Security+ lesson 11

dns poisoning: dns client cache poisoning

Before DNS was developed in the 1980s, name resolution took place using a text file named HOSTS. Each name:IP address mapping was recorded in this file and system administrators had to download the latest copy and install it on each Internet client or server manually. Even though all name resolution now functions through DNS, the HOSTS file is still present and most operating systems check the file before using DNS. Its contents are loaded into a cache of known name:IP mappings and the client only contacts a DNS server if the name is not cached. Therefore, if an attacker is able to place a false name:IP address mapping in the HOSTS file and effectively poison the DNS cache, he or she will be able to redirect traffic. The HOSTS file requires administrator access to modify. In UNIX and Linux systems it is stored as /etc/hosts, while in Windows it is placed in %SystemRoot%\System32\Drivers\etc\hosts.

tls vpn

A TLS VPN (still more commonly referred to as an SSL VPN) requires a remote access server listening on port 443 (or any arbitrary port number). The client makes a connection to the server using TLS so that the server is authenticated to the client (and optionally the client's certificate must be authenticated by the server). This creates an encrypted tunnel for the user to submit authentication credentials, which would normally be processed by a RADIUS server. Once the user is authenticated and the connection fully established, the VPN gateway tunnels all communications for the local network over the secure socket. Configuring a client certificate for mutual authentication in the pfSense security appliance. (Screenshot used with permission from Rubicon Communications, LLC.) The port can be either TCP or UDP. UDP might be chosen for marginally superior performance, especially when tunneling latency-sensitive traffic such as voice or video. TCP might be easier to use with a default firewall policy. TLS over UDP is also referred to as Datagram TLS (DTLS). OpenVPN is an open source example of a TLS VPN (openvpn.net). OpenVPN can work in TAP (bridged) mode to tunnel layer 2 frames or in TUN (routed) mode to forward IP packets. Another option is Microsoft's Secure Socket Tunneling Protocol (SSTP), which works by tunneling Point-to-Point Protocol (PPP) layer 2 frames over a TLS session (docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sstp/70adc1df-c4fe-4b02-8872-f1d8b9ad806a). The Point-to-Point Protocol (PPP) is a widely used remote dial-in protocol. It provides encapsulation for IP traffic plus IP address assignment and authentication via the widely supported Challenge Handshake Authentication Protocol (CHAP).

cipher suites

A cipher suite is the algorithms supported by both the client and server to perform the different encryption and hashing operations required by the protocol. Prior to TLS 1.3, a cipher suite would be written in the following form: ECDHE-RSA-AES128-GCM-SHA256 This means that the server can use Elliptic Curve Diffie-Hellman Ephemeral mode for session key agreement, RSA signatures, 128-bit AES-GCM (Galois Counter Mode) for symmetric bulk encryption, and 256-bit SHA for HMAC functions. Suites the server prefers are listed earlier in its supported cipher list. TLS 1.3 uses simplified and shortened suites. A typical TLS 1.3 cipher suite appears as follows: TLS_AES_256_GCM_SHA384 Only ephemeral key agreement is supported in 1.3 and the signature type is supplied in the certificate, so the cipher suite only lists the bulk encryption key strength and mode of operation (AES_256_GCM), plus the cryptographic hash algorithm (SHA384) used within the new hash key derivation function (HKDF). HKDF is the mechanism by which the shared secret established by DH key agreement is used to derive symmetric session keys.

secure directory services

A network directory lists the subjects (principally users, computers, and services) and objects (such as directories and files) available on the network plus the permissions that subjects have over objects. A network directory facilitates authentication and authorization, and it is critical that it be maintained as a highly secure service. Most directory services are based on the Lightweight Directory Access Protocol (LDAP), running over port 389. The basic protocol provides no security and all transmissions are in plaintext, making it vulnerable to sniffing and man-in-the-middle attacks. Authentication (referred to as binding to the server) can be implemented in the following ways: No authentication—anonymous access is granted to the directory. Simple bind—the client must supply its distinguished name (DN) and password, but these are passed as plaintext. Simple Authentication and Security Layer (SASL)—the client and server negotiate the use of a supported authentication mechanism, such as Kerberos. The STARTTLS command can be used to require encryption (sealing) and message integrity (signing). This is the preferred mechanism for Microsoft's Active Directory (AD) implementation of LDAP. LDAP Secure (LDAPS)—the server is installed with a digital certificate, which it uses to set up a secure tunnel for the user credential exchange. LDAPS uses port 636. If secure access is required, anonymous and simple authentication access methods should be disabled on the server. Generally two levels of access will need to be granted on the directory: read-only access (query) and read/write access (update). This is implemented using an access control policy, but the precise mechanism is vendor-specific and not specified by the LDAP standards documentation. Unless hosting a public service, the LDAP directory server should also only be accessible from the private network. This means that the LDAP port should be blocked by a firewall from access over the public interface. If there is integration with other services over the Internet, ideally only authorized IPs should be permitted.

