Presentation on theme: "Sikkerhed Denne præsentation handler om Netværkssikkerhed."— Presentation transcript:
Sikkerhed Denne præsentation handler om Netværkssikkerhed
Emner Packet analyser – WireShark Packet Filtering – Filterrouter Den komplette Firewall konfiguration Firewall begreber –Screening router, Filter router, packetfiltering –Demilitarized zone (DMZ), Perimeter net –Proxy Server – Caching server –Circuit Level Gateway, Application Level Gateway –Network Address Translation (NAT) VPN – Virtual Private Networks – krypteret data Andre krypteringsstandarder – HTTPS og Kerberos Sikkerheds Politikker Sikkerheds Stategier
Packet analyzer - Wireshark Download and install WireShark –WireShark – DownloadWireShark – Download Demonstation af WireShark –Hent siden fra http://babylon.lyngbyes.dk/tfl/demo/demo- request.html http://babylon.lyngbyes.dk/tfl/demo/demo- request.html Se på protokol header’s fra –HTTP, TCP,IP, EthernetII
Screening Router – Filter Router? Packet filtering arbejder på TCP-, UDP- og IP-headerne evt. ICMP TCP og UDP: Portnumre (fra og til) IP: –IP-adresserne (fra og til) –Protokol-feltet Evt. ICMP – type (Specielt Echo- Req/Reply – Ping)
Enheder i et Netværk Enhedernes funktion –Hub Lag 1 enhed - elektrisk signal forstærker – alt der modtages på en port, retransmitteres på alle porte –Switch Lag 2 enhed – ser og lærer MAC-adresser – sender kun data til den port med en enhed med aktuelle adresse – broadcasts ud på alle porte
Enheder i et Netværk forts. –Router Lag 3 enhed – Ser på IP-adresser Vælger bedste rute pbg. r –Access Point (AP) Lag 2 enhed – RF –kanaler – Mac adresser Alle indenfor RF dækningsområdet kan lytte med
Den komplette Firewall konfiguration Tegning på tavlen hvor begreberne/enhederne placeres –Screening router, Filter router, packetfiltering –Demilitarized zone (DMZ), Perimeter net –Proxy Server – Caching server –Circuit Level Gateway, Application Level Gateway –Network Address Translation (NAT)
Firewall eks. fra bogens kap. 6
Network Address Translation (NAT)
VPN – Virtual Private Network Hvad opnås: –Al data sendes over det økonomisk billige åbne Internet Hvordan: –Data krypteres mellem afsender og modtager Standarder: –IPSec, PPTP, L2TP
Krypterede sikre forbindelser HTTPS – SSLv3/TLS –Authentication baseres på Certificater (X509) –Kendt fra Netbank forbindelser og Internet handel –Hvor HTTP normalt anvender port 80, anvender HTTPS port 443 Authorization standard –Kerberos (bl.a. M/S Windows)
Politik, Strategi, Taktik People sometimes confuse the words "policy", "strategy", and "tactics". A policy is what determines what wars you're going to fight and why. A strategy is the plan for carrying out the war. A tactic is a method for carrying out a strategy. Presidents determine policy; generals determine strategies; and anybody down to a foot soldier might determine a tactic.
Sikkerheds Politikker og Stategier Politics (Chap 25) –The policy we're talking about here is like a nation's foreign policy. It might be discussed in documents – of varying amounts of legibility - but its primary purpose is to establish a direction, a theory of what you're trying to achieve.
The Security Policy First and foremost, a security policy is a way of communicating with users and managers. It should tell them what they need to know to make the decisions they need to make about security. Explanations –It's important that the policy be explicit and understandable about why certain decisions have been made.
The Security Policy cont. Everybody's responsibilities –A policy sets explicit expectations and responsibilities among you, your users, and your management; it lets all of you know what to expect from each other. Regular language –Most people are not lawyers, and they're not security experts. They're comfortable with casual descriptions.
Enforcement authority –Writing down the policy is not the point; living by it is. That means that when the policy isn't followed, something should happen to fix the situation. Examples of what a security policy might specify: –Managers of certain services have the authority to revoke access. –Managers of employees will be asked to take care of some kinds of transgressions. –The people who run the corporate network may cut off facilities that don't meet certain standards.
