security issues on distributed systems mrl9903

7 August, 1999 S 1

Security Issues on Distributed Systems

Prepared by : Lorrien K. Y. Lau

Student I.D. : 97077200

7 August 1999

The Chinese University of Hong Kong

Department of Computer Science and Engineering

7 August, 1999 S 2

Security Issues on Distributed Systems

- Objective

- What is “Firewall” ??

• Definition and goals

- Firewall Testing

• Methodology

• Design ( Hardware / Software/Configuration Setup) and Policy

• Performance and Security Testing

- Result Analysis

- Future Work and Conclusion

- Q & A

Agenda

7 August, 1999 S 3

Security Issues on Distributed Systems

Objective

- To survey on the various distributed systems security related topics such as encryption and decryption schemes and firewall in the literature review

- To evaluate the security control of different firewall configurations by doing testing on firewall with different security levels and proxy service

-To investigate the impact of different levels of firewall security and measures on the performance of firewall system

-To determine how well the various firewall systems in guarding the private network against some potential external attacks and scanning

- To examine and try to deduce a relationship between security and performance from the testing result

7 August, 1999 S 4

Security Issues on Distributed Systems

What is “Firewall” ?

Definition:

- Logically, a firewall is a separator, a restricter, an analyzer that are used to protect the internal network against any attack. Usually installed at a point where the protected internal network connects to the Internet

- A system, either software or hardware or both, that enforces access control policy between two networks.

-The manifestation of a company security policy

7 August, 1999 S 5

Security Issues on Distributed Systems

What is “Firewall” ?

Goals:-to restrict people to entering at a carefully controlled point

-to prevent intruders from getting close to your other defenses

-to restrict people to leaving at a carefully controlled point

Acts a castle used to prevent us from the outside attacks.

7 August, 1999 S 6

Security Issues on Distributed Systems

Firewall Testing - Methodology

- Setting up firewall with 7 different security levels by using different firewall policies , Level 1 < Level 2 …. < Level 7, by

• Screening rules set into the router

• Proxy server / system configurations

- Performance Testing - test the network performance against different security levels of firewall with FTP, HTTP

- Security Testing - verify the security levels by using network scanners such as “SAINT”, “NESSUS” and BSB monitor ..etc

7 August, 1999 S 7

Security Issues on Distributed Systems

Firewall Testing - Design

Test Bed Setup, HW, SW :

Firewall Server - Linux, FWTKHome - Linux

Router

Internet

Outside Attacker B

Outside Attacker C

Outside Attacker A

7 August, 1999 S 8

Security Issues on Distributed Systems

Firewall Testing - Policy

Firewall Policy 1- PERMIT any service unless it is expressly denied- Provide the maxi flexibility/access for internal & external users.

Firewall Policy 2- PERMIT any service unless it is expressly denied (same as config 1)- Disallow some problem service accesses from outside, but still provide flexible/easy access from outside, but no restriction on access from internal network to the Internet

7 August, 1999 S 9

Security Issues on Distributed Systems

Firewall Testing - Policy 2

Screening rules at router for Firewall policy 2- No ip source routing- No ip spoofing (e.g. traffic from mail server to pc89180)- Deny DNS(TCP) traffic from outside- Deny TFTPD(UDP) from outside to port 69- Deny link (TCP) from outside to port 97- Deny SunRPC(UDP) & NFS(TCP) from outside to port

111 & 2049- Deny lpd(TCP) from outside to port 515- Allow ALL others from outside to the pc89180 and email- Allow ALL traffic from the internal network to outside- IP Masquerader - IP being translated at the gateway

7 August, 1999 S 10

Security Issues on Distributed Systems

Firewall Testing - Policy 3

Firewall Policy 3 (Level 2 +)- PERMIT any service unless it is expressly denied (same as config. 2)- An additional protection is added with ‘proxy service’ enabled in the firewall server. Specific traffic is further shielded and screened by the proxy server installed.- Any traffic going into the private network would be pre-screened at the router first, then it would be passed into the proxy server for further authentication and screening. Security level is raised because the network traffic is examined by both the router and proxy server.