remote desktop

A remote access VPN joins the user's PC or smartphone to the local network, via the secure tunnel. Another model for remote networking involves connecting to a host within the local network over a remote administration protocol. A protocol such as Secure Shell (SSH) traditionally provides terminal access, and there are many tools that can connect to a graphical desktop. A GUI remote administration tool sends screen and audio data from the remote host to the client and transfers mouse and keyboard input from the client to the remote host. Microsoft's Remote Desktop Protocol (RDP) can be used to access a physical machine on a one-to-one basis. Alternatively, the site can operate a remote desktop gateway that facilitates access to virtual desktops or individual apps running on the network servers (docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/welcome-to-rds). There are several popular alternatives to Remote Desktop. Most support remote access to platforms other than Windows (macOS and iOS, Linux, Chrome OS, and Android for instance). Examples include TeamViewer (teamviewer.com/en) and Virtual Network Computing (VNC), which is implemented by several different providers (notably realvnc.com/en). Traditionally, these remote desktop products require a client app. The canvas element introduced in HTML5 allows a browser to draw and update a desktop with relatively little lag. It can also handle audio. This is referred to as an HTML5 VPN or as a clientless remote desktop gateway (guacamole.apache.org). This solution also uses a protocol called WebSockets, which enables bidirectional messages to be sent between the server and client without requiring the overhead of separate HTTP requests.

secure smtp(smtps)

A sender's SMTP server discovers the IP address of the recipient's SMTP server using the domain name of the recipient's email address. The SMTP server for the domain is registered in DNS using a Mail Exchanger (MX) record. SMTP communications can be secured using TLS. This works much like HTTPS with a certificate on the SMTP server. There are two ways for SMTP to use TLS: STARTTLS—this is a command that upgrades an existing unsecure connection to use TLS. This is also referred to as explicit TLS or opportunistic TLS. SMTPS—this establishes the secure connection before any SMTP commands (HELO, for instance) are exchanged. This is also referred to as implicit TLS. The STARTTLS method is generally more widely implemented than SMTPS. Typical SMTP configurations use the following ports and secure services: Port 25—used for message relay (between SMTP servers or Message Transfer Agents [MTA]). If security is required and supported by both servers, the STARTTLS command can be used to set up the secure connection. Port 587—used by mail clients (Message Submission Agents [MSA]) to submit messages for delivery by an SMTP server. Servers configured to support port 587 should use STARTTLS and require authentication before message submission. Port 465—some providers and mail clients use this port for message submission over implicit TLS (SMTPS), though this usage is now deprecated by standards documentation.

URL redirection

A uniform resource locator (URL) is an address for the pages and files published on websites. A URL comprises a FQDN, file path, and often script parameters. URL redirection refers to the use of HTTP redirects to open a page other than the one the user requested. This is often used for legitimate purposes—to send the user to a login page or to send a mobile device browser to a responsive version of the site, for instance. If the redirect is not properly validated by the web application, an attacker can craft a phishing link that might appear legitimate to a naïve user, such as: https://trusted.foo/login.php?url="https://tru5ted.foo" A threat actor could also compromise a web server and add redirects in .htaccess files. A redirect could also be inserted as JavaScript, either through compromising the server or by uploading a script via a poorly validated form.

domain reputation

A uniform resource locator (URL) is an address for the pages and files published on websites. A URL comprises a FQDN, file path, and often script parameters. URL redirection refers to the use of HTTP redirects to open a page other than the one the user requested. This is often used for legitimate purposes—to send the user to a login page or to send a mobile device browser to a responsive version of the site, for instance. If the redirect is not properly validated by the web application, an attacker can craft a phishing link that might appear legitimate to a naïve user, such as: https://trusted.foo/login.php?url="https://tru5ted.foo" A threat actor could also compromise a web server and add redirects in .htaccess files. A redirect could also be inserted as JavaScript, either through compromising the server or by uploading a script via a poorly validated form.

TLS

As with other early TCP/IP application protocols, HTTP communications are not secured. Secure Sockets Layer (SSL) was developed by Netscape in the 1990s to address the lack of security in HTTP. SSL proved very popular with the industry, and it was quickly adopted as a standard named Transport Layer Security (TLS). It is typically used with HTTP (referred to as HTTPS or HTTP Secure) but can also be used to secure other application protocols and as a virtual private networking (VPN) solution. To implement TLS, a server is assigned a digital certificate signed by some trusted certificate authority (CA). The certificate proves the identity of the server (assuming that the client trusts the CA) and validates the server's public/private key pair. The server uses its key pair and the TLS protocol to agree mutually supported ciphers with the client and negotiate an encrypted communications session. HTTPS operates over port 443 by default. HTTPS operation is indicated by using https:// for the URL and by a padlock icon shown in the browser. It is also possible to install a certificate on the client so that the server can trust the client. This is not often used on the web but is a feature of VPNs and enterprise networks that require mutual authentication.

