logging in or signing up SIG2 Portknock Jolene Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 144 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: September 29, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Remote Server Access using Dynamic Port Knocking and Forwarding : Remote Server Access using Dynamic Port Knocking and Forwarding Tan Chew Keong, SIG2 Vice-President Ching Tim Meng (CISA, CISSP)Agenda of this presentation: Agenda of this presentation What is port knocking Some port knocking implementations SIG2’s implementation Demo Uses for port knockingWhat is Port Knocking? : What is Port Knocking? “Port knocking is a method of establishing a connection to a networked computer that has no open ports . Before a connection is established, ports are opened using a port knock sequence, which is a series of connection attempts to closed ports.” portknock.orgWhat is Port Knocking? (Cont’): What is Port Knocking? (Cont’) “Port knocking is a clever new computer security trick. It's a way to configure a system so that only systems who know the secret knock can access a certain port.” Crypto-Gram March 15, 2004Why Port Knock?: Why Port Knock? Most public servers may need to have remote management service for administrators to administer the servers. However, having additional services on hardened servers is not a good security practise. Unpatched services may be exploited to compromise the server.Why Port Knock? (Cont’): Why Port Knock? (Cont’) For up-to-date services, no guarantee that further vulnerabilities will not be discovered. Port knocking may be used to remotely enable/disable the service as required (on-demand basis). Minimizes the exposure time of the “additional service”.How does Port Knocking works?: How does Port Knocking works? Client Web Server Port 22 open Step One SSH connection Port 80 open Pre-defined port knock sequence Step Three Step TwoSome Implementations: Some Implementations KnockD - A simple port-knocking daemon cd00r.c – FX SAdoor – A non listening remote shell and execution server by CMN portknock – Martin KrzywinskiKnockD: KnockD http://www.zeroflux.org/knock/ [opencloseSSH] sequence = 2222:udp,3333:tcp,4444:udp seq_timeout = 15 tcpflags = syn,ack start_command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --syn -j ACCEPT cmd_timeout = 10 stop_command = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --syn -j ACCEPT Problem: Sequence is hard-codedcd00r.c – FX: cd00r.c – FX http://www.phenoelit.de/stuff/cd00r.c POC code uses TCP SYN knocks. /* the code ports. * These are the 'code ports', which open (when called in the right order) the * door (read: call the cdr_open_door() function). * Use the notation below (array) to specify code ports. Terminate the list * with 0 - otherwise, you really have problems. */ #define CDR_PORTS { 200,80,22,53,3,00 } Problem: Sequence is hard-coded SAdoor: SAdoor http://cmn.listprojects.darklab.org Comprehensive and well-written port knocking implementation. Need to pre-configure knock sequence and distribute to clients. Problem: Sequence is STILL hard-codedSAdoor (Cont’): SAdoor (Cont’) -- Begin /etc/sadoor/sadoor.pkts # Key packet 1 keypkt { ip { daddr = 192.168.1.4; saddr = 192.168.1.1; icmp { type = 8; } } } # Key packet 2 keypkt { ip { daddr = 192.168.1.4; saddr = 192.168.1.1; tcp { flags = SYN; dport = 80; sport = 3456; } } } portknock: portknock http://www.portknocking.org/ Supports encryption of knock packets Uses various variables to generate unique knock sequence: Client IP, destination port, random number, second, minute, hour, day, month, year and checksum The most comprehensive implementation of all Problem: Encryption key is at server level and knock sequence can be longSecurity issues …: Security issues … Port knock sequence is a shared secret between the client and the server. Port knock sequence can be sniffed and replayed. All previous mentioned implementations (except portknock) used a fixed sequence at SERVER level. No unique sequence among users.More security issues …: More security issues … Need to pre-configure client programs to send the right sequence. If the client programs is stolen and disassembled … If a user is no longer trusted, new sequence has to be redistributed. May need to rely on a large number of knock packets to prevent “brute-force” of the knock sequence. Consider problem of sending many IP packets over Internet and expect them to arrive in the correct sequence.Our Implementation: Our Implementation Our implementation does not rely on sending a pre-defined secret sequence of port knocks to daemon. Instead, each user has a shared password with the daemon. When user wants to connect to the server, client program will generate a random knock sequence and “declare” them to the daemon.Our Implementation (Cont’): Our Implementation (Cont’) This sequence is encrypted using user’s password hash, and sent them to daemon. Users who are no longer trusted can be easily removed from the system, i.e. no need to redistribute new sequence. Port to access hidden service is NOT fixed, reduces chance of attack on service.Design Considerations: Design Considerations Encryption 128-bit AES with MD5 of user’s password hash. Dynamic Knock Sequences 3 TCP SYN packets. Trade-off between using few packets (sequence problem) and “brute-force” attacks. Use both port numbers and ISN.Design Considerations (Cont’): Design