tunneling and securing tcp services nathan green
TRANSCRIPT
Tunneling and Securing TCP Services
Nathan Green
Outline
• Concept of Tunneling
• Tunneling Protocols– SSL– SSH– SOCKS
• Examples of Useful Tunnels
Introduction
• Many popular protocols were designed before security became a major issue– FTP– POP– Telnet– HTTP
Vulnerabilities
• Sniffing – a problem because many protocols (SMTP, POP, HTTP, etc) transmit data in clear text.
• Connection hijacking – after a successful authentication, an attacker can take over the connection and initiate requests/intercept replies
Vulnerabilities• False Authentication – many protocols
rely solely on IP or domain names• Data Spoofing – attackers can easily
manipulate/inject packets (MitM)• Implementation/configuration –
misconfigured systems can put machines at risk
• DoS Attacks
Unfortunately, most companies can’t
afford to discontinue the use of POP or
FTP since many still use them
A solution to this problem is tunneling
Tunneling• Tunneling is the transmission of data intended
for private use through a public network• Tunnel: a virtual link between two network nodes• Generally accomplished by encapsulating the
private data and protocol information within public network packets so the private protocol appears to the public as ordinary data
Low Level Tunneling Protocols• Layer 2
– L2F: Layer 2 Forwarding– PPTP: Point-To-Point Tunneling Protocol– L2TP: Layer 2 Tunneling Protocol
• Layer 3– IPSec: IP Security Protocol– VTP: Virtual Terminal Protocol– ATMP: Ascend Tunnel Management Protocol
High-Level Tunneling Protocols
SSL
SSH
SOCKS
SSL: Secure Sockets Layer
• Encrypts communications between Web servers and Web browsers for tunneling over the Internet.
• SSL alone is nothing but a handshake and encryption.
• Developed by Netscape for securing HTTP• Not clear at what level it is implemented.
Transport? Session? Application layer?
SSL: Secure Sockets Layer
http://www.nortelnetworks.com/solutions/ip_vpn/collateral/nn102260-10802.pdf
SSL Architecture
• Has two layers of protocols...
SSL Architecture
• SSL Handshake Protocol– Negotiation of security algorithms and parameters– Key exchange– Server/client authentication
• SSL Alert Protocol– Error messages
• SSL Change Cipher Spec Protocol– A single message that indicates the end of the SSL handshake
• SSL Record Protocol– Fragmentation– Compression– Message authentication– Encryption
SSL Handshake Protocol
• Establishes a TCP/IP connection
• Client/server negotiate encryption and MAC algorithms
• Negotiate cryptographic keys to be used. The client and server agree on the level of security they will use
SSL Handshake Protocol
CLIENT SERVER
Client Data Server Data
1)The client sends the server the client's SSL version number, cipher settings, session-
specific data, and other information that the server needs to communicate with the client
using SSL.
2) The server sends the client the server's SSL version number, cipher
settings, session-specific data, and other information that the client needs
to communicate with the server over SSL. The server also sends its own certificate.
INTERNET
5) Both the client and the server use the master secret to generate the
session keys, which are symmetric keys used to encrypt and decrypt information
exchanged during the SSL session and to verify its integrity (that is, to detect
any changes in the data between the time it was sent and the time it is received
over the SSL connection).
7) The server sends a message to the client informing it that future messages
from the server will be encrypted with the session key. It then sends a
separate (encrypted) message indicating that the server portion of the handshake
is finished.
6) The client sends a message to the server informing it that future messages
from the client will be encrypted with the session key. It then sends a
separate (encrypted) message indicating that the client portion of the handshake
is finished.
SSL Handshake Protocol
CLIENT SERVER
3) The client creates the pre-master secret for the session, encrypts it
with the server’s public key obtained from the server’s certificate,
and sends it to the server
Optional: Server requests client authentication: the client also signs another piece of data that is
unique to this handshake and known by both the client and server. In this case, the client sends both
the signed data and the client's own certificate to the server along with the encrypted
pre-master secret. The server then authenticates the client
4) The server uses its private key to decrypt the pre-master secret, and then
performs a series of steps (which the client also performs, starting from the
same pre-master secret) to generate the master secret. Does this different
ways: RSA, Fixed DH, Ephemeral DH, Anonymous DH, Fortezza
INTERNET
• In the case of server authentication, the client encrypts the pre-master secret with the server's public key. Only the corresponding private key can correctly decrypt the secret, so the client has some assurance that the identity associated with the public key is in fact the server with which the client is connected. Otherwise, the server cannot decrypt the pre-master secret and cannot generate the symmetric keys required for the session, and the session will be terminated.
• This is the normal operation condition of the secure channel. At any time, due to internal or external stimulus (either automation or user intervention), either side may renegotiate the connection, in which case, the process repeats itself.
• Single message that indicates end of handshake
SSL Change Cipher Spec Protocol
SSL Alert Protocol
• Fatal alerts and warnings
SSL Record Protocol
• Fragment: separated into blocks
• Compress
• MAC: Message Authentication Code, a cryptographic checksum
• Encrypt
SSL Record Protocol Format
Difference Between SSL and TLS
• Not much– TLS is the IETF protocol standard that
grew out of SSL 3.0, documented by RFC 2246
– TLS doesn’t support Fortezza key exchange/encryption
– More alert codes in SSL– TLS current version number is 3.1
SSH• SSH is a protocol for secure remote login, shell, and
file copying other secure network services over an insecure network
• Replace RSH, RCP, RLOGIN• Runs at application layer• Uses RSA public key cryptography• Data flow directions client->server and server->client
are independent, may use different algos (i.e. 3DES+SHA1 and Blowfish+MD5)
• Currently SSH v2 is the standard
SSH Components• The Transport Layer Protocol provides server authentication,
confidentiality, and integrity. It may optionally also provide compression. The transport layer will typically be run over a TCP/IP connection.
• The User Authentication Protocol authenticates the client-side user to the server. It runs over the transport layer protocol.
• The Connection Protocol multiplexes the encrypted tunnel into several logical channels. It runs over the user authentication protocol. – these logical channels can be used for a wide range of
purposes• secure interactive shell sessions• TCP port forwarding
Difference Between SSL and SSH
• SSL originally intended for web sessions
• SSL is a drop-in which other applications run over
• Server authentication optional
• SSL alone is just a handshake and encryption
• SSH originally intended for replacing telnet and FTP
• SSH is a Swiss-army-knife designed to do many different things
• Server authentication required
• SSH alone allows you to do lots of different things
http://www.rpatrick.com/tech/ssh-ssl/
http://www.snailbook.com/faq/ssl.auto.html
SOCKS
• A security protocol used to communicate through a firewall or proxy server
• Defined in RFC 1928
SOCKS• When a TCP-based client wishes to establish a connection to
an object that is reachable only via a firewall, it must open a TCP connection to the appropriate SOCKS port on the SOCKS server system.
• The SOCKS service is conventionally located on TCP port 1080.
• If the connection request succeeds, the client enters a negotiation for the authentication method to be used, authenticates with the chosen method, then sends a relay request.
• The SOCKS server evaluates the request, and either establishes the appropriate connection or denies it.
Example of Useful Tunnels• POP3
– Open a secure tunnel using SSH– Needs an accessible shell account on the server– $ ssh -L 110:mail.my.org:110 tunnel.my.org – Set mail client to query ‘localhost’ as the POP3 server
• IMAP– Same setup, different port number (220)
• Telnet– $ ssh -L 23:server.my.org:23 tunnel.my.org – $ telnet localhost
Alternatives
• IPv6
• VPN
• IPSec