secure/multipurpose internet mail extensions

Connection security goes a long way toward preventing the compromise of email accounts and the spoofing of email, but end-to-end encryption cannot usually be guaranteed. Consequently, there is still a need for authentication and confidentiality to be applied on a per-message basis. One means of doing this is called Secure/Multipurpose Internet Mail Extensions (S/MIME). To use S/MIME, the user is issued a digital certificate containing his or her public key, signed by a CA to establish its validity. The public key is a pair with a private key kept secret by the user. To establish the exchange of secure emails, both users must be using S/MIME and exchange certificates: Alice sends Bob her digital certificate, containing her public key and validated digital ID (an email address). She signs this message using her private key. Bob uses the public key in the certificate to decode her signature and the signature of the CA (or chain of CAs) validating her digital certificate and digital ID and decides that he can trust Alice and her email address. He responds with his digital certificate and public key and Alice, following the same process, decides to trust Bob. Both Alice and Bob now have one another's certificates in their trusted certificate stores. When Alice wants to send Bob a confidential message, she makes a hash of the message and signs the hash using her private key. She then encrypts the message, hash, and her public key using Bob's public key and sends a message to Bob with this data as an S/MIME attachment. Bob receives the message and decrypts the attachment using his private key. He validates the signature and the integrity of the message by decrypting it with Alice's public key and comparing her hash value with one he makes himself.

DNS security

DNS is a critical service that should be configured to be fault tolerant. DoS attacks are hard to perform against the servers that perform Internet name resolution, but if an attacker can target the DNS server on a private network, it is possible to seriously disrupt the operation of that network. To ensure DNS security on a private network, local DNS servers should only accept recursive queries from local hosts (preferably authenticated local hosts) and not from the Internet. You also need to implement access control measures on the server, to prevent a malicious user from altering records manually. Similarly, clients should be restricted to using authorized resolvers to perform name resolution. Attacks on DNS may also target the server application and/or configuration. Many DNS services run on BIND (Berkley Internet Name Domain), distributed by the Internet Software Consortium (isc.org). There are known vulnerabilities in many versions of the BIND server, so it is critical to patch the server to the latest version. The same general advice applies to other DNS server software, such as Microsoft's. Obtain and check security announcements and then test and apply critical and security-related patches and upgrades. DNS footprinting means obtaining information about a private network by using its DNS server to perform a zone transfer (all the records in a domain) to a rogue DNS or simply by querying the DNS service, using a tool such as nslookup or dig. To prevent this, you can apply an Access Control List to prevent zone transfers to unauthorized hosts or domains, to prevent an external server from obtaining information about the private network architecture.

dns poisoning: dns server cache poisoning

DNS server cache poisoning aims to corrupt the records held by the DNS server itself. This can be accomplished by performing DoS against the server that holds the authorized records for the domain, and then spoofing replies to requests from other name servers. Another attack involves getting the victim name server to respond to a recursive query from the attacking host. A recursive query compels the DNS server to query the authoritative server for the answer on behalf of the client. The attacker's DNS, masquerading as the authoritative name server, responds with the answer to the query, but also includes a lot of false domain:IP mappings for other domains that the victim DNS accepts as genuine. The nslookup or dig tool can be used to query the name records and cached records held by a server to discover whether any false records have been inserted.

domain hijacking

Domain hijacking is an attack where an adversary acquires a domain for a company's trading name or trademark, or perhaps some spelling variation thereof. While there are often trademark and intellectual property laws against doing this, companies need to be careful to renew domain names that they want to continue to use and to protect the credentials used to manage the registration. A domain name must be re-registered every year at minimum. In a domain hijacking attack an adversary gains control over the registration of a domain name, allowing the host records to be configured to IP addresses of the attacker's choosing. This might be accomplished by supplying false credentials to the domain registrar when applying for a new domain name or re-registering an existing one. An attacker might also be able to exploit the legitimate account used to manage the domain (via a weak password or malware installed on a client computer) or even to compromise the domain registrar's security procedures in some way (upguard.com/blog/domain-hijacking). A company whose domain has been hijacked is likely to find that they are locked out of the registrar's management console, or that the domain has been transferred to another registrar, often operating in a different country. The whois command can be used to lookup domain registration information to try to detect misuse in other cases.

subscription services

Employees may require access to all kinds of subscription services. Some examples include: Market and financial intelligence and information. Security threat intelligence and information. Reference and training materials in various formats (ebook and video, for instance). Software applications and cloud services paid for by subscription rather than permanent licenses. Most of this sort of content will be delivered by a secure web site or cloud application. It may be necessary to provision authentication mechanisms for enterprise single sign-on (SSO) access to the services. Another use of subscriptions is a web feed, where updated articles or news items are pushed to the client or browser. Web feeds are based on either the Really Simple Syndication (RSS) or Atom formats, both of which use XML to mark up each document supplied by the feed. It is possible that such feeds may be vulnerable to XML injection style attacks, allowing an attacker to show malicious links or even interact with the file system (https://mikeknoop.com/lxml-xxe-exploit).

encapsulation security payload

Encapsulation Security Payload (ESP) provides confidentiality and/or authentication and integrity. It can be used to encrypt the packet rather than simply calculating an HMAC. ESP attaches three fields to the packet: a header, a trailer (providing padding for the cryptographic function), and an Integrity Check Value. Unlike AH, ESP excludes the IP header when calculating the ICV.

