40 |
NETWORK SECURITY |
4.2SECURING ACCESS TO THE NETWORK INFRASTRUCTURE
As discussed in the introduction to physical security, in many networks, particularly enterprise networks, the ability to access the network infrastructure can be limited effectively by controlling the ability to access the holes in the wall inside the premises of the network operator. If there are few routes into the network (again, particularly common in enterprise networks), then it is also easier to apply filters or access lists that deny access from external devices to any network device on your network. Traditionally, service providers were cautious about implementing access lists on the ingress to their network because of the performance impact this had on all traffic. However, as discussed in Chapter 1, modern ASIC and network processor-based designs are no longer vulnerable to these limitations.
4.2.1 AUTHENTICATION OF USERS, HOSTS AND SERVERS
Despite the importance and benefits of physical security of your premises, there are certain situations where physical protection is not sufficient. In these cases, it is necessary to authenticate the hosts or individuals connecting to the network before full access to network resources is granted. It may also be desirable/necessary for network access devices to authenticate themselves to the users logging in. The authentication of users, hosts and network devices is particularly important for wireless networks, where the physical boundaries of the network operator’s premises are unlikely to contain the transport media entirely. It is also possible for someone to install a rogue network device outside (or inside) the building and use it to obtain authentication information from subscribers. Various aspects of authentication are described below. While wireless is used widely as an example, the elements are, in general, equally applicable to wired connections.
4.2.1.1 802.1X
802.1X was initially designed as a mechanism for authenticating hosts and users as they connected to infrastructure switch ports (e.g. switch ports on an Ethernet switch). It limits the access to the network infrastructure to the minimum required to authenticate the host or user until authentication is complete. 802.1X was based on the Extensible Authentication Protocol (EAP), created by the IETF, but was subsequently extended to provide support for authentication of hosts and users requesting connections to wireless infrastructure. 802.1X is now extremely widely implemented by both Ethernet and wireless equipment vendors.
It is important to note that 802.1X is only a framework for authentication. It provides no encryption functionality in and of itself.
4.2.2 ENCRYPTION OF INFORMATION
In addition to the need for authentication, depending upon the nature of the transport media, it might be desirable to apply encryption to the packets being transported. Again,
4.2 SECURING ACCESS TO THE NETWORK INFRASTRUCTURE |
41 |
this is particularly important in wireless environments, where it is possible for someone to sit outside your building and simply listen to all the traffic flying by. In an unencrypted environment, all your company’s confidential data could be flying by, being intercepted by any third party.
4.2.2.1 WEP, WPA, TKIP and 802.11i
Several protocols have been created over time to solve the problem of maintaining the privacy of data transported over wireless infrastructure. The first, Wired Equivalence Privacy (WEP), is often used to perform both authentication and encryption functions. However, it has been shown to suffer from several severe weaknesses and, even with key lengths of 128 bits, on a moderately busy network can be routinely compromised in a matter of hours. In order to overcome some of these weaknesses, a mechanism for automatically changing the keys used by two peers has been devised. This mechanism does not overcome the inherent weaknesses. It merely works around them making it more difficult to compromise a key before it is discarded in favour of a new key.
Given the inherent limitations of WEP, work was begun on the standardization of a new extension to the 802.11 group of standards, 802.11i, which would provide enhanced encryption services to 802.11-based wireless networks. It is based on a combination of 802.1X, EAP, the Advanced Encryption Standard (AES) and the Robust Security Network (RSN). RSN is designed to dynamically negotiate authentication and encryption functions between the client and the access point. Work on this standard has been ‘steady’ but, at the time of writing, it is still not complete. Implementation of everything in the 802.11i standard is likely to require changes not only to software but also to existing, deployed hardware if performance is not to be unacceptably poor. However, despite the incomplete status of the 802.11i standard, some vendors are starting to introduce hardware capable of supporting the proposed standard.
In order to provide enhanced security in the period until 802.11i is standardized and compatible hardware widely deployed, the WiFi Alliance (an industry body) devised the WiFi Protected Access (WPA). WPA is a framework of enhanced security protocols and algorithms designed to work on currently deployed hardware. Part of the WPA framework is the Temporal Key Integrity Protocol (TKIP), which provides a mechanism for changing the shared key used by the client and network access device based on the passing of time or packets and for exchanging the updated keying information.
4.2.3ACCESS TOOLS AND PROTOCOLS
Having AAA mechanisms is all well and good, but if the access tools and protocols are not secure, then all the AAA mechanisms are for nothing.
