1 Emulab Security. 2 Current Security Model Threat model: No malicious authenticated users, Bad Guys are all “outside” –Protect against accidents on the.

Slides:

Advertisements

Similar presentations

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Advertisements

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.

FIREWALLS Chapter 11.

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

5-Network Defenses Dr. John P. Abraham Professor UTPA.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

NCAR National Center for Atmospheric Research 1 Security At NCAR Pete Siemsen National Center for Atmospheric Research November 22, 1999.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

System and Network Security Practices COEN 351 E-Commerce Security.

Chapter 12 Network Security.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey

Information Security in Real Business

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

COEN 252: Computer Forensics Router Investigation.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Department Of Computer Engineering

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

COEN 252 Computer Forensics

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

1 Defining Network Security Security is prevention of unwanted information transfer What are the components? –...Physical Security –…Operational Security.

Chapter 13 – Network Security

COEN 252 Computer Forensics Collecting Network-based Evidence.

Honeypot and Intrusion Detection System

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.

Firewall Security.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.

Module 11: Designing Security for Network Perimeters.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

Security fundamentals Topic 10 Securing the network perimeter.

Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

Access Network Devices Remotely— Even if the Network is Down— with Out-of-Band Management.

R. Krempaska, October, 2013 Wir schaffen Wissen – heute für morgen Controls Security at PSI Current Status R. Krempaska, A. Bertrand, C. Higgs, R. Kapeller,

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Security fundamentals

Advanced Endpoint Security Data Connectors-Charlotte January 2016

CompTIA Security+ Study Guide (SY0-401)

Introduction to Networking

Security in Networking

CompTIA Security+ Study Guide (SY0-401)

6. Application Software Security

Presentation transcript:

1 Emulab Security

2 Current Security Model Threat model: No malicious authenticated users, Bad Guys are all “outside” –Protect against accidents on the “inside” –Provide prudent protection from the “outside” We are a research facility, must balance security and openness –Cannot close all network ports –Cannot (always) take away root privilege

3 Current Security Model (cont.) We can observe basic security hygiene –No cleartext passwords –Firewall from the outside world –Restrict access to critical infrastructure services Happily, experiment isolation and security are synergistic –Experiment private VLANs –Reloading disks between experiments

4 Local node security Protect against accidental breaches of confidentiality, integrity, and availability Malicious violations handled through non- technical means

5 Wide-area node security Not under our physical or administrative control –Limited control over who accesses a node –Node may or may not be firewalled –Not just us who looks bad if there is an “incident” –Bottom line: must be more cautious! Use authenticated network protocols Restrict privilege of Emulab users on nodes

6 User Security Potential new users must be part of an informal “chain of trust” New users verified with a key in All interaction with the testbed done using secure protocols Projects are separated from each other Users allowed to access only one server, critical services run on another

7 Node Security Physical nodes are not shared between experiments Use a shared filesystem (NFS), but export only appropriate directories from the server Node disks are reloaded and nodes rebooted when released from an experiment

8 Network Security Use VLANs on the experimental network to enforce isolation Control network divided into 5 subnets with firewalling in between –“External” VLAN for link to the outside world –“Device” VLAN for SNMP devices –“Private” VLAN for boss node and critical servers –“Public” VLAN for user-accessible nodes –“Node” VLAN for the nodes

9

10 Network Security (cont.) MAC security on node control net –Nodes cannot spoof other active MAC addresses Basic egress/ingress filtering –Nodes cannot spoof external IP addresses

11 Emulab Security The Future

12 Flaws: current threat model Assumption: “Only good, though sometimes careless, people on the inside” Node control net –Interface is visible, and desirable, to applications –Shared by all nodes in all experiments Vulnerable services on the private VLAN –Always-a-popular-target web server on the same net/host as central DB, power controllers, switches

13 Flaws: relaxed threat model Assumption: “Anything goes” Node control net –Spoofing/interfering with infrastructure services Vulnerable services on the private VLAN –Direct attacks on unauthenticated services: TFTP, tmcc, event system Cracking user logins on ops node –Exposes all user files as ops is FS server –Exposes user ssh keys, can get to any node

14 More exotic threats Switch DOSin' –Directed attacks on the switch infrastructure –Could affect switching performance –Could also prevent reconfiguration of a switch (this has happened to us!) BIOS whackin' –Attempt to corrupt or infect the BIOS –Stash trojans in non-volatile memory –Can it be done?

15 Fixing the current flaws Secure the control net –Per-experiment VLANs ala the experimental net Address vulnerable services –Get web server off of private net –Design narrow, proxy interfaces to critical services –Eliminate local shared file storage or replace NFS –Eliminate local server logins Secure the hardware –Configure a small pool of directly connected nodes –Ensure BIOS modification requires manual labor –PCs with Trusted Platform Modules?

16 Worms and Virii: dealing with the Really Bad S**t Need to protect, not just us, but the Internet Cannot just fix flaws we know about, must assume there are worse ones we don't know Need support for Microsoft Windows –Cannot have chaos and destruction without it! What do we do?

17 Emulab experiment today

18 Solution #1: firewalls Create a virtual control net for an experiment and interpose a gateway “firewall node” Could be implicitly or explicitly configured Allows external access and monitoring of an experiment Flexible, but still vulnerable

19 Firewalled Experiment

20 Solution #2: “Emulab Unplugged” Run an experiment in a completely disconnected fashion Regular control net is used to configure the experiment, and is then disabled Only access via serial line –Might not work so hot for Windows –Watch out for escape sequence attacks!

21 Isolated Experiment

22 Monitoring and control How do we observee and control the behavior of hard cases? Switch statistics (if using a switch) Interposed “monitor nodes” Applications running on the nodes (how far can you trust them?) Postmortem analysis –Remote nodes into MFS, examine filesystems

23 Limitations of our environment Using PCs as routers in topologies –Can they keep up? –Will they alter the behavior of the worm/virus? Emulab-savvy worms –Is Emulab too easy to detect? –Do we need to disguise our environment?