netprog 2002 - kerberos1 kerberos 雅典娜计划的一部分 (mit) 。...
TRANSCRIPT
Netprog 2002 - Kerberos 1
Kerberos
• 雅典娜计划的一部分 (MIT) 。• 可信的第三方认证方案。• 假定主机是不可信的• 要求每个 client ( 对每次业务请求 ) 证
明其身份 .• 不要求用户每次业务请求都输入密码 !
Netprog 2002 - Kerberos 2
Kerberos Design
• 用户必须在工作站会话开始的时候验证自己 ( 登录会话 ).
• 密码永远不在网络中明文传输 ( 或在存储器中存储 )
Netprog 2002 - Kerberos 3
Kerberos Design (cont.)
• 每个用户有一个口令 .
• 每个业务有一个口令 .
• 知道所有口令的唯一实体是认证 服务器 .
Netprog 2002 - Kerberos 4
ServerServerServerServerServerServerServerServer
ServerServerServerServerServerServerServerServer
KerberosKerberosDatabaseDatabase
Ticket GrantingTicket Granting ServerServer
Ticket GrantingTicket Granting ServerServer
AuthenticationAuthentication ServerServer
AuthenticationAuthentication ServerServer
WorkstationWorkstationWorkstationWorkstation
Kerberos Key Distribution ServiceKerberos Key Distribution Service
Netprog 2002 - Kerberos 5
Tickets
• 每个业务请求需要一个 ticket.
• 一个 只能用于单个用户访问单个服务器 .
Netprog 2002 - Kerberos 6
Tickets (cont.)
• Tickets 由 “ Ticket Granting Server” (TGS) 分发 ,TGS 有所有的加密密钥 .
• Tickets 对 clients 是无意义的 , clients 只是用他们接入服务器 .
Netprog 2002 - Kerberos 7
Tickets (cont.)
• TGS 用服务器的加密密钥加密每个ticket
• 加密的 tickets 可在网上安全传输,只有服务器可以解密 .
• 每一 ticket 有有限的生存期 ( 几个小时 ).
Netprog 2002 - Kerberos 8
Ticket Contents
• Client 名 ( 用户登陆名 )• Server 名• Client 主机网络地址• Client/Server 会话密钥• Ticket 生存期• 产生时戳
Netprog 2002 - Kerberos 9
会话密钥
• 分配给会话的随机数 .• 会话密钥用于加密 client 和 server 间
的请求和响应
Netprog 2002 - Kerberos 10
Authenticators
• 信任状证明 client 身份 .• 包括
Client 用户名 . Client 网络地址 . 时戳 .
• 信任状以 session key 加密 .
Netprog 2002 - Kerberos 11
Bootstrap
• 每次 client 要访问要申请新的 ticket.• 为了从 TGS 获得 ticket, client 必须
已经有 TG ticket 和一个会话密钥与TGS 通信 !
Netprog 2002 - Kerberos 12
Authentication Server• Client 向 AS 发送明文请求以获得一个
ticket 用于和 TGS 通信。• 请求 :
login name TGS name
由于这个请求只包括公开的名字,不需要加密 .
Netprog 2002 - Kerberos 13
Authentication Server• AS 找到与登陆名和 TGS 名对应的密
钥 .• AS 生成一个 ticket:
login name TGS name Client 网络地址 TGS 会话密钥
• AS 以 TGS 秘密密钥加密此 ticket.
Netprog 2002 - Kerberos 14
Authentication Server Response
• AS 同时产生一个随机会话密钥供client 和 TGS 使用 .
• 会话密钥和加密的 ticket 以用户的秘密密钥加密 .
TGS session key
Ticket:login nameTGS namenet addressTGS session key
Sealed with user keySealed with user key
Sealed with TGS keySealed with TGS key
Netprog 2002 - Kerberos 15
Accessing the TGS
• Client 以用户口令作为秘密密钥解密消息 .
• Client 这时获得了会话密钥和与 TGS 通信的 ticket.
• Client 看不到 ticket 内部的内容 , 因为client 不知道 TGS 的秘密密钥 .