4.2.3.1 rsh, rlogin, rexec and rcp
Remote shell (rsh), remote login (rlogin), remote execute (rexec) and remote copy (rcp) are all access mechanisms that were developed as part of the UNIX networking suite.
42 |
NETWORK SECURITY |
They provide the facility to login to, execute commands on and copy files to and from remote devices. They have been implemented on some network devices. However, serious concerns about the security of these protocols, particularly the ability for authentication on one device to automatically imply authentication on all devices and the passing of user credentials in the clear, have led many network operators to explicitly disable these protocols on any device, which supports them. In addition, the implementations of these protocols have traditionally been the source of many security flaws in many operating systems. Many network device vendors now do not implement these protocols on their devices because of the inherent security problems. Even when they are implemented by the vendors, most SPs disable them.
4.2.3.2 SSH/SCP
Secure Shell (SSH) and Secure Copy (SCP) are secure alternatives to rsh, rlogin, rexec and rcp. Due to their enhanced security features, SSH and SCP are widely favoured over their poorly secured predecessors by SPs. You can log in to the CLI of a network device and copy files to and from a network device respectively. SSH works on the basis of a public and private key pair for the server and for the client. During the initial exchange, the server passes its public key to the client. The client can either be prompted for a username and password or, alternatively, a public key associated with an individual user can be preplaced onto the server. Once the server and the client both have each other’s public keys, they use those keys to encrypt all messages for the other device. It is only possible to decrypt the messages encrypted with the public key if you are in possession of the private key. Thus, once the client has encrypted a message using the server’s public key, only the server can decrypt using its private key (which is, of course, kept absolutely secure on the server).
4.2.3.3 Telnet
Telnet is a simple, unsecured terminal access application. It is by far the most widely implemented terminal access program but is widely disabled by network operators because of its inherent lack of security. The main issue with telnet is that all the user’s credentials are passed between the client and the server in the clear. This means that any user attached to any network in the data path can snoop the traffic on that network and view the username and password.
4.2.3.4 FTP
File Transfer Protocol (FTP) is a simple and relatively efficient mechanism for transferring files to or from a network device. However, it is not secure since all user credentials are passed from the client to the server in the clear. It is based on TCP so any missed packets will be retransmitted based on mechanisms inherent in TCP. FTP is a widely implemented protocol, many implementations of which have had significant security flaws. For this
4.2 SECURING ACCESS TO THE NETWORK INFRASTRUCTURE |
43 |
reason, if SCP is available, it is almost invariably preferred over FTP. If SCP is not available, then it is common practice to disable the FTP service on any device except for the period during which it is actually being used.
4.2.3.5 TFTP
Trivial File Transfer Protocol (TFTP) is, as the name suggests, a more trivial protocol for the transfer of data. It is based on UDP, so there is no inherent acknowledgement and retransmission of packets. Therefore, it is necessary for TFTP to implement that functionality. TFTP is insecure and generally requires no authentication at all. For this reason, it is often turned off by operators if an alternative file transfer mechanism exists. If no alternative is available, it is advisable to protect the service either with a secured wrapper (a proxy application that provides access control mechanisms to applications that do not possess that facility) or with access control lists.
4.2.4IP SECURITY (IPSEC)
IPsec is a suite of protocols, which were initially devised as an integral part of the IPv6 suite of protocols. However, they have been extended to support IPv4. The original framework RFC 1825 has been made obsolete by RFC 2401. It provides both encryption and authentication of data. Numerous encryption and authentication algorithms are supported within the framework of IPsec.
At the time of writing, IPsec is not used for access to devices or the transfer of information to and from those devices.
IPsec provides two functions: authentication and encryption. The two functions are based on Authentication Headers (AH) and Encapsulating Security Payload (ESP) respectively. These are IP protocols 51 and 50 respectively.
The basis for IPsec is called the security association (SA). An SA is a unidirectional connection over which secured traffic is carried. If a connection between two hosts requires both AH and ESP protection then at least two SAs must be established. (see Figure 4.1).
Thus, in order to protect a normal bidirectional exchange between two hosts, at least two SAs are required, but such an exchange may require several parallel SAs in each direction. Each SA can be uniquely described by the three parameters: Security Parameter Identifier (SPI), a destination address and the security protocol identifier (i.e. ESP or AH).
ESP
AH
ESP
AH
Figure 4.1 Security Associations unidirectional