API considerations

HTTP is now used less to serve static web pages, and more to create web applications, often as part of a cloud product. An enterprise might use both public web applications over the Internet and private ones. The primary means of configuring and managing a web application is via its application programming interface (API). For example, an application might allow a user account to be created via a URL: https://example.foo/api/users?api_key=123456 The developer uses the POST method to submit data to the URL with the required parameters coded into the request body, often in JavaScript Object Notation (JSON). POST /api/users HTTP/1.1 Content-Type: application/json { "user": { "name": "James", "email": "[email protected]" } } Use of these APIs is authorized via a token or secret key. Effective management of these API secrets is a key consideration in modern networks, as they have been widely used to perpetrate various breaches and data thefts. For example, putting the key in the URL carries a severe risk of exposure. APIs can use more secure authentication and authorization methods, such as SAML and OAuth, but these still come with secrets management requirements. Another API consideration is that usage should be monitored to ensure only authorized endpoints are making transactions.

IKE

IPSec's encryption and hashing functions depend on a shared secret. The secret must be communicated to both hosts and the hosts must confirm one another's identity (mutual authentication). Otherwise, the connection is vulnerable to man-in-the-middle and spoofing attacks. The Internet Key Exchange (IKE) protocol handles authentication and key exchange, referred to as Security Associations (SA).

dns poisoning: man in the middle

If the threat actor has access to the same local network as the victim, the attacker can use ARP poisoning to impersonate a legitimate DNS server and respond to DNS queries from the victim with spoofed replies. This might be combined with a denial of service attack on the victim's legitimate DNS server. A rogue DHCP could be used to configure clients with the address of a rogue DNS resolver.

network address allocation

Most networks use a mixture of static and dynamic address allocation. Interface addresses for routers, firewalls, and some types of servers are best assigned and managed manually. Other server services and client workstations can be assigned dynamic IP configurations and accessed using name resolution. The Dynamic Host Configuration Protocol (DHCP) provides an automatic method for network address allocation. The key point about DHCP is that only one server should be offering addresses to any one group of hosts. If a rogue DHCP server is set up, it can perform DoS (as client machines will obtain an incorrect TCP/IP configuration) or be used to snoop network information. DHCP starvation is a type of DoS attack where a rogue client repeatedly requests new IP addresses using spoofed MAC addresses, with the aim of exhausting the IP address pool. This makes it more likely that clients seeking an address lease will use the rogue DHCP server. Enabling the DHCP snooping port security feature on a switch can mitigate rogue DHCP attacks. Windows DHCP servers in an AD environment automatically log any traffic detected from unauthorized DHCP servers. More generally, administration of the DHCP server itself must be carefully controlled and the settings checked regularly. If an attacker compromises the DHCP server, he or she could point network clients to rogue DNS servers and use that as a means to direct users to spoofed websites. Another attack is to redirect traffic through the attacker's machine by changing the default gateway, enabling the attacker to snoop on all network traffic.

jump servers

One of the challenges of managing hosts that are exposed to the Internet, such as servers and appliances in a DMZ, is to provide administrative access to them. Accessing these individual hosts directly from a secure zone may open their administrative interfaces to exploitation and be used as a pivot point back into the internal network. Consequently, the administrative servers in the secure zone that are permitted to access hosts in the DMZ must be tightly controlled. Configuring and auditing this type of control when there are many different servers operating in both zones is complex. One solution to this complexity is to add a single administration server, or jump server, to the secure zone. The jump server only runs the necessary administrative port and protocol (typically SSH or RDP). Administrators connect to the jump server then use the jump server to connect to the admin interface on the application server. The application server's admin interface has a single entry in its ACL (the jump server) and denies connection attempts from any other hosts.

ike negotiations take place over two phases

Phase I establishes the identity of the two hosts and performs key agreement using the Diffie-Hellman algorithm to create a secure channel. Two methods of authenticating hosts are commonly used:Digital certificates—the hosts use certificates issued by a mutually trusted certificate authority to identify one another.Pre-shared key (group authentication)—the same passphrase is configured on both hosts. Phase II uses the secure channel created in Phase I to establish which ciphers and key sizes will be used with AH and/or ESP in the IPSec session.

out of band management and jump servers

Remote access management refers to the specific use case of using a secure channel to administer a network appliance or server. The secure admin workstations (SAWs) used to perform management functions must be tightly locked down, ideally installed with no software other than that required to access the administrative channel—minimal web browser, remote desktop client, or SSH virtual terminal, for instance. SAWs should be denied Internet access or be restricted to a handful of approved vendor sites (for patches, drivers, and support). The devices must also be subject to stringent access control and auditing so that any misuse is detected at the earliest opportunity.