Netprog 2002 - Kerberos 16
• 当 client 想开始使用服务 ,client 必须首先获得一个 ticket.
• Client 构造一个请求发送给 TGS:
Accessing a Server
TGS Ticket
Authenticator
Server Name
sealed withsealed withTGS keyTGS key
sealed withsession key
Netprog 2002 - Kerberos 17
TGS response• TGS 用其秘密密钥解密 ticket 获得 TGS
会话密钥 .• TGS 用会话密钥解密信任状 .• TGS 检查验证登陆名, client 地址和
TGS server 名都正确 .• TGS 验证信任状是最新的 .
Netprog 2002 - Kerberos 18
TGS Response一旦所有验证通过, TGS:• 产生一个 ticket 使 client 用于请求的
server. Ticket 用 server 密钥加密 .• 产生一个会话密钥• 以 TGS 会话密钥加密整个消息发回给
client.
Netprog 2002 - Kerberos 19
Client accesses Server
• Client 以 TGS 会话密钥解密 TGS 响应 .
• Client 现在获得了与服务器通信的会话密钥和 ticket.
• client 用与和访问 TGS 一样格式的数据访问服务器。
Netprog 2002 - Kerberos 20
Kerberos Summary
• 每业务请求需要一个 ticket.• Tickets 来源于 TGS ( 除了访问 TGS
的 ticket).• 工作站不能解密用服务器密钥加密的
tickets.• 每个 ticket 有个相应的 session key.• Tickets 不能重用 .
Netprog 2002 - Kerberos 21
Kerberos Summary (cont.)
• Tickets 有有限的生命期 .• 信任状只能使用一次 .• 信任状失效的更快 !• 服务器维护一个信任状列表
Netprog 2002 - Kerberos 22
ServerServerServerServerServerServerServerServer
ServerServerServerServerServerServerServerServer
KerberosKerberosDatabaseDatabase
Ticket GrantingTicket Granting ServerServer
Ticket GrantingTicket Granting ServerServer
AuthenticationAuthentication ServerServer
AuthenticationAuthentication ServerServer
WorkstationWorkstationWorkstationWorkstation
Kerberos Key Distribution ServiceKerberos Key Distribution Service
Netprog 2002 - Kerberos 23
SSL Protocol Version 3.0 and OpenSSL-0.9.6a
Viraj Bhatmail :[email protected]
Netprog 2002 - Kerberos 24
SSL Protocol
Goals of the SSL protocol v 3.0 in the order of their priority
Cryptographic security Interoperability Extensibility Relative Efficiency
Netprog 2002 - Kerberos 25
SSL Protocol Layer
SSL protocol runs on the TCP/IP and below the HTTP and IMAP
HTTP LDAP IMAP
Secure Sockets Layer
TCP/IP Layer
Application Layer
Network Layer
Netprog 2002 - Kerberos 26
SSL Handshake
CL
IEN
T
SE
RV
ER
1)Client sends SSL version number,Cipher Settings,randomly generated data
2)Server sends SSL version number,Cipher Settings,randomly generated data3)Client uses the info of STEP2 for SERVER AUTHENTICATION if Failed TERMINATE if Successful go to STEP 4
4)PreMaster Secret Generated for the session, encrypts it with the Server’s Public Key
5)If Server Requested for CLIENT AUTHENTICATION:Client Sends Signed Data & Encrypted PreMaster Secret (This is Optional)
6)Server Authenticates Client, if failure TERMINATE else decrypt PREMASTER SECRET to generate MASTER SECRET
7)Both the Client and Server use the Master Secret to Generate Session keys
8) and 9)Client and Server sends messages to each other that Handshake is finished
Netprog 2002 - Kerberos 27
Handshake Protocol Implementation
Client ServerClientHello -------------------------------------------> ServerHello Certificate*
ServerKeyExchange*
CertificateRequest* <------------------------------------------- ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished ---------------------------------------------->
[ChangeCipherSpec] Finished Application Data <------------------------------------> Application Data
Netprog 2002 - Kerberos 28
Server Authentication Step 3
CA=Certificate Authority
DN=Distinguished Name of the issuing CA
Figure shows how a Netscape Client authenticates the Server’s certificate Netscape specific
Netprog 2002 - Kerberos 29
Client Authentication Step 5
Netprog 2002 - Kerberos 30
Session and Connection States SSL Session is stateful it is the responsibility of
the Handshake Protocol to coordinate states of the client and server
Changes state when it receives the change cipher spec message
Client receives change cipher spec message it copies pending read state to current read state
Server receives change cipher spec message it copies pending write state to pending write state
Netprog 2002 - Kerberos 31
SSL Session States SSL Session may include multiple secure connections.This
state includes the following elements: session identifier: an arbitrary byte sequence peer certificate:X509.v3 certificate of the peer compression method:compress data prior to
encryption cipher spec: specifies bulk data encryption
algorithm and a MAC(message authentication codes) algorithm
master secret : 48 byte secret is resumable : a flag to indicate whether a
new session can be instantiated
