Security fundamentals Topic 7 Securing network communications Agenda • • • • • • • Remote access Remote authentication RADIUS and TACACS VPNs and tunnelling Terminal sessions Wireless network security IPSec Remote access • Additional security challenges with RAS networks • Traditional: remote access by dialling into modems at corporate office • VPNs use existing internet connections – no control over how packets flow Dial-up connections • Bank of modems connected to remote access server • RAS server authenticates the user • RAS server routes packets between remote computer and corporate network • Uses PPP (Point-to-Point) or SLIP (Serial Line Internet Protocol) • SLIP does not support encryption and transmits passwords in clear text • Connection level security from RAS server: • CBCP (Call-Back Control Protocol) – either end calls back on a supplied number or prearranged number (access only from specific location) – Accepts or reject calls based on caller ID or automatic number identification Dial-up connections • Advantages: – Limited access for attackers (long distance rates) – Low likelihood of eavesdropping (requires access to telephone lines/exchange) • Disadvantages: – Cost – equipment, line rental, call charges – Low productivity – limited connection speed – War dialling – dialling numbers to determine if modem attached Virtual Private Networks • Virtual Private Networks – Both sides establish an encrypted session with each other over the internet – Connection is assigned IP addresses and uses a virtual adapter • VPN tunnel – a secure connection through the internet Virtual Private Networks • Advantages: – Low costs: modems are not required, local call to ISP – High productivity: Broadband connection at remote users end means faster connection speed – Fewer external connection points: A single device (firewall) to handle multiple client connections – limits the attack surface – only one connection point • Disadvantages: – Risk of attack: potential attacks from Internet to compromise RAS server – Risk of eavesdropping: potential to intercept traffic and decrypt it – High exposure to attackers: if remote user’s computer is not secure there is a risk to the corporate network Remote connection requirements • • • • Common protocols at physical and data link layers Secure communications RAS - authenticate remote user Common data-link layer protocols: – Point-to-point connections: PPP or SLIP – Network and transport protocols: TCP/IP – Remote computer is assigned an IP address and other parameters for virtual adapter – generally DHCP • Host and remote software: – Remote user requires a VPN client program – Host or server requires VPN server service • Security: – Control access to resources – only authenticated and authorised users – Limit access of remote users to only those resources required Authentication methods • PAP: (Password Authentication Protocol) – password sent in clear text • SPAP: (Shiva Password Authentication Protocol) – a reversible encryption mechanism more secure but does not prevent attacker impersonating a legitimate RAS server • CHAP: (Microsoft® Challenge Handshake Authentication Protocol) – uses MD5 hashing algorithm – Server sends session ID and random value (challenge) to client – client creates a hash from session ID, challenge and password and sends to server. Password is never sent. Authentication methods • MS-CHAP: (Microsoft® Challenge Handshake Authentication Protocol) support domain login capabilities – MD4 hash comprising challenge string, session ID and password • MS-CHAPv2: – Version 2, larger initial encryption key and support for bidirectional challenge so that client also sends a challenge to the server to authenticate itself • EAP: (Extensible Authentication Protocol) – Supports multitude of authentication mechanisms: passwords, tokens, Kerberos and smart cards – Highly secure and flexible Centralised authentication • RAS authenticates users against a user accounts database such as ADS • RAS forwards the authentication messages to a central server that authenticates the user against a central database Centralised authentication • Steps: 1. 2. 3. 4. 5. 6. RAS queries the user for credentials Client sends authentication information RAS forwards authentication information to a central authentication server Central server checks users credentials against user account database: ADS, Novell e-directory, Unix NIS Authentication server returns success or failure to RAS If success, RAS allows client onto the network • RAS servers contain no user account data – less risk of compromise • Protocols: – – RADIUS: Remote Authentication Dial-In User Service TACACS+: Terminal Access Controller Access Control Service RADIUS • Provides AAA – authentication, authorisation and accounting for RAS servers • RADIUS protocol used to establish connection from RAS to authentication server or RADIUS Server • Separation of remote access and user authentication to allow: • RADIUS client (RAS server) and Server can use different OS and hardware architectures – different