Secure Authentication A Brief Overview PacNOG I Workshop June 22, 2005 Nadi, Fiji Hervey Allen.

Slides:

Advertisements

Similar presentations

Data Encryption Data In Transit / Data At Rest. Learning Outcomes How to: – encrypt data on an USB key – encrypt a document – a document safely.

Advertisements

Chapter 17: WEB COMPONENTS

CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.

File Transfer and Use of Clear Text Passwords Update NERSC Users Group Meeting Stephen Lau NERSC June 21, 2015.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

John Degenhart Joseph Allen.  What is FTP?  Communication over Control connection  Communication over Data Connection  File Type  Data Structure.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

Remote access and file transfer Getting files on and off Bio-Linux.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

February 2006Colby College ITS Using FTP. February 2006Colby College ITS Topics FTP Options at Colby For Mac Users For Windows Users.

Telnet/SSH: Connecting to Hosts Internet Technology1.

CS 350 Chapter-6. A brief history of TCP/IP 1983 TCP/IP came to ARPAnet ARPAnet and MILNET dissolved in 1990 BSD UNIX.

Internet-Based Client Access

 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

Security & Cryptographic Methods PacNOG 6 Hervey Allen PacNOG 6 Hervey Allen.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.

Secure Shell for Computer Science Nick Czebiniak Sung-Ho Maeung.

SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

TELE 301 Lecture 17: FTP … 1 Overview Last Lecture –Remote Terminal Services (SSH) This Lecture –File transfer and web caching Next Lecture –Directory.

CHAPTER 10 Session Hijacking. INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other.

Network Security: Lab#3 Transport-Level Security Tools J. H. Wang May 12, 2011.

NETWORKING IN LINUX. WHAT IS LINUX..? Freely implemention of UNIX-like Kernel. Free & Open source Software. Developed by Linus Torvalds in 1991.

Internet Business Foundations © 2004 ProsoftTraining All rights reserved.

Tunneling and Securing TCP Services Nathan Green.

CHAPTER 9 Sniffing.

G CITRIXHACKIN. Citrix Presentation Server 4.5 New version is called XenApp/Server Common Deployments Nfuse classic CSG – Citrix Secure Gateway Citrix.

1 Remote Access Telnet Telnet FTP FTP. 2 Applications and Communications Telnet Telnet  Program for accessing systems remotely.  Available on Windows.

ORAFACT The Secure Shell. ORAFACT Secure Shell Replaces unencrypted utilities rlogin and telnet rsh rcp Automates X11 authentication Supports tunneling.

FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.

Phil Hurvitz Securing UNIX Servers with the Secure.

AfNOG 2007 Abuja Secure Authentication A Brief Overview AfNOG 2007 April 26, 2007 Abuja, Nigeria Hervey Allen.

LO1 Know types of Network Systems and Protocols. Application Layer Protocols.

Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.

File Manager A Robust User Interface to the Stanford Microarray Database (SDM) M.S. Pilot Adviser: M. W. Berry John Clayton England, III 04/10/2003.

FileZilla Introduction to Web Programming Kirkwood Community College Fred McClurg © Copyright 2015, Fred McClurg, All Rights Reserved.

Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.

Application of the Internet 1998/12/09 KEIO University, JAPAN Mikiyo

On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer

JLAB Password Security Ian Bird Jefferson Lab HEPiX-SLAC 6 Oct 1999.

Feeling RESTful? Well, first we’ll define a Web Service –A web page meant to be consumed by a computer via an autonomous program as opposed to a web browser.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

Secure Authentication A Brief Overview PacNOG 6 Workshop Nadi, Fiji Hervey Allen.

COSC 432 Shi Li 12/8/2008. File Transfer Protocol (FTP) Used to transfer files and data between computers via internet Defined as RFC959 Developed in.

PuTTY Introduction to Web Programming Kirkwood Continuing Education by Fred McClurg © Copyright 2016, All Rights Reserved ssh client.

Communication protocols 2. HTTP Hypertext Transfer Protocol, is the protocol of World Wide Web (www) Client web browser Web server Request files Respond.

Secure services Unit-IV CHAP-1

Ssh: secure shell.

Instructor Materials Chapter 5 Providing Network Services

Development of Web Applications - Introduction

Hillsborough Community College

FTP - File Transfer Protocol

Aplikasi Jaringan.

Telnet/SSH Connecting to Hosts Internet Technology.

File Transfer Protocol

Chapter 4 Core TCP/IP Protocols

Topic 5: Communication and the Internet

Lab 7 - Topics Establishing SSH Connection Install SSH Configure SSH

CGS 3175: Internet Applications Fall 2009

SSH – the practical solution

HACKIN G CITRIX.

Lecture 14: JSON and Web SERVICES

Chapter 7 Network Applications

Computer Networks Protocols

MESSAGE ACCESS AGENT: POP AND IMAP

Presentation transcript:

Secure Authentication A Brief Overview PacNOG I Workshop June 22, 2005 Nadi, Fiji Hervey Allen

What are we talking about? Any service you run that authenticates should not do so in the clear. This includes: – pop – imap – shell login – file transfer – web login (think webmail) – sending (think smtp)

Some replacements – POP ==> POPS with ssl cert (port 110 vs. 995) – imap ==> imaps with ssl cert (port 143 vs. 993) – smtp authed with TLS (port 465/other vs. 25) – telnet ==> ssh – ftp ==> sftp or scp – http login via https with ssl cert – http upload is harder – anonymous ftp is OK. Watch uploads

Avoiding the ssh tunnel SSH tunneling is cool and powerful, but can circumvent some secure practices and is hard for most users. You can use pops, imaps, and smtp with tls to remove the need for most ssh tunnels. This can avoid the need for users doing this. ssh -C -f -L 1100:localhost:110 sleep 10000

It can be painful... Windows has no built-in ssh/sftp/scp client. This can make secure shell login requirements painful. For secure web login simply force the login page to be https. Most scripting and programatic interfaces make this easy. In PHP: if ($_SERVER["HTTPS"] != 'on') { header("Location: \.$_SERVER['PHP_SELF']."?referrer=$referrer"); }

But, it's worth it Start to get your user community used to the idea of “no passwords in the clear” Has the potential to steer your organization clear of potential liability issues in the future. You'll sleep better at night... ;-)