Netprog 2002 - Kerberos 32
SSL Connection States The Connection State includes the following
server and client random : byte sequences server write MAC secret : secret in MAC operations client write MAC secret server write key : bulk cipher key client write key initialization vectors : initialized in the Handshake sequence numbers : for each connection, for
change cipher spec sequence no are set to 0(zero)
Netprog 2002 - Kerberos 33
SSL Record Layer The SSL Record Layer receives data
from higher layers in non empty blocks of arbitrary size.The SSL Record Layer: Fragments : into SSLPlaintext records of
2^14 bytes Record Compression and Decompression:
The fragmented data is then compressed to to a length of not more than 1024 bytes and Decompressed to a length of 2^14 bytes at the receiving end
Netprog 2002 - Kerberos 34
Change Cipher Spec Protocol Exists to Signal Transitions in ciphering
strategies.This is encrypted and compressed under the current CipherSpec Struct {
enum { change_cipher_spec(1), (255) } type;
}ChangeCipherSpec; Cipher Spec Message is sent by both client and
Server. Client sends one message after handshake and other
after certificate verify messages Server sends one after after is received successfully
processing the key exchange message from the client
Netprog 2002 - Kerberos 35
Alert Protocol Alert Messages convey the severity of the
message and the description of the alert Fatal Level : Immediate termination of the Connection Warning Level :Connection is not affectedenum { warning(1), fatal(2), (255) } AlertLevel; enum { close_notify(0), unexpected_message(10),
bad_record_mac(20), decompression_failure(30), handshake_failure(40), no_certificate(41), bad_certificate(42), unsupported_certificate(43), unsupported_certificate(43), certificate_revoked(44), certificate_expired(45), certificate_unknown(46), illegal_parameter (47),(255)
} AlertDescription; struct { AlertLevel level; AlertDescription description; } Alert
Netprog 2002 - Kerberos 36
Encryption and Decryption Encryption: Process of transforming
information so that is is unintelligible to anyone except the intended recipient
Cryptographic Algorithm/Cipher is a mathematical function used for encryption and decryption
Commonly used techniques for encryption and decryption are:
Symmetric Key Encryption Public Key Encryption(Asymmetric Encryption)
Netprog 2002 - Kerberos 37
Encryption contd.. Symmetric Key Encryption:
Public Key Encryption:
Netprog 2002 - Kerberos 38
RSA Public Cryptosystem It is based on the dramatic difference between
the ease of finding large prime numbers and difficulty of factoring the product of two large prime numbers
Algorithm for the RSA Public-key crypto system1)Select at random 2 large prime numbers p and q.p and q
are 100 decimal digits each2)Compute n = p * q3)Select small odd integer e relatively prime to (n) which
equals (p-1)(q-1)4)Compute d as multiplicative inverse of e, modulo (n)5)Publish pair P=(e,n) as his RSA public key6)Keep pair S=(d,n) as his RSA secret key
Netprog 2002 - Kerberos 39
Digital Signatures Addresses problems of tampering and impersonation Relies on a 1 way Hash(message digest)
Value of the Hash is unique for the data The content cannot be deduced from the hash
Netprog 2002 - Kerberos 40
Certificates and Authentication
Certificate based authentication: Figure below shows how to authenticate a client to a server
Netprog 2002 - Kerberos 41
Contents of a Certificate Contents organized according to X.509 v3
certificate specification An X.509 v3 certificate binds a Distinguished
name(DN) to a public key uid=doe,[email protected],cn=John Doe,o=Netscape
Communications Corp.,c=US uid = user ID , e = email address, cn =users common name,o = organization,c=country
A typical certificate consists of 2 sections : Data Section Signature Section
Netprog 2002 - Kerberos 42
Certificate Contents Data Section
Version Number of the X.509 standard Certificate’s Serial Number Information Info about users public key + algorithm + Rep of the key DN of the CA Validity Period DN of the certificate subject Optional Certificate Extensions
Signature Section Cryptographic Algorithm used by the issuing CA CA’s digital Signature = Data in Certificate+CA’s Private
key
Netprog 2002 - Kerberos 43
How CA Certificates Are Used to Established the Truth ?
