption and MD5 message authentication. RC4 40-bit encryption permits approximately 1.1 * 1012 possible keys. Exportable cipher suites. These cipher suites are weak, but may be exported to most countries They provide the strongest encryption available for exportable products Was broken in few hours!!!

SSL Handshake An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client using public-key techniques, then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows. Optionally, the handshake also allows the client to authenticate itself to the server.

SSL Handshake Steps 1 1. The client sends the server the client's SSL version number, cipher settings, randomly generated data, and other information the server needs to communicate with the client using SSL. 2. The server sends the client the server's SSL version number, cipher settings, randomly generated data, and other information the client needs to communicate with the server over SSL. The server also sends its own certificate and, if the client is requesting a server resource that requires client authentication, requests the client's certificate. 3. The client uses the information sent by the server to authenticate the server. If the server cannot be authenticated, the user is warned. 4. Using data generated in the handshake, the client creates the premaster secret for the session, encrypts it with the server's public key and sends the encrypted premaster secret to the server. 5. The server uses its private key to decrypt the premaster secret, It generates the master secret from the premaster secrete. The client does it too.

SSL Handshake Steps 2 6. Both the client and the server use the master secret to generate symmetric session keys, keys used to encrypt and decrypt information exchanged during the SSL session and to verify its integrity. 7. The client sends a message to the server informing it that future messages from the client will be encrypted with the session key. It then sends a separate (encrypted) message indicating that the client portion of the handshake is finished. 8. The server sends a message to the client informing it that future messages from the server will be encrypted with the session key. It then sends a separate (encrypted) message indicating that the server portion of the handshake is finished. 9. The SSL handshake is now complete, and the SSL session has begun. The client and the server use the session keys to encrypt and decrypt the data they send to each other and to validate its integrity.

VPN

What is a VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (such as the Internet), maintaining privacy using encryption and, tunneling protocol and security procedures to connect users securely “virtual” implies that there is no physical connection between the two networks; Instead connections routed through the Internet “private” implies that the transmitted data is kept confidential (encryption and secured tunneling) “network” implies communication medium using private, public,wired, wireless, Internet or any resource available

Why use a VPN? Low-cost Secured and reliable communication Dynamic access to private networks Such access would otherwise only be possible Using expensive leased dedicated lines provided by telephone companies point to point dedicated digital circuit Dialing into the local area network (LAN)

Cost Advantage 3 year cost for a direct network $360,000 3 year cost for a VPN $169,000

What a VPN Needs VPNs must be encrypted VPNs must be authenticated so no one can read it VPNs must be authenticated No one outside the VPN can alter the VPN All parties to the VPN must agree on the security properties

VPN Structure Variety of users and several locations VPN Extranet Business Partner Mobile User Internet Central Site VPN Site-to-Site Remote Office DSL Cable GOAL: Security network connection

VPN Tunnelling VPNs are created by establishing virtual circuits between endpoints across the Internet Three types of VPN Protocols used for tunnelling PPTP (Point-to-Point Tunnelling Protocol) L2TP (Layer 2 tunnelling Protocol) IPSec (Internet Protocol Security)

Honeypots

Introduction to Honeypots Security has traditionally focused on defensive actions, such as firewall, IDS, and encryption, the bad guys have the initiative. Organizations could only sit and wait for a failure in their defenses. The purpose of a Honey Pot is to give victims an alternative A honeypot is a resource which pretends to be a real target It is expected to be attacked or compromised The main goals are the distraction of an attacker and the gain of information about an attacker, his methods and tools

Example Honeypots The Deception Toolkit Specter Mantrap (Recourse) http://www.all.net/dtk/dtk.html Specter http://www.specter.com Mantrap (Recourse) http://www.recourse.com

Honeynet Network of honeypots Supplemented by firewalls and intrusion detection systems Advantages: “More realistic” environment Improved possibilities to collect data The systems used within the Honeynet are actual production systems. Nothing is emulated, nor is anything done to make the systems more insecure.

Advantages A honeynet allows you to see traffic that bypasses network firewalls A Honeynet allows you to see traffic that does not trigger an IDS alert This data is collected for follow-on analysis

Entrapment? Since use of a Honeynet may be considered as entrapment there is usually no prosecution of an attacker The purpose is only to learn However, a honeynet operator cannot be held criminally liable for ‘entrapment’. Applies only to law enforcement Even then, most legal authorities consider Honeynets non-entrapment. Since there is little difference from systems within Honeynet and systems at many organizations it is possible to generalize from the observations on a Honeynet Nothing is done to lure blackhats, they attack on their own initiative.

Liability Any organization may be liable if a Honeynet system is used to attack or damage other non-Honeynet systems. Decided at state level, not federal Civil issue, not criminal This is why the Honeynet Project focuses so much attention on Data Control.