remote access architecture

Remote access means that the user's device does not make a direct cabled or wireless connection to the network. The connection occurs over or through an intermediate network. Historically, remote access might have used analog modems connecting over the telephone system or possibly a private link (a leased line). These days, most remote access is implemented as a virtual private network (VPN), running over the Internet. Administering remote access involves essentially the same tasks as administering the local network. Only authorized users should be allowed access to local network resources and communication channels. Additional complexity comes about because it can be more difficult to ensure the security of remote workstations and servers and there is greater opportunity for remote logins to be exploited. With a remote access VPN, clients connect to a VPN gateway on the edge of the private network. This is the "telecommuter" model, allowing home-workers and employees working in the field to connect to the corporate network. The VPN protocol establishes a secure tunnel so that the contents are kept private, even when the packets pass over ISPs' routers. A VPN can also be deployed in a site-to-site model to connect two or more private networks. Where remote access VPN connections are typically initiated by the client, a site-to-site VPN is configured to operate automatically. The gateways exchange security information using whichever protocol the VPN is based on. This establishes a trust relationship between the gateways and sets up a secure connection through which to tunnel data. Hosts at each site do not need to be configured with any information about the VPN. The routing infrastructure at each site determines whether to deliver traffic locally or send it over the VPN tunnel.

out-of-band management

Remote management methods can be described as either in-band or out-of-band (OOB). An in-band management link is one that shares traffic with other communications on the "production" network. A serial console or modem port on a router is a physically out-of-band management method. When using a browser-based management interface or a virtual terminal over Ethernet and IP, the link can be made out-of-band by connecting the port used for management access to physically separate network infrastructure. This can be costly to implement, but out-of-band management is more secure and means that access to the device is preserved when there are problems affecting the production network. With an in-band connection, better security can be implemented by using a VLAN to isolate management traffic. This makes it harder for potential eavesdroppers to view or modify traffic passing over the management interface. This sort of virtual OOB does still mean that access could be compromised by a system-wide network failure, however.

ssh commands

SSH commands are used to connect to hosts and set up authentication methods. To connect to an SSH server at 10.1.0.10 using an account named "bobby" and password authentication, run: ssh [email protected] The following commands create a new key pair and copy it to an account on the remote server: ssh-keygen -t rsa ssh-copy-id [email protected] At an SSH prompt, you can now use the standard Linux shell commands. Use exit to close the connection. You can also use the scp command to copy a file from the remote server to the local host: scp [email protected]:/logs/audit.log audit.log Reverse the arguments to copy a file from the local host to the remote server. To copy the contents of a directory and any subdirectories (recursively), use the -r option.

secure imap (imaps)

Secure IMAP (IMAPS) Compared to POP3, the Internet Message Access Protocol v4 (IMAP4) supports permanent connections to a server and connecting multiple clients to the same mailbox simultaneously. It also allows a client to manage mail folders on the server. Clients connect to IMAP over TCP port 143. They authenticate themselves then retrieve messages from the designated folders. As with other email protocols, the connection can be secured by establishing an SSL/TLS tunnel. The default port for IMAPS is TCP port 993.

ssh client authentication

Secure Shell Rate Your Confidence HighMediumLowContinue CategoryTopic 11C: Implement Secure Remote Access Protocols SECURE SHELL Secure Shell (SSH) is the principal means of obtaining secure remote access to a command line terminal. The main uses of SSH are for remote administration and secure file transfer (SFTP). There are numerous commercial and open source SSH products available for all the major network operating system (NOS) platforms. The most widely used is OpenSSH (openssh.com). SSH servers are identified by a public/private key pair (the host key). A mapping of host names to public keys can be kept manually by each SSH client or there are various enterprise software products designed for SSH host key management. Confirming the SSH server's host key using the PuTTY SSH client (Screenshot used with permission from PuTTY.) The host key must be changed if any compromise of the host is suspected. If an attacker has obtained the private key of a server or appliance, they can masquerade as that server or appliance and perform a man-in-the-middle attack, usually with a view to obtaining other network credentials. The server's host key is used to set up a secure channel to use for the client to submit authentication credentials. SSH Client Authentication SSH allows various methods for the client to authenticate to the SSH server. Each of these methods can be enabled or disabled as required on the server, using the /etc/ssh/sshd_config file: Username/password—the client submits credentials that are verified by the SSH server either against a local user database or using a RADIUS/TACACS+ server. Public key authentication—each remote user's public key is added to a list of keys authorized for each local account on the SSH server. Kerberos—the client submits a Ticket Granting Ticket (TGT) to the Ticket Granting Service (TGS) along with the Service Principal Name (SPN) of the SSH server that the client wants to access. The Key Distribution Center (KDC) verifies the TGT of the client to authorize access. The TGS then sends a valid session key to the client that can be forwarded to the SSH server to prove identity and gain access. Managing valid client public keys is a critical security task. Many recent attacks on web servers have exploited poor key management. If a user's private key is compromised, delete the public key from the appliance then regenerate the key pair on the user's (remediated) client device and copy the public key to the SSH server. Always delete public keys if the user's access permissions have been revoked.