By the way of CA hierarchies and Certificate Chains Verifying a Certificate Chain
Netprog 2002 - Kerberos 44
OpenSSL OpenSSL project is a collaborative effort
to develop a robust commercial grade,full featured Open Source toolkit Implementing the Secure Sockets Layer SSL
v2 and v3 Transport Layer Security v1 Full Strength general purpose cryptographic
libraries Based on the SSLeay library developed
by Eric A Young and Tim J Hudson
Netprog 2002 - Kerberos 45
Features of OpenSSL Lib’s Portability
Supported on Unix,Windows 3.1 ,AIX 3.2, OSF 1.x, SunOS 5.x (gcc, cc) SPARC and INTEL and many more
Interface Description: Key Encoding Types :
DER - binary DER encoding PEM - base64 Privacy Enhanced Mail encoding
Error Handling void SSL_load_error_strings(void); unsigned long ERR_get_error(void); char *ERR_error_string(unsigned long error); void ERR_print_errors(FILE *fp);
Netprog 2002 - Kerberos 46
Interface Descriptions Create SSL Context
SSL_CTX *SSL_CTX_new(void) Create SSL Handle
Create and initialize the data structure for SSL state using SSL_CTX_new() : SSL *SSL_new(SSL_CTX *ssl_ctx);
Establish Keys Call to function int SSL_useRSAPrivateKey(SSL *s, RSA
*key) Register Certificates
Server must have a certificate : int SSL_use_certificate(SSL *s, X509 *cert)
Client and Server Accept : int SSL_connect(SSL *s); Set Preferred Cipher:SSL_set_perf_cipher(SSL *s, char
*str)Ex:SSL_TXT_RC4_128_WITH_MD5 "RC4-MD5"
Netprog 2002 - Kerberos 47
Cryptographic Algorithms Supported by SSLeay 0.9.0b
Defined in “crypto.h” Symmetric Ciphers
DES,RC2,RC4,Blowfish,IDEA,CAST,RC5 (RC4 = stream cipher)
Asymmetric Ciphers: Diffie-Hellman Key Exchange DSA RSA Algorithm
Netprog 2002 - Kerberos 48
Client and Server application Main –ClientSSLeay_add_ssl_algorithms();meth = SSLv2_client_method()SSL_load_error_strings();ctx = SSL_CTX_new (meth);
ssl = SSL_new (ctx); /*Connect to a port of the server*/err = SSL_connect (ssl); --Check
errorserver_cert =
SSL_get_peer_certificate (ssl);str = X509_NAME_oneline
(X509_get_subject_name (server_cert),0,0);
/*after verifying certificate write to server*/
err = SSL_write (ssl, "Hello World!", strlen("Hello World!"));
SSL_shutdown (ssl);SSL_free (ssl)
Main– ServerSSL_load_error_strings();SSLeay_add_ssl_algorithms(); Meth SSLv23_server_method(); ctx = SSL_CTX_new (meth);/*Open a port in the server*/ssl = SSL_new (ctx); SSL_set_fd (ssl, sd);err = SSL_accept (ssl);client_cert =
SSL_get_peer_certificate (ssl);str = X509_NAME_oneline