vendor implementation of RADIUS work with each other • RADIUS client and server can be geographically separated • User accounts are secure because they are located on internal corporate network • Authentication traffic between RADIUS client and server can be encrypted • Can outsource RAS servers to third party organisation RADIUS • RADIUS separates authentication from remote access functions: – – – – Can use variety of authentication protocols: CHAP, MS-CHAP Encrypt with variety of algorithms: MPPE, DES Create connections with a variety of protocols: TCP/IP, IPX/SPX Allow connections by using a variety of technologies: dialup, DSL, ISDN • RADIUS servers can maintain remote access policies, inform users of such and enforce policies: – Includes protocols the user is allowed to use – Length of time that the user can be connected – Operating system that the user can use • Case-sensitive shared secret password is set on RADIUS Server and RADIUS Client – never sent over the network – hashing algorithm used to verify shared secret, to authenticate RADIUS server and client and to encrypt authentication information. RADIUS accounting • Tracks the following: – Length of time the remote user is connected – Remote user authentication success or failure – Situation when the RADIUS server cannot authenticate a RADIUS client • ISPs use RADIUS to bill customers RADIUS authentication 1. RAS receives a connection request from remote access client 2. RAS configured as RADIUS client, creates an Access-Request message and sends it to the RADIUS server 3. RADIUS server processes message • If required RADIUS Server sends an Access-Challenge to RAS • RAS server or remote access client process challenge and sends a new AccessRequest to RADIUS server • User credentials are verified – connection to ADS or user accounts DB • Remote access policies are evaluated – is client allowed access to network 4. If connection is authenticated and authorised, RADIUS server sends an AccessAccept message to remote access server or sends Access-Reject message 5. RAS server receives Access-Accept message – sends an accounting request message to RADIUS server 6. RADIUS server processes accounting request message and sends an accounting response message to RAS (RADIUS client) 7. Client connection is completed TACACS and TACACS+ • Cisco AAA protocol • Standard method to manage dissimilar NAS network access servers • NAS provides connections to single user, network or interconnected networks • TACACS+ has replaced TACACS – not compatible TACACS and TACACS+ • • Supports: – Authentication: forwards username and password in these formats: ARA (Apple Remote Access), SLIP, PAP, CHAP, telnet, KCHAP (Kerberos CHAP) • Authentication data hashed with MD5 • Supports multiple challenge and responses as required for token based authentication (OTP password) – Authorisation: • Mechanism to give an access server a pointer to an ACL associated with a user. ACL specifies which resources can be accessed once authenticated – Accounting: • Accounting protocol part of TACACS+ contains network address of user, username, service attempted, protocol used, time and date and packet filter – all logged • Auditing information includes commands and arguments used and the connection associated with it. Protocol can provide intruder detection routines, reporting statistics, number of packets and number of bytes RADIUS and TACACS differences • RADIUS runs over UDP, TACACS+ runs over TCP • RADIUS provides a user profile with authentication that defines user specific parameters, TACACS+ separates the authentication and authorisation functions • TACACS+ typically used for network devices such as routers and switches • RADIUS used for computers and network devices Virtual Private Networks • Protocols used to establish VPN tunnel: – PPTP: Point-to-Point Tunnelling Protocol – L2TP: Layer 2 Tunnelling Protocol – IPSec: Internet Protocol Security: architecture, protocol and IKE (Internet Key Exchange) protocol PPTP • Point-to-Point Tunnelling Protocol • PPTP client computer establishes a control connection to server using TCP port 1723 > PPTP tunnel is established • GRE (Generic Routing Encapsulation) protocol used to send data • Characteristics: – Layer 2 protocol encapsulates PPP frames in IP datagrams – PPTP uses PAP, CHAP, MS-CHAP for authentication – Requires an IP based network and does not support header compression – provide encryption – IP packet is encapsulation into a PPP frame which is encapsulated into a VPN IP packet – All data sent through the tunnel is encrypted – PPTP supports many protocols and multicast – can be established across networks that use NAT L2TP • IETF standard • L2TP encapsulates PPP frames for sending over IP, X.25, frame relay or ATM networks • L2TP over IP uses UDP port 1701 and includes control messages for tunnel maintenance • Encapsulated frames can be encrypted or compressed however L2TP has no mechanism for encryption or authentication – use with another protocol - IPSec • L2TP over IPSec: L2TP provides encapsulation and IPSec