Security TunnelingReading MaterialWhat is a tunnel?Tunnel Protocols for all Levels802.1Q VLANVLAN TrunkingVLAN used in SiebelVLAN Security IssuesVLAN 1Differentiate Trusted and Untrusted PortsNative VLANsPrivate VLAN AttackOther Layer 2 AttacksIPSec Operational ArchitectureSecurity Association (SA)IPSec ProtocolsESPESP HeaderTunnel and Transport ModesTunnel and Transport ModesIPSec Startup NegotiationsInternet Key Exchange (IKE)Security Boot StappingOakley Key DeterminationDiffie-Hellman Key ExchangeISAKMPISAKMP anti-cloggingTransform NegotiationMain Mode and Aggressive ModeMain Mode ExampleAggressive Mode ExampleNAT Transparent IPSecIPSec challengesSSLWorking at Transport LevelSSL SessionSSL ConnectionStructure of SSLSupporting CryptoRSA: Cipher, MAC AlgorithmsDiffie-Hellman: TypesD-H: Cipher, MAC AlgorithmsEphemeral D-H: Cipher, MAC AlgorithmsAnonymous D-H: Cipher, MAC AlgorithmsFortezza: Cipher, MAC AlgorithmsDigital SignaturesSSL Record LayerRecord Protocol OverviewSSL MAC ComputationSSL Handshake ProtocolOverview of RoundsHandshake Round 1Handshake Round 2Handshake Round 3Handshake Round 4SSL Change Cipher Spec ProtocolSSL Alert ProtocolSSL Alert Protocol ErrorsSSL Application Data ProtocolSecurity TunnelingCyber SecuritySpring 2006Reading Material• IPSec and SSL are covered in Bishop’s Computer Security Art and Science– RFC’s ultimate source for both• IPSec overview -http://www.alliancedatacom.com/IPsec-overview.asp• SSL/TLS overview -http://httpd.apache.org/docs/2.0/ssl/ssl_intro.html• VLAN Security Paper –– http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/vlnwp_wp.htmWhat is a tunnel?• A tunnel identifies packets in a data stream – Identify by encapsulation (new header possibly new trailer)– Identify by labeling. • Entry into a tunnel gives the data stream different characteristics– E.g., Privacy, authentication, different routing characteristics– Security is not always the goal of the tunnel• Also called virtual private networks (VPNs) in many situationsTunnel Protocols for all Levels• Layer 2 – 802.1Q VLANs – labels ethernet frames for traffic separation– Proprietary link encryption• Layer 3– IPSec– IPv6 in IPv4 – Carry IPv6 traffic over IPv4 networks– Generic Routing Encapsulation (GRE)– Multiprotocol Label Switching (MPLS) – uses labels to implement circuit switching at layer 3• Layer 4–SSL/TLS• Layer 7– SMIME– DNSSec802.1Q VLAN• Supported by many switches• Augments ethernet frame with tagVLAN Trunking• Enables multiple VLANs to be carried over a single physical link between switchesVLAN used in Siebel• Using VLANs in the lab configuration to create virtual wires between firewalls, hosts, and the outside world• CS Department uses VLAN trunking to virtually connect machines• VLAN trunking will provide lab access to a virtual devices running on a VMWareserver in a far distant machine room.VLAN Security Issues• Classic case of security being an after thought– Designed for traffic separation, not security!• Cisco white paper on VLAN security– http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtmlVLAN 1• By default unmarked packets go into VLAN 1– Means VLAN 1 tends to appear on multiple switches– Bad activity on VLAN 1 will affect the entire network• Understand where VLAN 1 is used and prune back unnecessary usesDifferentiate Trusted and UntrustedPorts• Reduce protocols on untrusted ports – Limit points of attack• For example, VLAN Trunking Protocol (VTP) or Dynamic Trunking Protocol (DTP)– Cisco proprietary protocol that allows for automatic propagation of VLAN configuration across the network– If VTP could be co-opted by bad guy can reconfigure the network.Native VLANs• Created for backwards compatability– One of the VLANs associated with port can be native– All untagged packets to with the native VLAN– All tagged packets in native VLAN get strippedPrivate VLAN Attack•Private VLAN– An escape to let routed traffic pass between L2 constraints– L2 ProxyOther Layer 2 Attacks• MAC Flooding• ARP Spoofing• 802.1Q tagging attack– Attacker creates DTP packets. Trick port into going into trunk mode. • Spanning Tree Protocol (STP) Attacks– Broadcast protocol to agree on a tree of bridges to avoid broadcast loops– Attacker attempts to insert packets claiming he is new root bridgeIPSec Operational Architecture• IPSec Security Architecture, RFC 2401• Designed by the Security Working Group of the IETF. – http://ietf.org/html.charters/ipsec-charter.html• Motivated from IPv6 design– Add arbitrary number of extension headers to store information about the security protocols– First IPv4 implementations around ‘97Security Association (SA)• Records on the endpoints that store operational information– E.g., encryption protocol, keying information, traffic stream filters• One SA per endpoint to represent a simplex connection– Two pairs of SAs to represent duplex connectivity• The SA memory footprint can be a limiting factor in the number of tunnels– Smaller routers cannot support very many simultaneous SAs• Must know the ID of your peer’s SA to communicate– Addressed by the Security Parameters Index (SPI)– SPI identified in the security protocol headers– SPI + Peer address + security protocol will uniquely identify a SAIPSec Protocols• The IPSec framework describes how a number of different IPSec security protocols can be applied to a tunnel• Two protocols implemented– Encapsulating Security Payload (ESP) –provides privacy (encryption) and message authentication (detection of change)– Authentication Header (AH) – provides authentication (detection of change)ESP• RFC 2406• Initially ESP only provided confidentiality not message authentication– You were supposed to use AH get authentication– People argued that ESP as not useful without authentication, so it was added in as an option– Now AH is not so valuable, since you can use a null encryption in ESP to get essentially the same thingESP Header• Both confidentiality and message authentication cover part of the header• Payload data can include things like initialization vectors (IVs)• Sequence number is used to avoid replay attacksSecurity Parameters Index (SPI)Sequence NumberPayload Data (variable)Padding (0-255 bytes) Pad Len Next HeaderAuthentication Data (variable)AuthCoverConf.CoverTunnel and
View Full Document
Unlocking...