COMPUTER
SECURITY
Computer
security is a field of computer science concerned with the control
of risks related to computer use.
• A reference model is a system component that enforces access controls
on an object. The security Kernel implements the concept.
• The reference model must mediate all processes, it must be protected
from modification, and it must be verifiable as correct.
Type I: Something you know ( passwords, pins )
Type II: Something you have ( Token, ATM card )
Type III: Something you are ( Biometrics )
Before a user can access a resource, several levels of security must
be passed:
1. Identify
2. Authenticate
3. Authorize
Access Control
MAC, DAC, RBAC
• MAC Mandatory Access Control (MAC): Highest level
of Control. Permissions are explicitly denied unless otherwise changed.
Resources are assigned security labels and if the labels do not match,
access is then denied.
• DAC Discretionary Access Control (DAC): Allows
owners of data to specify what users can access data used most. Access
control is based on discretion of data owners. Most common model.
Users themselves can assign access to their own data.
• Role Based Access Control (RBAC): (also called
Non-discretionary access control), centrally controlled model allows
access based on the role the user holds in the organization; often
hierarchical. Access is given to a group of users that perform a similar
function. Based on the separation of duties. Access Control lists
are the most common form of RBDAC.
Authentication
Is
the process of finding out if something is exactly what it appears
to be? For example, you can be authenticated into a windows network
based on credentials such as username and password. The network authenticates
you and provides to you if you are who you say you are and if you
have the proper credentials.
Kerberos
• A trusted, third party authentication protocol developed under project
developed at MIT
• Rather than sharing a password, communication partners share a cryptographic
key, and they use knowledge of this key to verify one another's identity.
For the technique to work the shared key must be symmetric — a single
key must be capable of both encryption and decryption. One party proves
knowledge of the key by encrypting a piece of information, the other
by decrypting it.
• Kerberos use a Single Sign On (SSO) Policy
• Kerberos lets a user request an encrypted ticket form the authentication
process that can be used to request a particular service from a server
Biometrics
Fingerprint Biometric
• Authentication based on human characteristics
• Biometric Characteristics include: Fingerprints, retina, iris, facial,
palm scans, hand geometry, voice, handwritten signature, body composition
and keystrokes pattern
Biometric Software
Smartcards / Tokens
RSA Key fob
• Used to supply static or dynamic passwords
• Type II: Something you have. Smartcard is Encrypted with RSA or
MDA
Worms, T-Horses and Viruses
• Worm: parasitic, self-contained computer program that replicates
itself or smaller parts of itself, but unlike viruses do not infect
computer files. Worms create copies of it selves on the same computer
or send themselves to other computers via IRC, internet relay, email.
• Trojan horse: Malicious program that pretends to be a benign application.
Trojans do not replicate. Hides in computer until called on to perform
a certain task.
• Virus: A computer program capable of attaching itself to disks or
files and replicating itself without user knowledge or prevention.
Polymorphic Viruses change each time a new infection occurs. Boot
Sector, Executable, File Infector, Macro: (attach to Word or Excel),
metamorphic, logic bombs, and stealth are the kinds of viruses present.
Anti-Virus Software
Accounts and Password Management
• Naming conventions: complex and never simple
• Limit Logon attempts
• Expiration Dates: Have your accounts expire
• Disable account when employee leaves company or goes on vacation
• Time restrictions
• Machine restrictions
• PASSWORD POLICIES
• Minimum password length
• Password rotation: systems remember old passwords, cannot reuse
• Password aging: Force users to change password regularly
Password Management should be heavily enforced. Passwords should be
change often and kept as strong as possible preferably as random strings
of characters and numbers.
How
to configure Password and Security Policies
• Start>Settings>Control Panel>Administrative tools>Local
Security Settings>Account Policies>Password Policies
• Start>Settings>Control Panel>Administrative tools>Local
Security Settings>Local Policies>Security Options
• Start>Settings>Control Panel>Administrative tools>Local
Security Settings>IP Security Policies on Local Computer
WEP and WPA
• WEP: Wired Equivalency Protocol
• Uses RC4, a stream cipher operates by expanding a short key into
a stream. The sender combines the key stream with the plain text to
product the cipher text. Shared Key. Key changes on every packet.
• Weakness: If an eavesdropper intercepts two ciphers text encrypted
with the same key stream they can obtain the exclusive OR (XOR) of
the two plain texts and find the key.
• WAP: Wireless Application Protocol; The WAP, by means of the WTLS,
provides end-to-end security between the WAP protocol endpoints. Actually
the end points are the mobile terminal and the WAP gateway. When the
WAP gateway makes the request to the origin server, it will use the
SSL below HTTP to secure the request. This means that the data is
decrypted and again encrypted at the WAP gateway
• WAP defines a set of protocols in the transport, the session, and
the application layers. It also specifies an application framework
Wireless client configuration issues
• appropriate network SSID
• appropriate encryption (WEP or WPA)
• MAC filtering
• Appropriate network key
Hashes
• Hash: Cryptographic hash is a one-way function that takes an input
of a variable size and produces a fixed-size output which is commonly
referenced to as "hash" or "digest". It is "one-way",
which means that when given:, an input, it is easy to compute its
hash; a hash, it is hard to compute the corresponding input; a block
of data as an input, it is hard to find another block of data with
the same hash Another important requirement to hash functions in cryptography
is the collision-resistance: it is hard to find two random inputs
with the same hash.