(X509_get_subject_name (client_cert), 0, 0);
err = SSL_read (ssl, buf, sizeof(buf) - 1);
err = SSL_write (ssl, "I hear you.", strlen("I hear you."));
Cleanup same as client
Netprog 2002 - Kerberos 49
References The SSL Protocol Version 3.0 Transport Layer
Security Working Group RFC-2246 http://developer.netscape.com/security OpenSSL website: www.openssl.org SSLeay Programmers Reference
http://www2.psy.uq.edu.au/~ftp/Crypto/ssl.html
Introduction to Algorithms by Thomas H Cormen,Charles E Leiserson & Ronald L Rivest
New Directions in Cryptography by Whitfield Diffie and Martin E.Hellman
Netprog 2002 - Kerberos 50
IPsec 介绍
Netprog 2002 - Kerberos 51
提要
• IPsec 概述• 安全关联 Security Associations (SA) &
SPI’s• 认证头 Authentication Header (AH) 协议• 封装安全载荷 --Encapsulating Security
Payload (ESP) 协议• 网间密钥交换 Internet Key Exchange (IKE)• IPsec 缺陷• IPsec 与隧道 (PPTP, L2TP)
Netprog 2002 - Kerberos 52
虚拟专网 VPN (Virtual Private Network)
• 两个主机或网络间的安全通信
• VPN, 解决所有你安全问题的代名词
• 仍是一个比较新的技术
• IPsec 是众多流行的 VPN 技术之一
Netprog 2002 - Kerberos 53
IPSEC 能做什么• 认证
• 完整性
• 接入控制
• 机密性
• 重放保护 (部分 )
Netprog 2002 - Kerberos 54
通信的类型• 主机到主机
• 主机到安全网关
• 安全网关到安全网关• 安全网关 = 防火墙• 也称为网络到网络
Netprog 2002 - Kerberos 55
IPSEC 如何工作
• 主机到主机
Host A Host BIPsec (SA)
Other Hosts
No IPsec No IPsec
Netprog 2002 - Kerberos 56
安全关联• 存储在 SPD 中 (Security Policy
Database)• 通过以下所述唯一标识 IPsec 会话
( sessions ) :• SPI – Security Parameter Index,标识会
话的唯一数• 目的 IP 地址• 安全协议 (AH or ESP)
Netprog 2002 - Kerberos 57
安全关联• Host A 安全关联 :# ipsecadm new esp -spi 1000 -src HostA \
-dst HostB -forcetunnel -enc 3des -auth sha1 \ -key 7762d8707255d974168cbb1d274f8bed4cbd3364 \-authkey 6a20367e21c66e5a40739db293cf2ef2a4e6659f
• Host B 安全关联 :# ipsecadm new esp -spi 1001 -src HostB \
-dst HostA -forcetunnel -enc 3des -auth sha1 \-key 7762d8707255d974168cbb1d274f8bed4cbd3364 \-authkey 6a20367e21c66e5a40739db293cf2ef2a4e6659f
Netprog 2002 - Kerberos 58
主机到安全网关
Host A SecurityGatewayIPsec (SA)
Other Hosts IPC-NAT ROUTE
InternalNetwork
ORNo IPsec
Netprog 2002 - Kerberos 59
安全网关到安全网关
SecurityGatewayIPsec (SA)
IPC-NAT ROUTE
InternalNetwork
OR
SecurityGateway
InternalNetwork
Netprog 2002 - Kerberos 60
IPSEC 连接类型• 传输模式
• 不加密整个数据包• 采用原 IP 头• 较快
• 隧道模式• 加密整个包,包括 IP 头 (ESP)• 产生新的 IP 头• 较慢
Netprog 2002 - Kerberos 61
通常的 TCP/IP 包
帧层 (Layer 2)
IP 头 (Layer 3)
TCP/UDP 头 (Layer 4)
应用层 (5-7) / 数据
IP 头 TCP/UDP 数据
或
帧头
Netprog 2002 - Kerberos 62
AH ( 认证头 )
• IP 协议 51• 提供包的认证• 不加密载荷
IP Hdr AH TCP/UDP Data
传输模式