SSH

Secure Shell (SSH) is the principal means of obtaining secure remote access to a command line terminal. The main uses of SSH are for remote administration and secure file transfer (SFTP). There are numerous commercial and open source SSH products available for all the major network operating system (NOS) platforms. The most widely used is OpenSSH (openssh.com). SSH servers are identified by a public/private key pair (the host key). A mapping of host names to public keys can be kept manually by each SSH client or there are various enterprise software products designed for SSH host key management. Confirming the SSH server's host key using the PuTTY SSH client (Screenshot used with permission from PuTTY.) The host key must be changed if any compromise of the host is suspected. If an attacker has obtained the private key of a server or appliance, they can masquerade as that server or appliance and perform a man-in-the-middle attack, usually with a view to obtaining other network credentials. The server's host key is used to set up a secure channel to use for the client to submit authentication credentials.

vpn security technology

Several VPN protocols have been used over the years. Legacy protocols such as the Point-to-Point Tunneling Protocol (PPTP) have been deprecated because they do not offer adequate security. Transport Layer Security (TLS) and IPSec are now the preferred options for configuring VPN access.

time synchronization

TIME SYNCHRONIZATION Many applications on networks are time dependent and time critical. These include authentication and security mechanisms, scheduling applications, and backup software. The Network Time Protocol (NTP) provides a transport over which to synchronize these time dependent applications. NTP works over UDP on port 123. Top-level NTP servers (stratum 1) obtain the Coordinated Universal Time (UTC) from a highly accurate clock source, such as an atomic clock. Lower tier servers then obtain the UTC from multiple stratum 1 servers and sample the results to obtain an authoritative time. Most organizations will use a stratum 2 server to obtain the time for use on the LAN. Servers at lower tiers may then perform the same sort of sampling operation, adjust for the delay involved in propagating the signal, and provide the time to clients. Clients themselves usually obtain the time using a modified form of the protocol (Simple NTP). NTP has historically lacked any sort of security mechanism, but there are moves to create a security extension for the protocol called Network Time Security (blog.cloudflare.com/secure-time).

authentication header

The Authentication Header (AH) protocol performs a cryptographic hash on the whole packet, including the IP header, plus a shared secret key (known only to the communicating hosts), and adds this HMAC in its header as an Integrity Check Value (ICV). The recipient performs the same function on the packet and key and should derive the same value to confirm that the packet has not been modified. The payload is not encrypted so this protocol does not provide confidentiality. Also, the inclusion of IP header fields in the ICV means that the check will fail across NAT gateways, where the IP address is rewritten. Consequently, AH is not often used.

snmp

The Simple Network Management Protocol (SNMP) is a widely used framework for management and monitoring. SNMP consists of an SNMP monitor and agents. The agent is a process (software or firmware) running on a switch, router, server, or other SNMP-compatible network device. This agent maintains a database called a management information base (MIB) that holds statistics relating to the activity of the device (for example, the number of frames per second handled by a switch). The agent is also capable of initiating a trap operation where it informs the management system of a notable event (port failure, for instance). The threshold for triggering traps can be set for each value. Device queries take place over port 161 (UDP); traps are communicated over port 162 (also UDP). The SNMP monitor (a software program) provides a location from which network activity can be overseen. It monitors all agents by polling them at regular intervals for information from their MIBs and displays the information for review. It also displays any trap operations as alerts for the network administrator to assess and act upon as necessary. If SNMP is not used, you should remember to change the default configuration password and disable it on any SNMP-capable devices that you add to the network. If you are running SNMP v1 or v2c, keep to the following guidelines: SNMP community names are sent in plaintext and so should not be transmitted over the network if there is any risk that they could be intercepted. Use difficult to guess community names; never leave the community name blank or set to the default. Use Access Control Lists to restrict management operations to known hosts (that is, restrict to one or two host IP addresses). SNMP v3 supports encryption and strong user-based authentication. Instead of community names, the agent is configured with a list of usernames and access permissions. When authentication is required, the SNMP message is signed with a hash of the user's passphrase. The agent can verify the signature and authenticate the user using its own record of the passphrase.