• MD4 (Message Digest 4) Produces 128 bit message digest, very fast
and appropriate for medium security usage.
• MD5 (Message Digest 5) Produces 128 message digest, fast (not as
fast as MD4) more secure. MD5 is a hash function designed by Ron Rivest
and widely used in cryptographic applications. It is an improved version
of MD4. However, there are some known problems with MD5 - in particular
there is an attack that produces collisions using the compression
function in MD5.
• SHA-1 160 bit MD ( standard for US GOVT ) slower than MD 5
Message Digest Function
Four goals of Cryptography
• Provide data Confidentiality
• Data integrity
• Identification and Authentication
• Non- repudiation
• Other facts:
o Large amounts of data use shared-secret symmetric encryption to
provide confidentiality.
o Asymmetric Encryption can be used to generate a digital signature
which can be attached to email to provide non-repudiation.
Cryptography
Digital Signatures
• Digital Signature is usually the encryption of a message or message
digest with the sender's private key. To verify the digital signature,
the recipient uses the sender's public key. Good digital signature
scheme provides:
o authentication
o integrity
o non-repudiation
• RSA algorithm can be used to produce and verify digital signatures;
another public-key signature algorithm is DSA.
Digital Signature
Key
and Certificate Management:
• M of N Control can be used for certificate revocation – two different
entities are needed to agree to revoke a certificate. M of N also
refers to a method of storing a private key, protected and encrypted
with a separate unique key. The key used for recovery is split into
two or more parts and distributed to various individuals. To recover
the key, all the individuals must be present. Just like launching
a nuclear missile.
• Key Escrow: Third party holds additional key (on top of public/
private pair). This third key is used to encrypt the private key;
which is then stored. A common key escrow entity can be a CA.
• Key Life Cycle is broken into several stages: Certificate: Enrollment,
Distribution, validation, revocation, renewal, destruction and auditing.
• Multiple Key Pairs: Dual purpose, multiple key pairs exist when
forged digital signatures are a concern. Secondly, a dual key pair
can be used to satisfy Security and Back-up requirements. One key
pair can be used for encryption and decryption and the other key pair
can be used for digital signatures and no-repudiation.
• Single Key: A single Key used for multiple purposes violates non-repudiation.
Certificates
Email
Security
• S/MIME: Secure Multi Purpose Internet Mail Extension was developed
by RSA Data; it is based on PKCS data format for messages and the
X.509v3 format for certificates. S/Mime is used for send confidential
emails. Symmetric encryption, 3DES DES, and RC2. S/MIME looks to the
headers to determine how data encryption and digital certificates
are to be handled.
• PGP/MIME: based on PGP, distributed freely. Another great way to
secure email. Unlike S/MIME, Individual users are responsible for
exchanging their keys with each other and deciding they trust the
public key both use SHA-1 for hash. Key Ring held locally. Weakness
is Chosen Cipher text. Uses combo of Public and private keys.
SSL
• SSL Secure Sockets Layer: Runs above TCP below Application layer
of the OSI model. SSL/TLS is an encryption system used by most web
pages to secure ecommerce.
• SSL Provides for mutual authentication using the public key digital
signatures such as RSA
• SSL Server Authentication – SSL client enabled software uses a public
key to check server’s certificate and public ID against a CA.
• SSL contains two sub-protocols:
o SSL RECORD protocol, it defines the format used to transmit data.
o SSL HANDSHAKE PROTOCOL, it uses the SSL record protocol to exchange
messages between SSL server & SSL client when they first establish
a connection: this exchange of messages facilitates the flowing actions:
Authenticate Server to Client.
Allow server and client to select cryptography ciphers they both
support
Optionally authenticate client to server
use public key encryption to generate shared secrets
Secure Socket Layer
VPN
/ Tunnel
• There are two types of VPN:
o Site to Site,
o Remote Access
• Tunneling requires 3 Protocols:
o Carrier Protocol, like IP
o Encapsulating Protocol, PPTP, L2TP
o Passenger Protocol, the data that is being tunneled.
VPN
In any secure environment it is very important to have a basic local
security policy regarding mandating levels of access. These policies
allow administrators to define users by their rights on the system
and then assigned resources to groups or users based on these rights.
Whenever possible, the strongest encryption technologies should be
used. Each type of encryption technologies is defined by the algorithm
it uses to encrypt and decrypt data.
Data Migration or the movement of massive amounts
of information from one system to another should be done in a closed
environment to prevent sensitive information from leaking out
If a bios boot password becomes lost or forgotten it can recovered
or reset by setting jumpers or removing the CMOS battery
Update Security policy
Windows updates and service packs (NT SP6, 2K SP4 and XP SP2)
Symmetric
Encryption Algorithms
• In symmetric cryptosystems, the same key is used to encrypt and
decrypt data and in symmetric authentication schemes the same key
is used to sign and verify documents. This means that symmetric cryptography
is based on the notion of "shared secret".
