security implementation : products and...
TRANSCRIPT
Security Implementation :Products and Services
Contents
1. Security Vulnerablility2. Security Products3. Security Services
Security Vulnerability
Security Vulnerability
Definition weakness in a product that could allow an attacker to
compromise the integrity, availability, or confidentiality of that product
Classification by asset Hardware : 온습도, 먼지, 진동 등
Software : Memory leak, Race condition
Networks : Protocol, Traffic
Environment : 전원, 자연재해
Personnel : Password, Management, Audit
Security Vulnerability
Network/Software/Personnel Password Protocol Traffic Application Service Worm
Security Vulnerability
Password ID – email Dictionary attack Brute Force Attack (무차별 대입 공격) : 성공할 때까지 가능한
모든 조합의 경우의 수를 시도해 원하는 공격을 시도하는 것
Alphabet(26) + number(10) = 36 4자리 : 38 ^ 4 = 1,679,6168자리 : 38 ^ 8 = 2,821,109,907,456
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
14 6 6 8 20 6 8 10 14 4 4 8 8 12 14 6 4 12 12 14 10 4 8 2 4 2
Security Vulnerability
Protocol SYN Flooding TCP sequence number guessing ICMP Flooding : ping –f –s 10000 DHCP
Traffic DoS, DDos
Application Exploit Shellcode : buffer overflow Messenger : MS messenger phishing Spyware : PC내 정보수집, 바이러스 감염 경고/결재 유도
Security Vulnerability
Service HTTP, FTP, SMTP, POP3,TELNET, SSH DNS, SNMP, SQL, Oracle Netbios, RPC, Remote Desktop, etc, ….
Worm Slammer worm : 2003.1.25
MSSQL 취약점 이용, PC rebooting10분만에 약 75,000 대 감염
Security Products
Firewall
• Filtered by L2(MAC), IP Header, TCP Header, Protocols
Firewall
Firewall
TCP Header Format
LINUX Netfilter Kernel > 2.4 Main Features
– stateless packet filtering (IPv4 and IPv6)– stateful packet filtering (IPv4 and IPv6)– NAT/NAPT (IPv4 and IPv6)– flexible and extensible infrastructure– multiple layers of API's for 3rd party extensions
Firewall - Implementation
Prerouting Forward Postrouting
Input
Routing
Routing
Local Process
ConntrackMangleNAT(dnat)
filter
FilterConntrack
ConntrackMangleNAT(dnat)filter
Output
NAT(snat)NAT(Masq)conntrack
Firewall - Implementation
Netfilter Architecture
VPN(IPSEC)
Source KISA
VPN(IPSEC)
Overview of IPSEC standards
Internet
IPsec Tunnel or TransportData
Host Host
Internet
IPsec TunnelData
Host HostSecureGateway Secure
Gateway
Transport mode Tunnel mode상위계층 데이터에 보안서비스 제공 전체 IP 패킷에 보안서비스 제공
host에 적용 host와 secure gateway에 적용
VPN(IPSEC)
Operation Modes
VPN(IPSEC)
• Next Header(8 bits)
– Specify the Next Header Type
• Payload Length(8 bits)
– Length of AH in 4-byte Unit
– Null Authentication used for debugging• IPv4 = 1, IPv6 = 2
• RESERVED(16 bits)
– Set ot All “Zero”
• SPI(32 bits)
– Identify the Security Association
– 1~255 : Reserved by IANA
• Sequence Number(32 bits)
– Monotonically Increasing Counter Value
– For the Anti-Replay Service
• Authentication Data(Variable Size)
– ICV of the Packet
Next Header Payload Length RESERVEDSecurity Parameter Index(SPI)Sequence Number Field
Authentication Data(variable)
0 7 8 15 16 31 Authentication Header Format
AH Location - Transport Mode
VPN(IPSEC)
Original IP Header(Any options)
TCP Data
Original IP Header(Any options)
TCP DataAH
IPv4
Before Applying AH
Authenticated except for mutable fields
Original IP Header(Any options)
TCP Data
Original IP Header(Any options)
TCP DataAH
Extension Headersif present
ExtHdr(Hop-by-hop,dest,routing, frag.)
