Tunneling and Securing TCP Services

Nathan Green

Outline

• Concept of Tunneling

• Tunneling Protocols– SSL– SSH– SOCKS

• Examples of Useful Tunnels

Introduction

• Many popular protocols were designed before security became a major issue– FTP– POP– Telnet– HTTP

Vulnerabilities

• Sniffing – a problem because many protocols (SMTP, POP, HTTP, etc) transmit data in clear text.

• Connection hijacking – after a successful authentication, an attacker can take over the connection and initiate requests/intercept replies

Vulnerabilities• False Authentication – many protocols

rely solely on IP or domain names• Data Spoofing – attackers can easily

manipulate/inject packets (MitM)• Implementation/configuration –

misconfigured systems can put machines at risk

• DoS Attacks

Unfortunately, most companies can’t

afford to discontinue the use of POP or

FTP since many still use them

A solution to this problem is tunneling

Tunneling• Tunneling is the transmission of data intended

for private use through a public network• Tunnel: a virtual link between two network nodes• Generally accomplished by encapsulating the

private data and protocol information within public network packets so the private protocol appears to the public as ordinary data

Low Level Tunneling Protocols• Layer 2

– L2F: Layer 2 Forwarding– PPTP: Point-To-Point Tunneling Protocol– L2TP: Layer 2 Tunneling Protocol

• Layer 3– IPSec: IP Security Protocol– VTP: Virtual Terminal Protocol– ATMP: Ascend Tunnel Management Protocol

High-Level Tunneling Protocols

SSL

SSH

SOCKS

SSL: Secure Sockets Layer

• Encrypts communications between Web servers and Web browsers for tunneling over the Internet.

• SSL alone is nothing but a handshake and encryption.

• Developed by Netscape for securing HTTP• Not clear at what level it is implemented.

Transport? Session? Application layer?

SSL: Secure Sockets Layer

http://www.nortelnetworks.com/solutions/ip_vpn/collateral/nn102260-10802.pdf

SSL Architecture

• Has two layers of protocols...

SSL Architecture

• SSL Handshake Protocol– Negotiation of security algorithms and parameters– Key exchange– Server/client authentication

• SSL Alert Protocol– Error messages

• SSL Change Cipher Spec Protocol– A single message that indicates the end of the SSL handshake

• SSL Record Protocol– Fragmentation– Compression– Message authentication– Encryption

SSL Handshake Protocol

• Establishes a TCP/IP connection

• Client/server negotiate encryption and MAC algorithms

• Negotiate cryptographic keys to be used. The client and server agree on the level of security they will use

SSL Handshake Protocol

CLIENT SERVER

Client Data Server Data

1)The client sends the server the client's SSL version number, cipher settings, session-

specific data, and other information that the server needs to communicate with the client

using SSL.

2) The server sends the client the server's SSL version number, cipher

settings, session-specific data, and other information that the client needs

to communicate with the server over SSL. The server also sends its own certificate.

INTERNET

Server Authentication

Sample Certificate

5) Both the client and the server use the master secret to generate the

session keys, which are symmetric keys used to encrypt and decrypt information

exchanged during the SSL session and to verify its integrity (that is, to detect

any changes in the data between the time it was sent and the time it is received

over the SSL connection).

7) The server sends a message to the client informing it that future messages

from the server will be encrypted with the session key. It then sends a

separate (encrypted) message indicating that the server portion of the handshake

is finished.

6) The client sends a message to the server informing it that future messages

from the client will be encrypted with the session key. It then sends a

separate (encrypted) message indicating that the client portion of the handshake

is finished.

SSL Handshake Protocol

CLIENT SERVER

3) The client creates the pre-master secret for the session, encrypts it

with the server’s public key obtained from the server’s certificate,

and sends it to the server

Optional: Server requests client authentication: the client also signs another piece of data that is

unique to this handshake and known by both the client and server. In this case, the client sends both

the signed data and the client's own certificate to the server along with the encrypted

pre-master secret. The server then authenticates the client

4) The server uses its private key to decrypt the pre-master secret, and then

performs a series of steps (which the client also performs, starting from the

same pre-master secret) to generate the master secret. Does this different

ways: RSA, Fixed DH, Ephemeral DH, Anonymous DH, Fortezza

INTERNET

• In the case of server authentication, the client encrypts the pre-master secret with the server's public key. Only the corresponding private key can correctly decrypt the secret, so the client has some assurance that the identity associated with the public key is in fact the server with which the client is connected. Otherwise, the server cannot decrypt the pre-master secret and cannot generate the symmetric keys required for the session, and the session will be terminated.

• This is the normal operation condition of the secure channel. At any time, due to internal or external stimulus (either automation or user intervention), either side may renegotiate the connection, in which case, the process repeats itself.

• Single message that indicates end of handshake

SSL Change Cipher Spec Protocol

SSL Alert Protocol

• Fatal alerts and warnings

SSL Record Protocol

• Fragment: separated into blocks

• Compress

• MAC: Message Authentication Code, a cryptographic checksum

• Encrypt

SSL Record Protocol Format

Difference Between SSL and TLS

• Not much– TLS is the IETF protocol standard that

grew out of SSL 3.0, documented by RFC 2246

– TLS doesn’t support Fortezza key exchange/encryption

– More alert codes in SSL– TLS current version number is 3.1

SSH• SSH is a protocol for secure remote login, shell, and

file copying other secure network services over an insecure network

• Replace RSH, RCP, RLOGIN• Runs at application layer• Uses RSA public key cryptography• Data flow directions client->server and server->client

are independent, may use different algos (i.e. 3DES+SHA1 and Blowfish+MD5)

• Currently SSH v2 is the standard

SSH Components• The Transport Layer Protocol provides server authentication,

confidentiality, and integrity. It may optionally also provide compression. The transport layer will typically be run over a TCP/IP connection.

• The User Authentication Protocol authenticates the client-side user to the server. It runs over the transport layer protocol.

• The Connection Protocol multiplexes the encrypted tunnel into several logical channels. It runs over the user authentication protocol. – these logical channels can be used for a wide range of

purposes• secure interactive shell sessions• TCP port forwarding

Difference Between SSL and SSH

• SSL originally intended for web sessions

• SSL is a drop-in which other applications run over

• Server authentication optional

• SSL alone is just a handshake and encryption

• SSH originally intended for replacing telnet and FTP

• SSH is a Swiss-army-knife designed to do many different things

• Server authentication required

• SSH alone allows you to do lots of different things

http://www.rpatrick.com/tech/ssh-ssl/

http://www.snailbook.com/faq/ssl.auto.html

SOCKS

• A security protocol used to communicate through a firewall or proxy server

• Defined in RFC 1928

SOCKS• When a TCP-based client wishes to establish a connection to

an object that is reachable only via a firewall, it must open a TCP connection to the appropriate SOCKS port on the SOCKS server system.

• The SOCKS service is conventionally located on TCP port 1080.

• If the connection request succeeds, the client enters a negotiation for the authentication method to be used, authenticates with the chosen method, then sends a relay request.

• The SOCKS server evaluates the request, and either establishes the appropriate connection or denies it.

Example of Useful Tunnels• POP3

– Open a secure tunnel using SSH– Needs an accessible shell account on the server– $ ssh -L 110:mail.my.org:110 tunnel.my.org – Set mail client to query ‘localhost’ as the POP3 server

• IMAP– Same setup, different port number (220)

• Telnet– $ ssh -L 23:server.my.org:23 tunnel.my.org – $ telnet localhost

Alternatives

• IPv6

• VPN

• IPSec