7 August, 1999 S 11

Security Issues on Distributed Systems

Firewall Testing - Policy 4 & 5

Firewall Policy 4 (Level 3+)- PERMIT any service unless it is expressly denied (same as config. 1)- Allow even more restricted access from outside, and deny from selected bad HOSTs from outside. - Deny ICMP traffic from outside ( in response to the nessus report)

Firewall Policy 5- DENY any service unless it is expressly permitted. (or we say "that is not expressly permitted is prohibited")- Deny all access from outside by default, but allow access from inside. - Permit only authorized IPs access to the private network

7 August, 1999 S 12

Security Issues on Distributed Systems

Firewall Testing - Policy 6 & 7

Firewall Policy 6 (Level 5 + )- DENY any service unless it is expressly permitted- A more restricted policy to permit outside access to certain port no.range only - e.g. restrict the TCP from outside at port > 1023 to pc89180 at port 80- Permit only authorized IPs access to the private network

Firewall Policy 7 (Level 6 + )- DENY any service unless it is expressly permitted- Provide the least flexibility and services to the internal users, but incorporate maxi protection on the LAN. - Restrict the internal users using some Internet services e.g. Telnet, TFPT

7 August, 1999 S 13

Security Issues on Distributed Systems

Firewall Testing - Performance Test

- Performance indicators: Total transaction time , Latency

- FTP protocol

• Data Transfer from outside FTP server

• 5 M data, connections 1 to 10

• 1 M data, connection 1 to 10

• 395 K data, connection 1, 5, 10, 20, 40

- HTTP protocol

• Data retrieval from outside , 38.9 K data, connection 1 to 300

7 August, 1999 S 14

Security Issues on Distributed Systems

Firewall Testing - Security Test

Tools : Network Scanner such as Nessus

7 August, 1999 S 15

Security Issues on Distributed Systems

Firewall Testing - Security Test

Nessus Setup Screen:

7 August, 1999 S 16

Security Issues on Distributed Systems

Firewall Testing - Security Test

Nessus - Attacks and Scanning to be choose :

7 August, 1999 S 17

Security Issues on Distributed Systems

Firewall Testing - Security TestNessus Result Report generated after attack and scanning :

7 August, 1999 S 18

Security Issues on Distributed Systems

Firewall Testing - Security TestSAINT - Security Administrator's Integrated Network Tool

7 August, 1999 S 19

Security Issues on Distributed Systems

Firewall Testing - Security TestBSB - Monitor :

7 August, 1999 S 20

Security Issues on Distributed Systems

Result Analysis - Security TestWhen summarying all the report from scanner, it found that

No. of warning and vulnerability count(s)

Level1 10

Level 2 9

Level 3 7

Level 4 6

Level 5 6

Level 6 3

Level 7 0

7 August, 1999 S 21

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by HTTP

With 395K data retrieval, under firewall policy/configuration 1

TL transaction time on average VS no. of connection under firewall configuration 1

-

20.00

40.00

60.00

80.00

100.00

120.00

140.00

160.00

x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300

No. of connection

TL

Tra

nsa

ctio

n t

ime

in

seco

nd

s

Cfg1

7 August, 1999 S 22

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by HTTP

With 395K data retrieval, under firewall configuration 1,2

TL transaction time VS no. of connections under firewall configuration 1 & 2

-

20.00

40.00

60.00

80.00

100.00

120.00

140.00

160.00

x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300

No. of connection(s)

TL

tra

nsa

ctio

n i

n s

eco

nd

s

Cfg1

Cfg2

7 August, 1999 S 23

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by HTTP

With 395K data retrieval, under firewall configuration 1,2,3

TL transaction time on average VS no. of connection under firewall configuration 1, 2, 3

-

200.00

400.00

600.00

800.00

1,000.00

1,200.00

1,400.00

1,600.00

1,800.00

x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300

No. of connection(s)