IP 头 AH TCP/UDP 数据
IP Hdr AH 数据新 IP 头 AH TCP/UDP原 IP 头
Tunnel Mode
Netprog 2002 - Kerberos 63
ESP ( 封装安全载荷 )
• IP 协议 50• 加密载荷• 提供加密和认证
IP Hdr AH TCP/UDP Data
Transport Mode
IP 头 AH TCP/UDP 数据
数据新 IP 头 AH TCP/UDP原 IP 头
Tunnel Mode
ESP
ESP
Netprog 2002 - Kerberos 64
IKE ( 网间密钥交换 )
• UDP 端口 500
• 协商连接参数
• 网际安全关联和密钥管理协议 ISAKMP (Internet Security Association and Key Management Protocol)
• Oakley (Diffie-Helmen 密钥交换 )
Netprog 2002 - Kerberos 65
IKE 协商• 两个阶段
• 阶段 1 – 协商双向 SA• 利用证书或预先共享的密钥• 采用主模式或贪心模式
• 阶段 2 – 协商 IPSEC (AH, ESP, 隧道 , 传输 )• 今天是否加密你的数据 ?• 总是利用快速模式因为我们已经认证过了
Netprog 2002 - Kerberos 66
IKE 协商
• 协商下列参数 :• SA 生存期• 加密算法 ( 不采用 DES,采用 3DES)• 认证算法 (MD5, SHA-1)• 密钥交换类型
Remember:# ipsecadm new esp -spi 1000 -src HostA \
-dst HostB -forcetunnel -enc 3des -auth sha1 \
-key 7762d8707255d974168cbb1d274f8bed4cbd3364 \
-authkey 6a20367e21c66e5a40739db293cf2ef2a4e6659f
Netprog 2002 - Kerberos 67
IPSec 举例• 只使用 ESP
• 在同一网络的两个主机 :• Jerry 192.168.0.11 - OpenBSD 2.8• Tom 192.168.0.17 – OpenBSD 2.7
Netprog 2002 - Kerberos 68
Jerry 配置 (192.168.0.11)
ipsecadm new esp -spi 1000 -src 192.168.0.11 -dst 192.168.0.17 -forcetunnel \-enc blf -auth sha1 -key b4bc9f7f37d09332ac95dd32223e685fe6aaa026 \-authkey d041653ae78a9fa5ca795df2a051102ec30b33aa
ipsecadm new esp -spi 1001 -src 192.168.0.11 -dst 192.168.0.17 -forcetunnel \-enc blf -auth sha1 -key b4bc9f7f37d09332ac95dd32223e685fe6aaa026 \-authkey d041653ae78a9fa5ca795df2a051102ec30b33aa
ipsecadm flow -proto esp -dst 192.168.0.17 -addr 192.168.0.11 255.255.255.255\ 192.168.0.17 255.255.255.255 -proto esp -acquire
Encap:Source Port Destination Port Proto SA(Addr/Proto/Type/Direction)192.168.0.11/32 0 192.168.0.17/32 0 0 192.168.0.17/50/acquire/out
Netprog 2002 - Kerberos 69
Tom Configuration(192.168.0.17)
ipsecadm new esp -spi 1001 -src 192.168.0.17 -dst 192.168.0.11 -forcetunnel \-enc blf -auth sha1 -key b4bc9f7f37d09332ac95dd32223e685fe6aaa026 \-authkey d041653ae78a9fa5ca795df2a051102ec30b33aa
ipsecadm new esp -spi 1000 -src 192.168.0.17 -dst 192.168.0.11 -forcetunnel \-enc blf -auth sha1 -key b4bc9f7f37d09332ac95dd32223e685fe6aaa026 \-authkey d041653ae78a9fa5ca795df2a051102ec30b33aa
ipsecadm flow -proto esp -dst 192.168.0.11 -spi 1001 -addr 192.168.0.17 255.255.255.255 192.168.0.11 255.255.255.255
Encap:Source Port Destination Port Proto SA(Address/SPI/Proto) 192.168.0.17/32 0 192.168.0.11/32 0 0 192.168.0.11/00001001/50
Netprog 2002 - Kerberos 70