No policy is perfect. You can't cover every possible future event, and the policy will be unreadable and unusable if you even try. Therefore, you need to specify what process will be used to make exceptions. Therefore - Provision for exceptions
Revision of The Security Politic You can't expect to set up a policy once and forget it. The needs of your site will change over time, and policies that were perfectly sensible may become either too restrictive or too lax. Therefore - Provision for reviews
Examples of specific security issues Who is allowed to have an account at your site? Do you have guest accounts? What do you do about contractors, vendors, and clients? Can accounts be shared among multiple people? What about a secretary who uses an executive's account to process that person's electronic mail? What about joint projects? What about family members? Is it sharing an account if you let somebody else borrow a window on your machine really quickly? When do people lose the privilege of having an account, and what do you do about it? What happens if people leave or are denied access? Who can set up dial-in modems? Is it OK for other people to set up dial-out modems? Is there anything special about PPP, SLIP, or ISDN lines? What do people need to do before they connect a computer to the main network? How secure do computers need to be before they get services from centrally maintained machines? How secure do computers need to be in order to connect to a network with unprotected access to the nternet? How is financial data going to be protected?
Examples of specific security issues cont. How is confidential information about people going to be protected? Are other, perhaps foreign, offices covered by different laws regarding the handling of this type of information? What do individual users need to do to protect themselves and the site? What kinds of passwords should they have, and when should they change them? What can people do on the Internet? Should they be importing random executables and running them? What precautions do you need to take against viruses on personal computers? Who can connect your site to external networks, and what's an external network? Is it OK for a project manager to connect your site to another specific site? What about connections to business partners? How about other connections to the Internet? How are home computers going to be secured? How are they going to get secure access to your network? How are people who are traveling going to get access to the network? What are the requirements for systems performing electronic commerce? What information is considered company confidential? How is it going to be protected? Can it be sent outside the site via electronic mail? If you have remote sites, how are they going to get secure access to your main network?
Sikkerheds Strategier Least Privilege –The principle of least privilege means that any object (user, administrator, program, system, whatever) should have only the privileges the object needs to perform its assigned tasks – and no more. Don't give a user administrative rights for a system if all she needs to do is reset the print system. Instead, provide a way to reset the print system without administrative rights Don't make a program run as a user with general privileges if all it needs to do is write to one protected file. Make the file belong to a spec. group and make the program run as a menber of that group.
Sikkerheds Strategier cont. Defense in Depth –Don't depend on just one security mechanism, however strong it may seem to be; instead, install multiple mechanisms that back each other up. Don't pretend that firewalls are a complete solution to the whole range of Internet security problems. Any security - even the most seemingly impenetrable firewall - can be breached by attackers who are willing to take enough risk and bring enough power to bear. Choke Point –A choke point forces attackers to use a narrow channel, which you can monitor and control. In network security, the firewall between your site and the Internet (assuming that it's the only connection between your site and the Internet) is such a choke point A choke point is useless if there's an effective way for an attacker to go around it.
Sikkerheds Strategier cont. Weakest Link –A chain is only as strong as its weakest link and a wall is only as strong as its weakest point. You need to be aware of the weak points of your defense so that you can take steps to eliminate them, and so that you can carefully monitor those you can't eliminate. For instance, it's usually reasonable to worry more about people attacking you over the network than about people actually coming to your site to attack you physically; therefore, you can usually allow your physical security to be your weakest link. It's not reasonable to neglect physical security altogether, however, because there's still some threat there.
Sikkerheds Strategier cont. Fail-Safe Stance –Another fundamental principle of security is that, to the extent possible, systems should fail safe ; that is, if they're going to fail, they should fail in such a way that they deny access to an attacker, rather than letting the attacker in. The failure may also result in denying access to legitimate users as well, until repairs are made, but this is usually an acceptable trade-off.
Sikkerheds Strategier cont. Default Deny Stance: That Which Is Not Expressly Permitted Is Prohibited –With the default deny stance, you prohibit everything by default; then, to determine what you are going to allow,you: Examine the services your users want. Consider the security implications of these services and how you can safely provide them. Allow only the services that you understand, can provide safely, and see a legitimate need for. Default Permit Stance: That Which Is Not Expressly Prohibited Is Permitted –Most users and managers prefer the default permit stance. They tend to assume that everything will be, by default, permitted, and that certain specific, troublesome actions and services will then be prohibited as necessary. Default Permit Stance: This is definitely not a fail-safe stance.
Sikkerheds Strategier cont. Universal Participation –All must participate, with or without interrest Make an environment where people are encouraged and motivated to participate Diversity of Defense –Diversity of defense is closely related to depth of defense but takes matters a bit further; it's the idea that you need not only multiple layers of defense, but different kinds of defense. Fx. Don’t rely on the same basic OS, mix them
Sikkerheds Strategier the last Simplicity –Simplicity is a security strategy for two reasons. First, keeping things simple makes them easier to understand; if you don't understand something, you can't really know whether or not it's secure. Second, complexity provides nooks and crannies for all sorts of things to hide in; it's easier to secure a studio apartment than a mansion. Complex programs have more bugs, any of which may be security problems. You therefore want things as simple and elegant as possible; simple to understand, simple to use, simple to administer.