TL

tra

nsa

ctio

n t

ime

in

seco

nd Cfg1

Cfg2

Cfg3

7 August, 1999 S 24

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by HTTP

With 395K data retrieval, under firewall configuration 1,2,3,4

TL transaction time on average VS no. of connectionunder firewall configuration 1,2,3,4 respectively

-

200.00

400.00

600.00

800.00

1,000.00

1,200.00

1,400.00

1,600.00

1,800.00

2,000.00

x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300

No. of connection (s)

TL

tra

nsa

ctio

n t

ime

in

seco

nd

s

Cfg1

Cfg2

Cfg3

Cfg4

7 August, 1999 S 25

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by HTTP

With 395K data retrieval, with all the 7 firewall configurations TL transaction time on average VS no. of connection

-

200.00

400.00

600.00

800.00

1,000.00

1,200.00

1,400.00

1,600.00

1,800.00

2,000.00

x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300

No. of connection(s)

TL

Tra

nsa

ctio

n t

ime

in s

eco

nd

s

Cfg1

Cfg2

Cfg3

Cfg4

Cfg5

Cfg6

Cfg7

7 August, 1999 S 26

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by HTTP

Latency - with 395K data retrieval, with all the 7 firewall config. Average Latency VS no. of connection per transaction

-2.004.006.008.00

10.0012.0014.0016.0018.0020.00

x1 x30 x60 x90 x120 x150 x180 x210 x240 x270 x300

No. of connection(s)

La

ten

cy i

n s

eco

nd

s Cfg1

Cfg2

Cfg3

cfg4

Cfg5

Cfg6

Cfg7

7 August, 1999 S 27

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by FTP

TL average transaction time, with 5M data for transfer TL transaction time VS no. of conneciton

-

20.00

40.00

60.00

80.00

100.00

120.00

140.00

160.00

x1 x2 x3 x4 x5 x6 x7 x8 x9 x10

No. of connection(s)

Tl

Tra

nsa

ctio

n t

ime

in s

econ

d

s

Cfg1

Cfg2

Cfg3

Cfg4

Cfg5

Cfg6

Cfg7

7 August, 1999 S 28

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by FTP

TL min transaction time, with 5M data for transfer

TL min transaction time VS no. of connection(s)

-

20.00

40.00

60.00

80.00

100.00

120.00

140.00

160.00

x1 x2 x3 x4 x5 x6 x7 x8 x9 x10

No. of connection(s)

TL

tra

nsa

ctio

n T

ime

in s

eco

nd

Cfg1

Cfg2

Cfg3

Cfg4

Cfg5

Cfg6

Cfg7

7 August, 1999 S 29

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by FTP

TL average transaction time, with 1M data for transfer TL average transaction time VS no. of connection

-5.00

10.0015.0020.0025.0030.0035.0040.0045.0050.00

x1 x2 x3 x4 x5 x6 x7 x8 x9 x10

No. of connection(s)

Tra

nsa

ctio

n t

ime

in s

econ

d s

Cfg1

Cfg2

Cfg3

Cfg4

Cfg5

Cfg6

Cfg7

7 August, 1999 S 30

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by FTP

TL average transaction time, with 38.9K data for transfer TL average Transaction time VS no. of connection

-

10.00

20.00

30.00

40.00

50.00

60.00

70.00

38.9k x 1 38.9k x 5 38.9k x 10 38.9k x 20 38.9k x 40

Transaction time in second s

No.

of

con

nec

tion

Cfg1

Cfg2

Cfg3

Cfg4

Cgf5

Cfg6

Cfg7

7 August, 1999 S 31

Security Issues on Distributed Systems

Result Analysis - Performance Testing - Data Transfer by FTP

Average Latency VS no. of connection

-

0.20

0.40

0.60

0.80

1.00

1.20

1.40

1.60

38.9k x 1 38.9k x 2 38.9k x 3 38.9k x 4 38.9k x 5

No. of connection(s)