封装前的包ICMP12:46:21.545929 192.168.0.11 > 192.168.0.17: icmp: echo request (ttl 255, id 29731) 0000: 4500 0054 7423 0000 ff01 c618 c0a8 000b E..Tt#.......... 0010: c0a8 0011 0800 09d8 9d66 0000 3b6d 104f .........f..;m.O 0020: 0008 19fa 0809 0a0b 0c0d 0e0f 1011 1213 ................ 0030: 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 ............ !"# 0040: 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 $%&'()*+,-./0123 0050: 3435 45
FTP12:47:42.431056 192.168.0.11.42261 > 192.168.0.17.21: P [tcp sum ok] 13:28(15) ack 98 win 17232 <nop,nop,timestamp 9663 9697> [tos 0x10] (ttl 64, id 44333) 0000: 4510 0043 ad2d 0000 4006 4c0b c0a8 000b [email protected]..... 0010: c0a8 0011 a515 0015 5062 b4c2 5d0f 41e7 ........Pb..].A. 0020: 8018 4350 a693 0000 0101 080a 0000 25bf ..CP..........%. 0030: 0000 25e1 5041 5353 2070 6173 7377 6f72 ..%.PASS passwor 0040: 640d 0a d..
Netprog 2002 - Kerberos 71
Packets AfterICMP12:51:58.736930 esp 192.168.0.11 > 192.168.0.17 spi 0x00001001 seq 1 len 116 (ttl 64, id 16933) 0000: 4500 0088 4225 0000 4032 b6b2 c0a8 000b E...B%..@2...... 0010: c0a8 0011 0000 1001 0000 0001 b5c1 1de8 ................ 0020: 9e67 4463 cab1 f496 2970 e7d9 267c 0cef .gDc....)p..&|.. 0030: 6bfc a5d6 6f6a 9f51 0e95 20fe c930 0e77 k...oj.Q.. ..0.w 0040: 2918 6c92 d7ac 6c13 f9f1 de8b 1674 fd42 ).l...l......t.B 0050: be98 4a40 29e8 9ecb 6759 cfbe 993d 1001 ..J@)...gY...=.. 0060: 0f11 0b8b 5e93 8852 dc28 786b 2479 465d ....^..R.(xk$yF] 0070: 5a67 d503 6b51 ff0b 074c 0076 6d03 a1ec Zg..kQ...L.vm... 0080: 5b14 765f cb06 51f8 [.v_..Q.
FTP12:52:29.730868 esp 192.168.0.11 > 192.168.0.17 spi 0x00001001 seq 2 len 100 (ttl 64, id 28675) 0000: 4500 0078 7003 0000 4032 88e4 c0a8 000b E..xp...@2...... 0010: c0a8 0011 0000 1001 0000 0002 6b51 ff0b ............kQ.. 0020: 074c 0076 30fa 28c7 ef53 592a 7b13 a068 .L.v0.(..SY*{..h 0030: 06bf 071d 81a0 98de ddd8 0174 b637 2b9a ...........t.7+. 0040: f1d2 a36e d83a 08ec 59bf 5341 a4b3 7ae5 ...n.:..Y.SA..z. 0050: bbc3 000b d2b1 e93c e086 cf69 71d6 dcf5 .......<...iq... 0060: 8498 13d7 8930 2451 f43b b6fc 4abc da2c .....0$Q.;..J.., 0070: 77c5 91dd ab2e ba11 w.......
Netprog 2002 - Kerberos 72
IPsec 缺点• 太复杂 , 有许多不同的配置方式• 可能配置的不安全• 客户端安全是个问题
Netprog 2002 - Kerberos 73
IPSec 相对于 SSL/TLS 的优点
• 加密整个包,包括 IP 头
• 可以加密整个协议
• 当使用网关到网关方式时不影响用户
• 有独立的 IP 地址
Netprog 2002 - Kerberos 74
支持 IPsec 的操作系统
• OpenBSD, FreeBSD, NetBSD• Linux• Solaris• Windows 2000 (Native)• Windows NT/95/98/Me (Add-on)• Cisco IOS (PIX and Routers)• Others as well....