in transport mode provides strong integrity, replay, authenticity and privacy protection • Authentication options: CHAP, MSCHAP, MSCHAPv2, EAP • Some NAT implementations cannot use IPSec tunnel mode, use NAT-T transversal technology to encapsulate IPSec in UDP Comparing VPN solutions • L2TP/IPSec: – Multivendor interoperability – Client to gateway and gateway to gateway – IPSec may have issues with NAT • PPTP: – Early implementations have lower security – Security of PPTP depends on strength of users password – No NAT limitations Securing VPN connections • Choose a protocol that provides a secure authentication method and encrypts the data • Monitor traffic that originates from VPNs after it has been decrypted on RAS • Require multifactor authentication – such as smart card • Ensure computers connecting with VPN meet corporate security policies (antivirus, quarantine if configuration not sufficient) • Ensure that after VPN is established, no routes to internet exist in client computer that bypass your network – hacker may gain access via VPN Terminal sessions • Remotely access a single computer: all processes run on remote computer but session takes input from another computer and redirects output to that computer: terminal services, remote desktop and VNC • Terminal services also allows multiple users to simultaneously establish sessions and run programs on a single computer. • Provide an alternative to remote access connections • Useful administrator tool however also create security risks • Use strong encryption for the terminal session and prevent users from accessing other users data Secure shell protocol • SSH lets users log onto a remote computer, execute commands and moves files from one computer to another • Provides strong authentication and secure communications over unsecured channels • SSH2 is a replacement for FTP • Encrypts passwords and data, host and user authentication, data compression, data confidentiality, strong encryption, host authentication and integrity protection SSH • 3 major components: – Transport layer SSH-TRANS secure authentications, confidentiality and network integrity – encryption is an option – typically runs over TCP/IP but can be used over any reliable data stream – User authentication protocol SSH-USERAUTH – authenticates the user at the client computer to the server – Connection protocol SSH-CONN multiplexes the encrypted tunnel into several logical channels • SSH uses PKI- public key encryption for user authentication, however older methods may be used • PKI ensures that users cant access a host for which they do not have a public key • SSH also provides protection from packet spoofing, IP/Host spoofing, password sniffing and eavesdropping Wireless threats • Data can be intercepted without requiring physical access • Common risks: – Theft of service: free access to internet – Eavesdropping: intercepted traffic – Unauthorised access: to corporate information • Basic defences: – Limit the range of transmissions – do a site survey periodically to detect signal strength and unauthorised APs – Don't broadcast the SSID – harder for a hacker to determine existence of WLAN – Restrict access based on MAC address (MAC addresses can be spoofed by hacker) – Put all APs in a separate network segment and limit the type of traffic allowed from network into corporate network Wireless security • • • • WEP (Wired Equivalency Protocol) WPA (Wi-Fi Protected Access) 802.1x WAP (Wireless Application Protocol) IPSec • Layer 3 protocol that provides authentication and encryption for IP traffic • Situations for implementation: – End- to end security for IP unicast traffic – transport mode – Remote access VPN client to gateway – L2TP and IPSec transport mode – Site-to-site VPNs using L2TP/IPSec or IPSec tunnel mode • • • • Open protocol and interoperable Windows has built in support for IPSec clients Transparent protection for layer 3 and above protocols: IPSec policy defines the types of traffic that require encryption and/or digital signing IPSec features • ESP and AH – ESP: provides encryption and signing – AH: signs traffic but does not encrypt • Tunnel and transport modes – Transport mode – end to end security – protects entire data path between sender and receiver – Tunnel mode – secures the channel between the VPN gateways • Protection from: – Man-in-the-middle attacks – both parties authenticate – Spoofing – digital signing to verify integrity – Replay attacks – sequence numbers IPSec features • Before communication both parties negotiate a SA (Security Association) – determines what authentication and encryption methods will be used • IPSec uses IKE (Internet Key Exchange) for authentication VPN devices. • IKE uses: – Kerberos – Certificates – Password pre-shared authentication keys Lesson summary • Methods and security aspects of remote access and authentication • How RADIUS and TACACS are used to provide AAA • The security benefits and types of tunnelling and VPNs • The security of terminal sessions, wireless networks and the uses and details of IPSec