Lat

ency

in

sec

ond

s

Cfg1

Cfg2

Cfg3

Cfg4

Cgf5

Cfg6

Cfg7

Average latency Time, with 38.9K data for transfer

7 August, 1999 S 32

Security Issues on Distributed Systems

Result Summary & Conclusion

• More connection requests, more traffic collision, performance be more affected by external traffic interference

• Overhead - significant when it outweighs/is comparable with the transaction time used, especially using proxy servers

• Larger/smaller size of data for transfer, more/less transaction time

• More security --> more overhead ---> poor performance L1>L3

• Security - Performance Relationship ~~ overhead added with more security control with respect to higher level of security, except that the added security control NOT incur any overhead

7 August, 1999 S 33

Security Issues on Distributed Systems

Future Work

Performance index (Rating from 0 to 1).0 .1 .2 .3 .4 .5 .6 .7 .8 .9 1

7 0,7 L7

1,7

6L6

Security 5L5

Index 4L4

(Rating 3L3

from 2L2

1 to 7) 1L1

(0, 1) (1,1)

Security-performance matrix

0,1 poorest performance, lowest security0,7 poorest performance, highest security1,1 best performance, lowest security1,7 best performance, highest security

If we assume the firewall of level 1 security in this project -- already best performs, it is 1,1.

7 August, 1999 S 34

Security Issues on Distributed Systems

Calculate performance index ?

Latency of L1 = 4.79

L1 performance index = 1L2 1/(L2 latency / L1 latency ) = 1/(5.29/4.79) = 0.9L3 1/(L3 latency / L1 latency) = 1/(6.53/4.79) = 7.3 ~ 0.7L4 1/(L4 latency / L1 latency) = 1/(6.61/4.79) = 7.2 ~ 0.7L5 1/(L5 latency / L1 latency) = 1/(6.17/4.79) = 7.8 ~ 0.7L6 1/(L6 latency / L1 latency) = 1/(6.41/4.79) = 7.5 ~ 0.7L7 1/(L7 latency / L1 latency) = 1/(6.45/4.79) = 7.4 ~ 0.7

Average latency for data transfer ( FTP with 38.9K data for transfer ) Cfg1 Cfg2 Cfg3 Cfg4 Cgf5 Cfg6 Cfg7

38.9k x 1 0.05 0.80 0.80 0.83 0.80 0.67 0.88 38.9k x 2 1.12 1.10 1.32 1.33 1.28 1.47 1.33 38.9k x 3 1.16 1.10 1.48 1.47 1.32 1.43 1.40 38.9k x 4 1.23 1.21 1.44 1.48 1.37 1.43 1.41 38.9k x 5 1.23 1.08 1.49 1.49 1.40 1.41 1.44 TL : 4.79 5.29 6.53 6.61 6.17 6.41 6.45 with Cfg1 1.00 0.90 0.73 0.72 0.78 0.75 0.74

7 August, 1999 S 35

Security Issues on Distributed Systems

More about future work ...

• More repeated testing on different size of data , connection numbers and some other firewall parameters

• Restructure the security of seven levels -- more difference between one another

7 August, 1999 S 36

Security Issues on Distributed Systems

Finally ….

7 August, 1999 S 37

Security Issues on Distributed Systems

Mainly 2 Problems ...

1. Outside interference to performance testing

~ irregularities of curves needs more testing to smooth out

2. Security level definition for firewallEasy to define, difficult to achieve and guarantee

7 August, 1999 S 38

Security Issues on Distributed Systems

Screening rule ….. checkingsPhase 2 :access-list 100 deny udp any host 137.189.89.250 eq tftpaccess-list 100 deny tcp any host 137.189.89.250 eq 97access-list 100 deny tcp any host 137.189.89.250 eq sunrpcaccess-list 100 deny udp any host 137.189.89.250 eq sunrpcaccess-list 100 deny tcp any host 137.189.89.250 eq 2049access-list 100 deny tcp any host 137.189.89.250 eq lpdaccess-list 100 permit ip any any

The no. of rules to permit packet

Phase 7 12

Phase 6 20

Phase5 20

Phase 4 24

Phase 3/2 7