Considerations (Cont’) Replay attacks Time stamp in packet P1, P2 and P3. Computational Resource Starvation Discard invalid packets as early as possible in processing loop. But adversary can still replay P1 to cause daemon to perform decryption repeatedly. Connection from unauthorized IP Port assigned to user is not fixed and accepts connections only from user’s IP. Minimizes possibility of adversary finding the open port.Implementation: Implementation Daemon listens promiscuously using libpcap/winpcap. Linux daemon implemented with privilege separation. Linux client needs to run with suid root, but privilege is dropped immediately upon acquiring RAW socket.Implementation (Cont’): Implementation (Cont’) Windows daemon runs as service with LOCAL SYSTEM privilege (?!?!!!?!) “It is a feature, not a bug.” Windows client need to run as Administrator to use RAW sockets.DEMO: DEMO Linux Daemon with Win32 ClientPossible Enhancements: Possible Enhancements Certificate-based authentication instead of using shared password. Resource starvation attacks need to be carefully handled here (modular exponentiation is an expensive operation). TCP SYN knocks may no longer be required. Daemon can act on receiving properly encrypted packets.Possible Enhancements (Cont’): Possible Enhancements (Cont’) Port knock TCP wrapper, do not need to pre-configure list of allowed IP address. Port-knocking with port forwarding at IP layer – no open ports on internet facing server. Possible Enhancements (Cont’): Possible Enhancements (Cont’) Different port knocks send instructions to server to execute different programs or applications. Server to issue new knock sequence to use for next session instead of client choosing their own sequence.Questions????: Questions???? Any comments, questions or violent objections? … but wait!: … but wait! Is our implementation redundant???? Not covered in white paper … to be announced over this talk. The problem with our implementation is that …Better way …: Better way … Example adopted from banking system. Client first has a given sequence issued by server. Client port knock with the unique sequence. Server verify sequence, issue client with random port and a new unique sequence. Unique sequence can be used to identify different users. CPU-friendly for server.References: References Martin Krzywinski 2003. Port Knocking: Network Authentication Across Closed Ports. SysAdmin Magazine 12: 12-17. CMN, SAdoor - A non listening remote shell and execution server FX, cd00r.c Judd Vinet, KnockD - A simple port-knocking daemonFeedback: Feedback Feel free to give us feedback @ Chew Keong (chewkeong@security.org.sg) Tim Meng (cappella@mail.com) You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
SIG2 Portknock Jolene Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 144 Category: Entertainment License: All Rights Reserved Like it (1) Dislike it (0) Added: September 29, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Remote Server Access using Dynamic Port Knocking and Forwarding : Remote Server Access using Dynamic Port Knocking and Forwarding Tan Chew Keong, SIG2 Vice-President Ching Tim Meng (CISA, CISSP)Agenda of this presentation: Agenda of this presentation What is port knocking Some port knocking implementations SIG2’s implementation Demo Uses for port knockingWhat is Port Knocking? : What is Port Knocking? “Port knocking is a method of establishing a connection to a networked computer that has no open ports . Before a connection is established, ports are opened using a port knock sequence, which is a series of connection attempts to closed ports.” portknock.orgWhat is Port Knocking? (Cont’): What is Port Knocking? (Cont’) “Port knocking is a clever new computer security trick. It's a way to configure a system so that only systems who know the secret knock can access a certain port.” Crypto-Gram March 15, 2004Why Port Knock?: Why Port Knock? Most public servers may need to have remote management service for administrators to administer the servers. However, having additional services on hardened servers is not a good security practise. Unpatched services may be exploited to compromise the server.Why Port Knock? (Cont’): Why Port Knock? (Cont’) For up-to-date services, no guarantee that further vulnerabilities will not be discovered. Port knocking may be used to remotely enable/disable the service as required (on-demand basis). Minimizes the exposure time of the “additional service”.How does Port Knocking works?: How does Port Knocking works? Client Web Server Port 22 open Step One SSH connection Port 80 open Pre-defined port knock sequence Step Three Step TwoSome Implementations: Some Implementations KnockD - A simple port-knocking daemon cd00r.c – FX SAdoor – A non listening remote shell and execution server by CMN portknock – Martin KrzywinskiKnockD: KnockD http://www.zeroflux.org/knock/ [opencloseSSH] sequence = 2222:udp,3333:tcp,4444:udp seq_timeout = 15 tcpflags = syn,ack start_command = /usr/sbin/iptables -A INPUT -s %IP% -p tcp --syn -j ACCEPT cmd_timeout = 10 stop_command = /usr/sbin/iptables -D INPUT -s %IP% -p tcp --syn -j ACCEPT Problem: Sequence is hard-codedcd00r.c – FX: cd00r.c – FX http://www.phenoelit.de/stuff/cd00r.c POC code uses TCP SYN knocks. /* the code ports. * These are the 'code ports', which open (when called in the right order) the * door (read: call the cdr_open_door() function). * Use