Dest.Options
IPv6
Before Applying AH
Authenticated except for mutable fields
AH Location - Tunnel Mode
VPN(IPSEC)
Original IP Header(Any options)
TCP Data
Original IP Header(Any options)
TCP DataAH
IPv4
Before Applying AH
New IP Header(Any options)
Authenticated except for mutable fields in the New IP Header
Original IP Header(Any options)
TCP Data
Original IP Header(Any options)
TCP DataAH
Extension Headersif present
Ext Hdrsif present
IPv6
Before Applying AH
Ext Hdrsif present
New IP Header(Any options)
Authenticated except for mutable fields in the New IP Header
VPN(IPSEC)
• SPI(32 bits)
– Identify the Security Association
– 1~255 : Reserved by IANA
• Sequence Number(32 bits)
– Monotonically Increasing Counter Value
– For the Anti-Replay Service
• Padding(for Encryption)
– For the Block Cipher
• Payload Data(variable size)
– Upper Layer Data
– IV(Initial Vector) Included
• Pad Length(8 bits)
• Next Header(8 bits)
– Specify the Next Header Type
• Authentication Data(Variable Size)
– ICV of the Packet
Sequence Number FieldPayload Data(variable)
0 15 16 31Security Parameter Index(SPI)
Pad LengthAuthentication Data(variable)
Next Header
Padding(0~255 bytes)
AuthenticationCoverage
ConfidentialityCoverage
ESP Header Format
ESP Header Location - Transport Mode
VPN(IPSEC)
Original IP Header(Any options)
TCP Data
Original IP Header(Any options)
ESP Hdr.
IPv4
Before Applying ESP
TCP Data ESPTrailer
ESPAuth.
Original IP Header(Any options)
Original IP Header(Any options)
ESP Hdr.
Extension Headersif present
ExtHdr(Hop-by-hop,dest,routing, frag.)
Dest.Options
IPv6
Before Applying ESPTCP Data
TCP Data ESPTrailer
ESPAuth.
EncryptedAuthenticated
EncryptedAuthenticated
ESP Header Location - Tunnel Mode
VPN(IPSEC)
Original IP Header(Any options)
TCP Data
New IP Header(Any options)
ESP Hdr.
IPv4
Before Applying ESP
TCP Data ESPTrailer
ESPAuth.
Original IP Header(Any options)
Original IP Header(Any options)
New IP Header(Any options)
ESP Hdr.
Extension Headersif present
Ext Hdrsif present
Orig ExtHeaders
IPv6
Before Applying ESPTCP Data
TCP Data ESPTrailer
ESPAuth.
Original IP Header(Any options)
EncryptedAuthenticated
EncryptedAuthenticated
Introduction to IKE(1/2)
IKE is a mature, complex protocol for securely setting up keyed sessions, in particular IP-Sec Security Associations (SA)
IKE evolved over several years from multiple proposals.IKEv2 is now `draft standard`
IKE runs over UDP (port 500; detect NAT: 4500)One IKE message per UDP datagram
Uses (only) exchanges (request/response)- Initiator makes request, Responder responses- Initiator (only) retransmits/aborts for reliability- Not necessarily client/server! But usually Initiator is client.
VPN(IPSEC)
VPN(IPSEC)
Introduction to IKE(2/2)
Two phases
1st phase: setup ISAKMP SA (Internet Security Association and Key Management Protocol)
- Algorithms, keys, etc. – to be used by IKE (not AH/ESP!)- Perfect forward secrecy (PFS): exposure of all keys does not
expose past traffic [using Diffie- Helman]
2nd phase: Generate IP-Sec SA- Protected using the ISAKMP SA- Many 2nd phases may share ISAKMP SA (1st phase)E.g. one 1st phase for gateways, then many 2nd phase for eachpair of hosts using these gateways
- More efficient than 1st phase; PFS optional
VPN - Implementation
1. Kernel IPSEC SupportLinux Kernel > 2.5.47
2. Package InstallUser-land tool : set-keyIKE tool : racoon(ipsec-tools)
VPN - Implementation
• Turn on/Verify the following features in Kernel 2.6.x
Networking support (NET) [Y/n/?] y** Networking options* PF_KEY sockets (NET_KEY) [Y/n/m/?] y
IP: AH transformation (INET_AH) [Y/n/m/?] yIP: ESP transformation (INET_ESP) [Y/n/m/?] yIP: IPsec user configuration interface (XFRM_USER) [Y/n/m/?] y
