security

Introduction to Network/Linux Security : Introduction to Network/Linux Security Christian Benvenuti International Center for Theoretical Physics (ICTP), Trieste, Italy christian.benvenuti@libero.it Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU


Overview : Overview What is computer security? Kind of security services one might desire What kind of attacks should we try to protect a computer against? What are the available protection strategies available? What can we expect for the future?


What is computer security? : What is computer security? A computer is secure if you can depend on it and its software to behave as you expect. If you do not know what you are protecting, why you are protecting it, and what you are protecting it from, your task will be rather difficult!


Kind of security one might desire : Kind of security one might desire Authentication Confidentiality (Privacy) Integrity Availability Non-Repudation Auditing


Authentication : Authentication Authentication is the process of reliably verifying the identity of someone (or something) by means of: A secret (password [one-time], ...) An object (smart card, ...) Physical characteristics (fingerprint, retina, ...) Trust Do not mistake authentication for authorization!


Integrity Vs Confidentiality : Integrity Vs Confidentiality Integrity Protecting information from being deleted or altered in any way without the permission of the owner of that information. Confidentiality Protecting information from being read or copied by anyone who has not been explicitly authorized by the owner of that information.


Availability : Availability If the system is unavailable when an authorized user needs it, the result can be as bad as having the information that resides on the system deleted!


Non repudation : Non repudation The ability of the receiver of something to prove to a third party that the sender really did send the message.


Auditing : Auditing The ability to record events that might have some security relevance. In such cases, you need to determine what was affected. In some cases, the audit trail may be extensive enough to allow 'undo' operations to help restore the system to a correct state.


What kind of attacks should we try to protect a computer against ? : What kind of attacks should we try to protect a computer against ? Physical Security Lockers, BIOS, weather, ... Personnel security Operating System security Network security


Personnel security : Personnel security All the security violations have one common characteristic: They are caused by people! Training, Auditing, Least Privilege, ...


Operating System Security (1/3) : Operating System Security (1/3) To fix bugs into applications/O.S. takes longer than writing the applications/O.S. themselves. What does it mean !?!?!?


Operating System Security (2/3) : Operating System Security (2/3) Users, Groups and Passwords Shadow suite The root account needs special care Securetty, wheel, 'su' restrictions Variable delay on failures (denial, ...) Restricted shells Linux (UNIX) filesystem Restricted filesystem Access control lists (ACLs) Append only / Immutable files Permissions SUID/GUID files (scripts)


Operating System Security (3/3) : Operating System Security (3/3) Auditing andamp; Logging


Some of the most common network services : Some of the most common network services DNS Apache NFS NIS/NIS+ Samba Telnet FTP Mail ... ... ...


Network Security: common attacks : Network Security: common attacks Interception Modification Intrusion Modification, Fabrication Denial of service Interruption Information theft


Security tools : Security tools Cryptography Symmetric Vs Asymmetric (Certificates ...) Kerberous Vs Secure RPC SSL (Secure Socket Layer) / SSH (Secure shell) IP Sec Firewalls andamp; Proxyes Ipchains/Iptable ... TCP Wrappers + UDP Relayers Pluggable Authentication Module It is a suite of shared libraries that enable the local system administrator to choose how applications authenticate users Kernel Level Security Log files (/var/log/*)


Cryptography: the solution for privacy : Cryptography: the solution for privacy The security is based on the secrecy of the key and sometimes of the alghoritms too.


CryptographySymmetric Vs Asymmetric : Cryptography Symmetric Vs Asymmetric Symmetric (Character based Vs Key based) The same password is used to both encrypt and decrypt Faster algorithms PROBLEM: key management is not easy Asymmetric (also called pubblic key algorithms) The password used to encrypt is different from the one needed to decrypt More secure It allows to have non-repudiation


Data Encryption Standard(DES) : Data Encryption Standard (DES) It is a symmetric algorithm Designed by IBM for the U.S. Government in 1977 It is based ona 56 bit key (why only 56?) Hardware Vs Software implementation How secure is DES? How much would a Des-Breaking engine would cost? Is it possible to make DES harder to break in? How does it work?


RSA(Rivest, Shamin, Adleman) : RSA (Rivest, Shamin, Adleman) It is an asymmetric algorithm Variable Key Lenght (512 default) It is based on the fact that it is VERY hard (impossible?) to factor a big number in a reasonable amount of time It has NOT been demonstrated to be safe, but ...


Secure Shell (ssh) : Secure Shell (ssh) It is a secure protocol for secure remote login over an insecure network It can provide: Multiple strong authentication methods Authentication of both ends of connection Pubblic key – Password – Host Encryption and compression of data Tunnelling and encryption of arbitrary connections Negotiations


Secure Socket Layer (SSL) : Secure Socket Layer (SSL) It is a protocol developed by Netscape for secure transactions across the Web It is based on a public encryption algorithm There are free SSL implementations Many servers have not SSL built in, and there is a reason for that!


Security of cryptographic algorithms : Security of cryptographic algorithms Let us define the lifetime of an information as the amount of time the information should be kept secret. An encryptioncan cab be considered secure if the time to break it (for ex. with a brute force attack) is reasonably longer than the lifetime of the information contained in the plain text.  


Wrappers : Wrappers Main idea: Limit the amount of information reaching a network-capable progam/application. Why should we use wrappers? Two common wrappers: TCP Wrapper Socks


What can you do with the TCP-Wrapper? : What can you do with the TCP-Wrapper? Remote warning banner Double reverse lookup of the IP address Access Control List (/etc/hosts.allow + /etc/hosts.deny) Identd protocol Advanced use of the Syslog logger Run a command Additional wrappers PROCESS OPTION


TCP-Wrapper: downside : TCP-Wrapper: downside Poor UDP handling IP Spoofing The destination IP address is not used


Socks : Socks It is a system that allows computers behind a firewall to access services on the Internet (Only TCP based services)


Firewall (1/3) : Firewall (1/3) The goal is to reduce the risk of a security attack from the outside.


Firewall: Bastion Host (2/3) : Firewall: Bastion Host (2/3)


Firewall: Packet filtering (3/3) : Firewall: Packet filtering (3/3)


References : References The pictures have been taken from this book: Practical Unix andamp; Internet Security, 2nd edition, O’Reilly andamp; Associates (1996)