the notation below (array) to specify code ports. Terminate the list * with 0 - otherwise, you really have problems. */ #define CDR_PORTS { 200,80,22,53,3,00 } Problem: Sequence is hard-coded SAdoor: SAdoor http://cmn.listprojects.darklab.org Comprehensive and well-written port knocking implementation. Need to pre-configure knock sequence and distribute to clients. Problem: Sequence is STILL hard-codedSAdoor (Cont’): SAdoor (Cont’) -- Begin /etc/sadoor/sadoor.pkts # Key packet 1 keypkt { ip { daddr = 192.168.1.4; saddr = 192.168.1.1; icmp { type = 8; } } } # Key packet 2 keypkt { ip { daddr = 192.168.1.4; saddr = 192.168.1.1; tcp { flags = SYN; dport = 80; sport = 3456; } } } portknock: portknock http://www.portknocking.org/ Supports encryption of knock packets Uses various variables to generate unique knock sequence: Client IP, destination port, random number, second, minute, hour, day, month, year and checksum The most comprehensive implementation of all Problem: Encryption key is at server level and knock sequence can be longSecurity issues …: Security issues … Port knock sequence is a shared secret between the client and the server. Port knock sequence can be sniffed and replayed. All previous mentioned implementations (except portknock) used a fixed sequence at SERVER level. No unique sequence among users.More security issues …: More security issues … Need to pre-configure client programs to send the right sequence. If the client programs is stolen and disassembled … If a user is no longer trusted, new sequence has to be redistributed. May need to rely on a large number of knock packets to prevent “brute-force” of the knock sequence. Consider problem of sending many IP packets over Internet and expect them to arrive in the correct sequence.Our Implementation: Our Implementation Our implementation does not rely on sending a pre-defined secret sequence of port knocks to daemon. Instead, each user has a shared password with the daemon. When user wants to connect to the server, client program will generate a random knock sequence and “declare” them to the daemon.Our Implementation (Cont’): Our Implementation (Cont’) This sequence is encrypted using user’s password hash, and sent them to daemon. Users who are no longer trusted can be easily removed from the system, i.e. no need to redistribute new sequence. Port to access hidden service is NOT fixed, reduces chance of attack on service.Design Considerations: Design Considerations Encryption 128-bit AES with MD5 of user’s password hash. Dynamic Knock Sequences 3 TCP SYN packets. Trade-off between using few packets (sequence problem) and “brute-force” attacks. Use both port numbers and ISN.Design Considerations (Cont’): Design Considerations (Cont’) Replay attacks Time stamp in packet P1, P2 and P3. Computational Resource Starvation Discard invalid packets as early as possible in processing loop. But adversary can still replay P1 to cause daemon to perform decryption repeatedly. Connection from unauthorized IP Port assigned to user is not fixed and accepts connections only from user’s IP. Minimizes possibility of adversary finding the open port.Implementation: Implementation Daemon listens promiscuously using libpcap/winpcap. Linux daemon implemented with privilege separation. Linux client needs to run with suid root, but privilege is dropped immediately upon acquiring RAW socket.Implementation (Cont’): Implementation (Cont’) Windows daemon runs as service with LOCAL SYSTEM privilege (?!?!!!?!) “It is a feature, not a bug.” Windows client need to run as Administrator to use RAW sockets.DEMO: DEMO Linux Daemon with Win32 ClientPossible Enhancements: Possible Enhancements Certificate-based authentication instead of using shared password. Resource starvation attacks need to be carefully handled here (modular exponentiation is an expensive operation). TCP SYN knocks may no longer be required. Daemon can act on receiving properly encrypted packets.Possible Enhancements (Cont’): Possible Enhancements (Cont’) Port knock TCP wrapper, do not need to pre-configure list of allowed IP address. Port-knocking with port forwarding at IP layer – no open ports on internet facing server. Possible Enhancements (Cont’): Possible Enhancements (Cont’) Different port knocks send instructions to server to execute different programs or applications. Server to issue new knock sequence to use for next session instead of client choosing their own sequence.Questions????: Questions???? Any comments, questions or violent objections? … but wait!: … but wait! Is our implementation redundant???? Not covered in white paper … to be announced over this talk. The problem with our implementation is that …Better way …: Better way … Example adopted from banking system. Client first has a given sequence issued by server. Client port knock with the unique sequence. Server verify sequence, issue client with random port and a new unique sequence. Unique sequence can be used to identify different users. CPU-friendly for server.References: References Martin Krzywinski 2003. Port Knocking: Network Authentication Across Closed Ports. SysAdmin Magazine 12: 12-17. CMN, SAdoor - A non listening remote shell and execution server FX, cd00r.c Judd Vinet, KnockD - A simple port-knocking daemonFeedback: Feedback Feel free to give us feedback @ Chew Keong (chewkeong@security.org.sg) Tim Meng (cappella@mail.com)