• Advantages: Speed & Strength Disadvantages: Poor Key distribution,
Single key
• DES stands for Data Encryption Standard, the most popular symmetric
encryption algorithm (block cipher) in the past years. It was designed
by IBM and the U.S. government.
• Triple DES (3DES) is a symmetric encryption algorithm based on repeating
encryption with DES. It uses 168-bit long keys which are considered
as sets of three independent keys for triple encryption with DES.
3DES is more secure than DES but also considerably slower.
Asymmetric Algorithms
• Asymmetric systems and schemes use key pairs which consist of a
public key and private key. The former is made public (for example,
by publishing it in a directory) and the latter is kept secret. So
the asymmetric cryptography does not involve shared secrets.
• Advantages: Provides a secure way to communicate; provides method
of validation; non-repudiation
• Disadvantages: Slower than Symmetric
Unattended computer should be locked down. Laptops
should be put in cases with a key and desktops should have the operating
system engaged by pressing Ctrl + Alt + Del and clicking the lock
computer button.
Social Engineering-is a collection of techniques used to
manipulate people into performing actions or divulging confidential
information. While similar to a confidence trick or simple fraud,
the term typically applies to trickery for information gathering or
computer system access and in most (but not all) cases the attacker
never comes face-to-face with the victim.
Firewall
A firewall is an information technology (IT) security device which
is configured to permit, deny or proxy data connections set and configured
by the organization's security policy. Firewalls can either be hardware
and/or software based.
Firewall
A firewall's basic task is to control traffic between computer networks
with different zones of trust. Typical examples are the Internet which
is a zone with no trust and an internal network which is (and should
be) a zone with high trust. The ultimate goal is to provide controlled
interfaces between zones of differing trust levels through the enforcement
of a security policy and connectivity model based on the least privilege
principle and separation of duties.
Proper configuration of firewalls demands skill from the firewall
administrator. It requires considerable understanding of network protocols
and of computer security. Small mistakes can render a firewall worthless
as a security tool.
Windows
XP Service Pack 2 comes with a firewall built-in
Start>Settings>Control
Panel>Windows Firewall
Auditing and Event Logging
A computer security audit is a manual or systematic measurable technical
assessment of a system or application. Manual assessments include
interviewing staff, performing security vulnerability scans, reviewing
application and operating system access controls, and analyzing physical
access to the systems.
Start>Settings>Control Panel>Administrative tools>Local
Security Settings>Local Policies>Audit Policies
Start>Settings>Control Panel>Administrative Tools>Computer
Management>System Tools>Event Viewer>Security
File System Conversion
How to convert FAT to NTFS
Start>Run>cmd>convert drive:/fs:ntfs
Attacks
• Birthday Attack: Probability of two different messages using the
same hash function that produces a common message digests. Birthday
comes from the fact that in a room of 30 people, the probability of
two people having the same birthday is greater than 50%.
• Man-in-the-Middle attack: Intercepting messages and forwarding modified
versions of the original message while attempting secure communications
between the hosts.
• Denial of Service (DoS) Attack: common attacks include: filling
up a targets hard drive by huge email attachments or file transfer.
Using up all ports on a web server
• SYN attack: The SYN (TCP connection request) attack is a common
denial of service (DoS) technique characterized by the following pattern:
Using a spoofed IP address not in use on the Internet, an attacker
sends multiple SYN packets to the target machine. For each SYN packet
received, the target machine allocates resources and sends an acknowledgement
(SYN-ACK) to the source IP address. When an attacker uses this technique
repeatedly, the target machine eventually runs out of resources and
is unable to handle any more connections, thereby denying service
to legitimate users.
• Smurf Attack: uses a combo of IP spoofing and ICMP to saturate a
target network with traffic. Smurf consists of three elements; source
site, bounce site and target site. The attacker (source site) sends
a modified ping to the broadcast address of a large network (bounce
site). The modified packet contains a source address of the target
site; everyone at the bounce site replies to the target site.
• Brute Force: trying every possible key/combo, longer the key, the
longer this attack takes.
• Dictionary: A type of brute force that uses a program that tries
common words.
• Replay: using a network capture; replay username/password
Solution
to Network Attacks
• DoS: Disable ICMP in your network
• Backdoor: use anti-virus, personal firewalls, no modems
• Spoofing: Router or Firewall needs to be set to disallow internal
IP entering from outside
• Smurf Attack: Disable IP broadcast or IP re-directs
• Man-in-the-middle: Unique server host key / new SSL
• Replay: Use timestamps : Kerberos
• Birthday/Brute Force: Use long 128 bit keys
• Brute Force: Limit Logon attempts
• Password guessing: Use 8-12 upper/lower case letters and numbers
• Social Engineering: Educate Employees
Physical Security – Physical protection of your networks
Caged Servers
Camera
Security
Guard
Data Center
Hello 
