Security
Types of hurts
Ways to inflict those hurts
Terms, Principles and Tradeoffs
Steps in Security Planning
responses and toools
Firewalls
Authentication and Upper Layer Tools
Types of Threats -
theft of service or destruction of goods
denial of service
disclosure of information
invasion of privacy
Ways to inflict harm
Physical
labs, cracking passwords
physical host security
fake login program
yellow stickies
Data Link
sniffing passwords
Network
router attacks
to compromise or deny
address masquerading/spoofing
transport layer
break os or leap into memory
message replay, denial/delay, alteration
Operating System
exploit bugs to become superuser
Applications
viruses
word macro viruses
privacy
email
cookies
Denial of Service attacks
Ping Attacks
Ping O' Death
http:4/7/98/www.sophist.demon.co.uk/ping/
Smurf Attack
SYN Attacks
http:4/7/98/www.cisco.com/warp/public/707/4.html
The Other 16
Security Terms
Identification and directory information
host versus network
Authentication
Authorization
by individual
by role
ACLs and PACs
Accountability
Data integrity
Data privacy
Physical resource integrity
Personal Privacy
Security principles
Security should enable us to provide more
There is no single solution
A security architecture in essential
Free choice and security are inconsistent
Security needs are very volatile
Which tool for which use is important
509/kerb gateway/standard application/external
Security Tradeoffs
central versus distributed solutions
cost and risk
authority versus responsibility
onetime versus ongoing
user power versus safety
Steps in Security Planning
Establish methodology
Inventories
Policies Resources Environment/Technology
Identify/evaluate vulnerabilities
Determine acceptable risk given estimated cost of potential loss
versus full cost of solution
Implement protections
Methodology
http:4/7/98/csrc.ncsl.nist.gov/nistpubs/cc - spook/geek
international standard evaluation model
DOD Orange Book Guidance - from physical controls to verified
design and policy roles
Vulnerabilities
Likelihoods and Potential Impacts
Internal and External Threats
Costs of Solutions
Central costs
Distributed costs
Loss of functionality or convenience
Onetime and ongoing costs
Policies Inventory
Data administration policy
Network, Host Application and data access policies
Data classifications
Applicable privacy and national policies
Firewall strategies
Environment Inventories
Various host and network OS
Network protocols, routers, switches, bridges, hubs
Programming languages
Applications
Databases
Mainframe gateways
Resource Inventory
Security coordinator
Local response team
CERT Coordination Center - http:4/7/98/www.cert.org
FIRST - Forum of Incident Response Teams
http:4/7/98/www.first.org
Corporate Counsel
Users
How do you know if there's a problem?
System problems
Audits
Security advisories
Colleagues, incidents, accidental discovery
Security product offerings
Web searches, conferences, newsgroups
Types of responses
physical layer
crack
protect password file
no ftp, shadow passwords
smart cards
policies and education
data link
twisted pair
encryption
SSH
network layer
firewalls
routing and transport
tcp wrappers (logs all tcp connections)
front end filter certain commands (telnet, finger)
operating system
tripwire (looks for mods to sys software)
keep OS patched
applications
encryption
General purpose tools
cert
satan
tamu
cops
Simple Firewalls
by application
by user
by port
Specific firewall approaches
by protocol - the value of an IPX-IP gateway
simplified addressing, stacks, security
differences and latency in development
by ISP or commercial provider
Specific firewall approaches
by application-level gateway
examine high-level protocols and applications for
problemmatic packets
email, news, telnet, web, etc.
services X user controlled by manager
inclusion of other, physical, virtual security devices
Specific firewall approaches
by proxy-server (circuit level gateways)
only one IP address advertized to the world - the proxy
serves as the agent for all machines behind
clients make IP connection to proxy
logon to proxy
logon by session
no logon
Specific firewall approaches
packet filtering on source/destination addresses
best for internal use
susceptible to spoofing
tcpwrappers
Firewall Issues
Where to put the security perimeter
What are the costs?
maintenance - e.g. software patches
performance - e.g. routers
functionality -e.g. outsourced modems, travellers
Types of Authentication Methods
Something you know - passwords, PINS, pass phrases
Something you carry - staff id card, password token, challenge-response
Something you are - biometric devices
Carry Authentication
one-time password
challenge/pin/response
limits in networked environments
delays
multiple hosts and accounts
Electronic Authentication
Kerberos
ticket granting ticket
request host ticket
forwarding ticket
X.509
certificate authorities
certificate management - revocation
Issues - market, management, standards
Encryption
Protect against eavesdropping
Digitally sign data for proof of origin
Nonrefutability
integrity of content
Two approaches
secret or private key
public/private key
PGP, RSA, DES
GSS API
Generic Security Services API
RFC 1508
Independent of particular language environments and underlying
security mechanisms
Invoked by communications programs
Involves acquiring credentials negotiating/releasing security
environments exchanging messages
WWW Security
Basic page authentication
S-HTTP
SSL (Secure Socket Layer)
X.509 Security
Secure shell