http and web services

The foundation of web technology is the HyperText Transfer Protocol (HTTP). HTTP enables clients (typically web browsers) to request resources from an HTTP server. A client connects to the HTTP server using an appropriate TCP port (the default is port 80) and submits a request for a resource, using a uniform resource locator (URL). The server acknowledges the request and responds with the data (or an error message). The response and request payload formats are defined in an HTTP header. The HTTP payload is usually used to serve HTML web pages, which are plaintext files with coded tags (HyperText Markup Language) describing how the page should be formatted. A web browser can interpret the tags and display the text and other resources associated with the page, such as binary picture or sound files linked to the HTML page. HTTP also features a forms mechanism (POST) whereby a user can submit data from the client to the server. HTTP is nominally a stateless protocol; this means that the server preserves no information about the client during a session. However, the basic functionality of HTTP servers is often extended by support for scripting and programmable features (web applications). Servers can also set text file cookies to preserve session information. These coding features, plus integration with databases, increase flexibility and interactivity, but also increase the attack surface which exposes more vulnerabilities. Many argue that HTTP is a stateful protocol. Version 2 of HTTP adds more state-preserving features (blog.zamicol.com/2017/05/is-http2-stateful-protocol-application.html).

the principles underlying ipsec are the same for ipv4 and ipv6 in what way(s)

The principles underlying IPSec are the same for IPv4 and IPv6, but the header formats are different. IPSec makes use of extension headers in IPv6 while in IPv4, ESP and AH are allocated new IP protocol numbers (50 and 51), and either modify the original IP header or encapsulate the original packet, depending on whether transport or tunnel mode is used.

file transfer services

There are many means of transferring files across networks. A network operating system can host shared folders and files, enabling them to be copied or accessed over the local network or via remote access (over a VPN, for instance). Email and messaging apps can send files as attachments. HTTP supports file download (and uploads via various scripting mechanisms). There are also peer-to-peer file sharing services. Despite the availability of these newer protocols and services, the file transfer protocol (FTP) remains very popular because it is efficient and has wide cross-platform support. File Transfer Protocol A File Transfer Protocol (FTP) server is typically configured with several public directories, hosting files, and user accounts. Most HTTP servers also function as FTP servers, and FTP services, accounts, and directories may be installed and enabled by default when you install a web server. FTP is more efficient compared to file attachments or HTTP file transfer, but has no security mechanisms. All authentication and data transfer are communicated as plaintext, meaning that credentials can easily be picked out of any intercepted FTP traffic. You should check that users do not install unauthorized servers on their PCs (a rogue server). For example, a version of IIS that includes HTTP, FTP, and SMTP servers is shipped with client versions of Windows, though it is not installed by default. SSH FTP (SFTP) and FTP Over SSL (FTPS) SSH FTP (SFTP) addresses the privacy and integrity issues of FTP by encrypting the authentication and data transfer between client and server. In SFTP, a secure link is created between the client and server using Secure Shell (SSH) over TCP port 22. Ordinary FTP commands and data transfer can then be sent over the secure link without risk of eavesdropping or man-in-the-middle attacks. This solution requires an SSH server that supports SFTP and SFTP client software. Another means of securing FTP is to use the connection security protocol SSL/TLS. There are two means of doing this: Explicit TLS (FTPES)—use the AUTH TLS command to upgrade an unsecure connection established over port 21 to a secure one. This protects authentication credentials. The data connection for the actual file transfers can also be encrypted (using the PROT command). Implicit TLS (FTPS)—negotiate an SSL/TLS tunnel before the exchange of any FTP commands. This mode uses the secure port 990 for the control connection. FTPS is tricky to configure when there are firewalls between the client and server. Consequently, FTPES is usually the preferred method.

always-on VPN

Traditional remote access VPN solutions require the user to initiate the connection and enter their authentication credentials. An always-on VPN means that the computer establishes the VPN whenever an Internet connection over a trusted network is detected, using the user's cached credentials to authenticate. Microsoft has an Always-On VPN solution for Windows Server and Windows 10 clients (docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/always-on-vpn-deploy-deployment) and an OpenVPN client can be configured to autoconnect (openvpn.net/vpn-server-resources/setting-your-client-to-automatically-connect-to-your-vpn-when-your-computer-starts).

layer 2 tunneling protocol and ike v2

This first version of IKE is optimized to ensure the mutual authentication of two peer hosts, such as in a site-to-site VPN. On its own, it does not provide a simple means for a client user account to authenticate to a remote network directory. Consequently, for remote access VPNs, a combination of IPSec with the Layer 2 Tunneling Protocol (L2TP) VPN protocol is often used. Layer 2 Tunneling Protocol/IPSec VPN A L2TP/IPSec VPN would typically operate as follows: The client and VPN gateway set up a secure IPSec channel over the Internet, using either a pre-shared key or certificates for IKE. The VPN gateway uses L2TP to set up a tunnel to exchange local network data encapsulated as Point-to-Point Protocol (PPP) frames. This double encapsulation of traffic is the main drawback, as it adds overhead. The user authenticates over the PPP session using EAP or CHAP. IKE v2 The drawbacks of the original version of IKE were addressed by an updated protocol. IKE v2 has some additional features that have made the protocol popular for use as a standalone remote access VPN solution. The main changes are: Support for EAP authentication methods, allowing, for example, user authentication against a RADIUS server. Simplified connection set up—IKE v2 specifies a single 4-message setup mode, reducing bandwidth without compromising security. Reliability—IKE v2 allows NAT traversal and MOBIKE multihoming. Multihoming means that a client such as a smartphone with multiple interfaces (such as Wi-Fi and cellular) can keep the IPSec connection alive when switching between them. Compared to L2TP/IPSec, using IKE v2 is more efficient. This solution is becoming much better supported, with native support in Windows 10, for instance.