Cryptographic API (CRYPTO) [Y/n/?] yHMAC support (CRYPTO_HMAC) [Y/n/?] yNull algorithms (CRYPTO_NULL) [Y/n/m/?] yMD5 digest algorithm (CRYPTO_MD5) [Y/n/m/?] ySHA1 digest algorithm (CRYPTO_SHA1) [Y/n/m/?] yDES and Triple DES EDE cipher algorithms (CRYPTO_DES) [Y/n/m/?] yAES cipher algorithms (CRYPTO_AES) [Y/n/m/?] y
• SSL (Secure Socket Layer)– 배경 : 1993년 웹 서버와 브라우저간의 안전한 통신을 위해 Netscape 社에 의해 개발
– 특징 : 세션계층에서 적용되며, 응용계층의 FTP, TELNET, HTTP등의 프로토콜의 안전성 보장
– 서버 인증, 클라이언트 인증, 기밀성 보장– 현황 및 전망 : 현재 많은 전자 쇼핑 몰 업체에서 채택, 운영
• TLS (Transport Layer Security)– 배경 : SSL 3.0 이 표준화된 이후 IETF는 1996년 6월부터 TLS 프로토콜
에 대한 표준화 (SSLv3.1)– Backward compatible with SSLv3– 특징 : SSL 3.0을 기반으로 한 업그레이드 프로토콜– 현황 및 전망 : 현재 TLS 1.2 발표, 지속적 개발 예상
SSL / TLS
SSL / TLS
SSL / TLS 의 기능
• 서버 인증 기능– 사용자는 서버의 신원을 확인– 서버의 certificate 와 public ID가 정당 확인– 클라이언트의 신뢰 된 인증 기관들의 목록에 서버의 인증 기관이 포
함되었는지를 확인 (표준 공개키 암호화 기술을 사용)
• 클라이언트 인증– 서버는 클라이언트의 신원을 확인– 클라이언트의 certificate 와 public ID가 정당 확인– 서버의 신뢰 된 인증기관 들의 목록에 클라이언트의 인증 기관이 포
함되었는지를 확인 (표준 공개키 암호화 기술을 사용)
• 암호화된 SSL 연결– 클라이언트와 서버 사이에 송/수신 되는 모든 정보는 암호화/복호화
+ 무결성 보장
SSL / TLS
SSL Architecture
• Handshake 프로토콜– 서버와 클라이언트간의 상호인증을 수행하고, 사용할 키 교환 방식,
대칭키 암호 방식, HMAC 방식, 압축방식 등의 보안속성을 협상
• Change Cipher Spec 프로토콜– Handshake 프로토콜에 의해 협상된 압축, MAC, 암호화 방식 등이
이후부터 적용됨을 상대방에게 알림
• Alert 프로토콜– 세션의 종료 또는 오류 발생시 이를 상대방에게 알림
• Record 프로토콜– 상위계층 메시지들이 보안성이 유지되며 전송될 수 있도록 하기 위
하여, 메시지 분할, 압축, 메시지 인증, 암호화 등의 작업을 수행
SSL / TLS
SSL / TLS
SSL Record protocol
SSL Record protocol
▣ Confidentiality◈using symmetric encryption with a shared secret key defined by
Handshake Protocol◈ IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128◈message is compressed before encryption
▣ Message integrity◈using a MAC with shared secret key◈similar to HMAC but with different padding
SSL / TLS
SSL / TLS
• Fragmentation– 2^14bytes(16384bytes) or less
• Compression– Optional, lossless– No compression in SSLv3, TLS
• MAC
• Encryption– IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128
hash ( MAC_write_secret pad_2hash( =MAC_write_secret pad_1 seq_num SSLCompressed.type
SSLCompressed.length SSLCompressed.fragment) )
SSL HandShake
1 ClientHello
7 Certificate
8 ClientKeyExchange
9 CertificateVerify
10 ChangeCipherSpec
11 Finished
6ServerHelloDone
13Finished
2ServerHello
3Certificate
4ServerKeyExchange
5CertificateRequest
ChangeCipherSpec 12
클
라
이
언
트
서
버
Note: Optional or situation-dependent messages that are not always sent
Openssl www.openssl.org Build
download latest openssl package (v1.0.1c – 2012.5.10)
compile package./configmakemake testmake install
RootCA 생성
SSL/TLS - Implementation
IDS(Intrusion Detection System) IPS(Intrusion Prevention System) L2 ~ L7 pattern matching
IDS/IPS
IPS
Pattern Matching Regular Expression
| : gray | grey? : colou?r matches both "color" and "colour“* : ab*c matches "ac", "abc", "abbc", "abbbc", …..+ : ab+c matches "abc", "abbc", "abbbc", ….,
but not "ac".
DFA(Deterministic Finite Automaton) NFA(Nondeterministic Finite Automaton) PCRE(Perl Compatible Regular Expression) HFA(Hyper Finite Automaton)
IDS/IPS
Snortwww.snort.orglatest version : 2.9.3.1 (2012.8)
IDS/IPS - Implementaion
Output Plug-ins
Output to log file, console etc
Detection Engine
Detection Plug-insReferences
Preprocessors
Decoder
Packet Capture Module
Packets from wire
Output Notification
Host
SnortRunning
OnSystem
Rule Storage
SnortXL Output Agent SnortXL Input Agent
Rules etc.
Packet Out Module
Packets back on the wire
(for IPS only)
IDS/IPS - Implementaion
Architecture
Security Services
Security Services
Security Consulting Service 모의 해킹, 보안 점검, Consulting
Security Monitoring/Management Remote Security, Network Monotoring/Management
Patch Management Windows patch Virus patch Software patch
Training