The Enemy Honeynets are success because of the vast number of random attacks Many blackhats randomly probe the Internet searching for a known vulnerability. Only 1 percent of systems may have this vulnerability. However, if you scan over 1 million systems, you can potentially hack into 10,000 computers The bottom line is that if a system has been connected to the internet for more than 24 hours it has been probed.

Autorooters The tactic identified by honeynets is a simple one. A majority of blackhats randomly scan the Internet for a specific weakness; when they find it, they exploit it. They focus on a specific vulnerability, perhaps the only one they know. Sometimes, they use tools released for mass scanning and scan millions of systems until they find potential targets. Most of the tools are simple to use and automated, requiring little interaction. You launch the tool and come back several days later to obtain your results. The blackhat community even has a name for these types of tools: autorooter

Autorooter Tools Autorooter tools automate the process of probing, identifying, and attacking systems into one package Once launched, these automated tools spend hours doing the work for the blackhat. For example, one UNIX honeypot was compromised via the rpc.statd vulnerability. The blackhats then attempted to use the honeypot as a platform to scan and to exploit other systems on the Internet with the same vulnerability using a autorooter This tool even automated the process of downloading and installing a rootkit, ensuring ownership of the compromised system. In a four-hour period, the tool attempted to scan more than 500,000 systems.

Tool Distribution The blackhat community has developed advanced means of distributing these tools and teaching others how to use them. Two extremely common methods are Web sites and IRC channels. Blackhats set up Web sites to distribute these tools, so anyone on the Internet can easily access them. These underground Web sites are often set up on compromised systems. Little do administrators know it, but often their compromised systems are being used to distribute gigabytes of data to the blackhat community.

Risks Honeynets can introduce risk to an environment. Require constant maintenance and administration. Data Analysis, a single compromise on average requires 30-40 hours analysis.

How it works A highly controlled network where every packet entering or leaving is monitored, captured, and analyzed. Any traffic entering or leaving the Honeynet is suspect by nature There are two critical elements to every Honeynet. Control. The ability to automatically control every inbound and outbound connection. Capture. The ability to capture all network and system activity.

Data Control Firewall and Router are used to control connections. Inbound: Allow anything inbound or mirror an organizations production firewall. Outbound: Limit the amount of connections that can be initiated from the Honeynet network outbound For example, the response to an outbound connection should be like this:

Data Capture Data must be captured at layers, no single layer can provide all the information. Firewall logs Router logs IDS Network captures and alerts System activity and logging Keystroke logging Forensic Analysis For example, keystroke capture might look like:

Typical Honeynet Internet Router Windows NT Windows 98 IDS Log/Alert Server Solaris Linux

Helpful Social Engineering Since the goal is to encourage the hacker to enter the honeynet it should be made attractive A variety of measures can be taken to create a more realistic environment. Place production systems in the Honeynet Subscribe accounts to maillists Add cronjobs to generate system activity Place offline systems (previous production hosts) on the Honeynet

Results 1 The Honeynet Project runs a honeypot looking for information about attack modes. Expected life expectancy of default installation of Red Hat 6.2 server; 72 hours. Fastest time for a honeypot to be hacked; 15 minutes. Averaged 17 NetBIOS scans a day. Windows98 with sharing enabled compromised 5 times in 4 days

Results 2 A honeynet set up at George Institute of Technology has proven to be very helpful in maintain the overall security of systems at the school Detected 158 compromised systems on campus since establishment of Honeynet Most instances have been result of network worms Have seen numerous instances of actual hacker attacks and successful compromises of Georgia Tech Honeynet Systems

Results 3 59 possible exploited machines have been detected at Georgia Tech in previous 3 months (4th quarter 2003) Detected 26 computer irc-bot warez network on campus in November 2003 Method of compromise was researched and a report of the compromise was produced for OIT and other interested parties A report is made to OIT on each suspected compromise

Georgia Tech Example On 1 June, 2003 a Red Hat 6.2 system was compromised on the Honeynet via a FTP exploit Hacker gained root access and was able to install a rootkit The installed rootkit ‘r.tgz’ was a blended rootkit Contained elements of kernel and binary rootkits No previous record of this rootkit found on the Internet

Georgia Tech Response 1 Any traffic to honeynet is suspicious, with the exception of campus snmp and security tools Campus machine attempting to connect to honeynet machine is most likely compromised Traffic between campus machine and Honeynet is analyzed

Georgia Tech Response 2 A campus machine attempting to connect to all the machines on the Honeynet is most definitely compromised. If exploit is successful, record of compromise will be retrieved from the Honeynet for follow-on analysis A report will be made to campus network security and interested parties on suspect compromised ip addresses