Guide to Operating System Security Chapter 10 Security
2 Guide to Operating System Security Objectives Understand the use of SMTP in and attacks on SMTP Explain how can be secured through certificates and encryption Discuss general techniques for securing Configure security in popular tools
3 Guide to Operating System Security Overview of SMTP Enables exchange of across networks and the Internet Provides reliable – but not guaranteed – message transport No logon ID or password required A client and server process
4 Guide to Operating System Security Sending by SMTP
5 Guide to Operating System Security Parts of SMTP Messages Address header Envelope Message header Domain literal Multihomed host Host names Message text
6 Guide to Operating System Security Overview of SMTP Protocols used to store and retrieve Post Office Protocol (POP) Internet Message Access Protocol (IMAP)
7 Guide to Operating System Security Operating Systems That Use SMTP by Default Microsoft Outlook Express on Windows 2000/XP/2003 Microsoft Outlook in Windows-based systems that have Microsoft Office Ximian Evolution Mail in Red Hat Linux 9.x Mail in Mac OS X
8 Guide to Operating System Security Server Software Systems That Use SMTP Eudora Lotus Domino Mail Server Mailtraq Merak Microsoft Exchange Sendmail SuSE Linux Open Exchange Server
9 Guide to Operating System Security Attacks on SMTP Surreptitious alteration of a DNS server Direct use of command-line tools to attack SMTP communications Spread of unsolicited commercial (spam)
10 Guide to Operating System Security DNS Server Directing
11 Guide to Operating System Security Attacks Through Altering DNS Server Information
12 Guide to Operating System Security Using Command-Line Tools for Attacks Windows 2000/XP/2003 Attacker can use maliciously constructed to attack an SMTP server UNIX/Linux Easier; attacker can use built-in command- line options
13 Guide to Operating System Security Unsolicited Commercial (UCE) Relatively inexpensive for sender Expensive for users whose resources are diminished by UCE traffic Expensive in terms of wasted time (estimated 25% of all Internet traffic is spam)
14 Guide to Operating System Security Ways to Control UCE (Spam) Turn off open SMTP relay capability Configure SMTP server to have restrictions Require a computer to authenticate to Microsoft Exchange before is relayed Direct not addressed to internal recipients to a bogus IP address Obtain tools to block
15 Guide to Operating System Security Securing Through Certificates and Encryption Ensures privacy Reduces chances of forgery or someone other than sender adding an attachment Accepted methods Secure Multipurpose Internet Mail Extensions (S/MIME) Pretty Good Privacy (PGP)
16 Guide to Operating System Security Using S/MIME Encryption Provides encryption and authentication for transmissions An extension of MIME
17 Guide to Operating System Security MIME Provides extensions to original SMTP address header information Different types of message content can be encoded for transport over the Internet Additional header fields MIME-version Content-type Content-transfer-encoding Content-ID Content-description
18 Guide to Operating System Security Using S/MIME Encryption Uses digital certificates based on X.509 standard Has flexibility to use 168-bit key Triple DES Designed to follow Public-Key Cryptography Standards (PKCS)
19 Guide to Operating System Security Using PGP Security Provides encryption and authentication for transmissions Sometimes preferred by users of open systems (UNIX/Linux); enables use of X.509 or PGP digital certificates Unique characteristic of PGP certificate: web of trust
20 Guide to Operating System Security Contents of PGP Digital Certificate PGP version number Public key Information about certificate holder Digital signature of certificate holder Validity period of the certificate Preferred algorithm for the key
21 Guide to Operating System Security Typical Encryption Methods Used by PGP CAST IDEA Triple DES
22 Guide to Operating System Security Other Techniques for Securing Train users Scan Control the use of attachments
23 Guide to Operating System Security Training Users for Security Never send personal information or a password response via Delete from unrecognized sources Use message filtering, if available
24 Guide to Operating System Security Scanning Place virus scanning software on gateway Update virus definitions frequently Quarantine specific kinds of attachments Scan zipped files Scanner code should be written to be relatively fast
25 Guide to Operating System Security Controlling the Use of Attachments Delete attachments from unknown sources Never configure software to automatically open attachments Avoid using HTML format for opening Use virus scanner on before opening it Place attachments in quarantine
26 Guide to Operating System Security Backing Up For storage To ensure that unread is not lost if server goes down
27 Guide to Operating System Security Configuring Security in Popular Tools Microsoft Outlook Express Microsoft Outlook Ximian Evolution Mail in Red Hat Linux 9.x Mail in Mac OS X
28 Guide to Operating System Security Microsoft Outlook Express Included with Windows 2000/XP/2003 Can obtain messages from SMTP-based servers running server software Can be used to access newsgroups
29 Guide to Operating System Security Microsoft Outlook Express
30 Guide to Operating System Security Security Measures Supported by Outlook Express S/MIME (version 3) 40-bit and 128-bit RC2 encryption 64-bit RC2 encryption 56-bit DES encryption 168-bit Triple DES encryption Digital signatures encrypted using SHA-1
31 Guide to Operating System Security Configuration Options for Outlook Express
32 Guide to Operating System Security Microsoft Outlook Express Enables you to export to Microsoft Outlook or a Microsoft Exchange server Can be used to back up messages from other systems Enables you to block or filter messages from unwanted sources
33 Guide to Operating System Security Microsoft Outlook Included with Microsoft Office Has multiple capabilities communications Calendar Ability to track tasks, list contacts, and make notes
34 Guide to Operating System Security Microsoft Outlook Security Features S/MIME (version 3) 40-bit and 128-bit RC2 encryption 64-bit RC2 encryption 56-bit DES encryption 168-bit Triple DES encryption Digital signatures encrypted using SHA-1 V1 Exchange Server Security certificates
35 Guide to Operating System Security Configuration Options for Microsoft Outlook
36 Guide to Operating System Security Microsoft Outlook Ability to back up messages by exporting to a file (many file types available) Ability to add specific Web sites to junk list
37 Guide to Operating System Security Ximian Evolution Mail in Red Hat Linux 9.x Processes Schedules activities on a calendar Records tasks Creates list of contacts Summary function (weather, inbox/outbox totals, appointments, updates and errata)
38 Guide to Operating System Security Ximian Evolution Mail in Red Hat Linux 9.x
39 Guide to Operating System Security Ximian Evolution Mail in Red Hat Linux 9.x Capability to configure more than one account with unique properties Can be configured to use either PGP security or GnuPG
40 Guide to Operating System Security Configuration Options for Evolution Mail
41 Guide to Operating System Security Apple Mail (Continued) Comes with Mac OS X Focuses on handling activities Enables creation of filters to reject mail from unwanted or unknown sources Capability to configure different accounts
42 Guide to Operating System Security Apple Mail (Continued)
43 Guide to Operating System Security Apple Mail (Continued) Uses PGP for security Can specify use of SSL for security over Internet links to Provides different authentication methods for verifying access to an account Password authentication Kerberos version 4 and version 5 MD5 challenge-response
44 Guide to Operating System Security Summary How operating systems use SMTP for Sources of attacks Over 90% of malicious software strikes through How certificates and encryption can protect How to configure security in software typically used with operating systems