vpn client configuration

To configure a VPN client, you may need to install the client software if the VPN type is not natively supported by the OS. For example, OpenVPN requires client installation. You then configure the client with the address of the VPN gateway, the VPN protocol type (if it cannot autodetect it), the username, and the account credentials. You may also need to deploy a client certificate that is trusted by the VPN concentrator to the machine and make that available to the VPN client. In addition, you might need to configure settings for how the VPN connection operates.

IPsec

Transport Layer Security is applied at the application level, either by using a separate secure port or by using commands in the application protocol to negotiate a secure connection. Internet Protocol Security (IPSec) operates at the network layer (layer 3) of the OSI model, so it can be implemented without having to configure specific application support. IPSec can provide both confidentiality (by encrypting data packets) and integrity/anti-replay (by signing each packet). The main drawback is that it adds overhead to data communications. IPSec can be used to secure communications on local networks and as a remote access protocol. When IPv6 was being drafted, IPSec was considered a mandatory component as it was felt that all traffic over the new protocol should be secure. In recent years, RFCs have been revised so that now, IPSec is recommended for IPv6 but no longer mandatory (tools.ietf.org/html/rfc6434#page-17). Each host that uses IPSec must be assigned a policy. An IPSec policy sets the authentication mechanism and also the protocols and mode for the connection. Hosts must be able to match at least one matching security method for a connection to be established. There are two core protocols in IPSec, which can be applied singly or together, depending on the policy.

split tunnel versus full tunnel

When a client connected to a remote access VPN tries to access other sites on the Internet, there are two ways to manage the connection: Split tunnel—the client accesses the Internet directly using its "native" IP configuration and DNS servers. Split tunnel VPN traffic flow. (Images © 123RF.com.) Full tunnel—Internet access is mediated by the corporate network, which will alter the client's IP address and DNS servers and may use a proxy. Full tunnel offers better security, but the network address translations and DNS operations required may cause problems with some websites, especially cloud services. It also means more data is channeled over the link.

secure pop

When a recipient's email client connects to a server mailbox, POP3 downloads the email messages. Configuring mailbox access protocols on a server. A POP3 client application, such as Microsoft Outlook or Mozilla Thunderbird, establishes a TCP connection to the POP3 server over port 110. The user is authenticated (by username and password) and the contents of his or her mailbox are downloaded for processing on the local PC. POP3S is the secured version of the protocol, operating over TCP port 995 by default.

SSL/TLS versions

While the acronym SSL is still used, the Transport Layer Security versions are the only ones that are safe to use. A server can provide support for legacy clients, but obviously this is less secure. For example, a TLS 1.2 server could be configured to allow clients to downgrade to TLS 1.1 or 1.0 or even SSL 3.0 if they do not support TLS 1.2. A downgrade attack is where a man-in-the-middle tries to force the use of a weak cipher suite and SSL/TLS version. TLS version 1.3 was approved in 2018. One of the main features of TLS 1.3 is the removal of the ability to perform downgrade attacks by preventing the use of unsecure features and algorithms from previous versions. There are also changes to the handshake protocol to reduce the number of messages and speed up connections.

dns security extensions

help to mitigate against spoofing and poisoning attacks by providing a validation process for DNS responses. With DNSSEC enabled, the authoritative server for the zone creates a "package" of resource records (called an RRset) signed with a private key (the Zone Signing Key). When another server requests a secure record exchange, the authoritative server returns the package along with its public key, which can be used to verify the signature. The public zone signing key is itself signed with a separate Key Signing Key. Separate keys are used so that if there is some sort of compromise of the zone signing key, the domain can continue to operate securely by revoking the compromised key and issuing a new one. Windows Server DNS services with DNSSEC enabled. (Screenshot used with permission from Microsoft.) The Key Signing Key for a particular domain is validated by the parent domain or host ISP. The top-level domain trusts are validated by the Regional Internet Registries and the DNS root servers are self-validated, using a type of M-of-N control group key signing. This establishes a chain of trust from the root servers down to any particular subdomain.

tunnel mode

this mode is used for communications between VPN gateways across an unsecure network (creating a VPN). This is also referred to as a router implementation. With ESP, the whole IP packet (header and payload) is encrypted and encapsulated as a datagram with a new IP header. AH has no real use case in tunnel mode, as confidentiality will usually be required.

transport mode

this mode is used to secure communications between hosts on a private network (an end-to-end implementation). When ESP is applied in transport mode, the IP header for each packet is not encrypted, just the payload data. If AH is used in transport mode, it can provide integrity for the IP header.

ipsec can be used in two modes

transport mode, tunnel mode