1Network SecurityDavid ParterUniversity of WisconsinComputer Sciences DepartmentComputer Systems LabCS640 27 November 20072TopicsBackground: Threats and Security PoliciesTools and Defenses: Firewalls Virtual Private Networks Network Intrusion Detection Systems Port Scanning Network & Configuration ManagementCSL Network Security3Threats and Security Policies4Analyze The ThreatsAnalyze potential threats before choosing a defenseWithout knowing threats, it is impossible to assess the defenses5Types of ThreatsData corruption Specific alteration Random alteration (vandalism) Equally dangerousData disclosure Keep your secrets secret6Types of ThreatsTheft of service network bandwidth computersname ...Denial of serviceDamage to reputation7Damage to ReputationFinancial Industry exec: #1 threat is a negative story above the fold in the Wall Street Journal or New York Times That may have changed with new regulatory requirements8Cost of Data DisclosureData Breach Notification Laws CA Law, model for most states, including WI Notify each individual if records released Notify credit reporting agencies if more than 1000 records involved9Cost of Data DisclosureVery likely to be widely reported in the news media Damage to reputationLiability/remediation credit monitoring for all individuals? Civil actions?10Example: Medical IndustryData corruption & Denial of service: Could lead to incorrect diagnosis, treatment Potentially life-threateningData disclosureLoss of patient record privacy Many potential social, legal and business costsDamage to reputation11Example: Financial IndustryData corruption Potential for incorrect (or less profitable) stock market trades Account records can probably be reconstructed Data disclosure Loss of competitive advantage Violation of securities laws12Example: A University Academic DepartmentData corruption: Loss of experiments/experimental data Incorrect experimental resultsData disclosureDisclosure of confidential data: human subjects data, industrial partner data, current research, student grades, exams, peer reviews, ...13Security PoliciesAfter threat analysis, develop security policiesPolicies provide guidance to employees in ongoing operations, to security/system administration staffDevelop policies before a crisis hits 14Tools and Defenses15FirewallsBackground & Security modelType of firewallsFirewall rules16References and ResourcesFirewalls and Internet Security: Repelling the Wily Hacker (2nd ed) Cheswick, Bellovin and RubinBuilding Internet Firewalls (2nd ed) Zwicky, Chapman and CooperFirewall-wizards mailing listhttp://honor.trusecure.com/mailman/listinfo/firewall-wizards17Security ModelPerimeter security Like a guard at the gate, checking ID badges Assumes that inside is trusted, outside is not Larger area inside perimeter -> more complexity, weaker security Smaller perimeter -> more specific securityApplies predefined access rules18Why Use a Firewall?Protect vulnerable services Poorly designed protocols Poorly implemented protocols/servicesProtect vulnerable computers/devicesPoorly configured Can't be configured Can't be patched19Why Use a Firewall?To protect an applianceProtect a system that can not be upgraded Version/upgrade restrictions from vendor ex: printers; data acquisition devices; scientific instruments; devices with customized & embedded versions of popular operating systems; devices with embedded web servers for configuration/control ...20Why Use a Firewall?Defeat some denial of service (DOS) attacks If the firewall has enough bandwidthConsidered an easy solution Satisfy check-box requirements Only need to deal with security in one place (not really an advantage from a total security point of view)23Types of Firewalls: Basic Technology optionsBasic Technology Options: Packet Filtering (screening) Application ProxyOther Factors:Statefull vs. Stateless Router vs. Bridge Configuration/Security model24Packet FilteringActs like a router or bridge Does not modify network connections or packet headersAllow/Deny packets based on packet dataAllow/Deny packets based on Input/Output interfaceshorthand for source or destination25Allow/Deny packets based on packet data:Layer 2: Source or Destination MAC addressesLayer 3: Source or Destination addresses, portsProtocol or Protocol details ex: disallow IP Source Routing disallow ICMP redirect packets disallow common malicious packet signatures26Allow/Deny packets based on packet data:Layer 4: Service-specific (ex: by URL)28Packet Filtering RulesTypically applied in a specific order First match appliesOne filter per ruleDefault rule? Default Deny safestWarning: implied default rule: Deny or Allow?29Example Packet Filtering Rules: Protect 128.105.0.0 network with Cisco router access control listsApply rules from top to bottom:deny ip 128.105.0.0 0.0.255.255 anypermit tcp any 128.105.1.1 eq 25permit tcp any 128.105.1.2 eq 80permit tcp any 128.105.1.3 eq 22deny icmp any any redirect logpermit icmp any 128.105.1.4 echodeny icmp any any echo logdeny ip any any log30Example Packet Filtering Rules: Protect 128.105.0.0 network with OpenBSD pf:block in log allblock in log quick on $campus_if from 128.105.0.0/16 to anypass in quick on $campus_if proto tcp from any to 128.105.1.1/32 port = 25...pass in quick on $cs_if proto tcp from 128.105.0.0/16 to any keep state31Packet Filtering AdvantagesCan be placed at a few strategic locations Internet/Internal network border router To isolate critical serversEfficientSimple concept32Packet Filtering AdvantagesWidely available Implemented in most routers Firewall appliances Open Source operating systems and software Specialized network interface cards with filtering capabilities Download up to 64k rules to some33Packet Filtering DisadvantagesHard to configure Rules can get complexHard to test and verify rulesIncomplete implementationsBugs often fail unsafe -- allow unintended traffic to pass34Packet Filtering DisadvantagesCan Reduce router performanceSome policies don't map
View Full Document