24/04/2014  

1  

APNIC Security Tutorial (as part of AFCEA Marianas Technet)

Tamuning, Guam

24 April 2014 Proudly Supported by:

Presenter Sheryl Hermoso (Shane)

Training Officer, APNIC

Sheryl has had various roles as a Network and Systems Administrator prior to joining APNIC. Starting her career as a Technical Support Assistant while studying at the University of the Philippines. Sheryl later worked as a Network Engineer, where she managed the DILNET network backbone and wireless infrastructure.

Areas of interests:

IPv6, DNS/DNSSEC, Network Security, IRM

Contact: sheryl@apnic.net

24/04/2014  

2  

Overview

•  Introduction to Security

•  Security on Different Layers and Attack Mitigation

•  VPN and IPsec

•  RPKI and Resource Certification

•  How can APNIC help you?

•  Security Management and Practices

Intro to Security: Attacks and Trends

24/04/2014  

3  

Attack Trends - Breach Sources

Infiltration

Aggregation

Exfiltration

Source: Trustwave 2012 Global Security Report

Attack Trends

•  Hacktivism and vandalism are the common DDoS attack motivation

•  High-bandwidth DDoS attacks are the ‘new normal’ •  First-ever IPv6 DDoS attacks are reported in 2011 •  Trust issues across geographic boundaries Source: Arbor Networks Worldwide Infrastructure

Security Report Volume VIII

24/04/2014  

4  

Evolution of Attack Landscape email propagation of malicious code

“stealth”/advanced scanning techniques

widespread attacks using NNTP to distribute attack

widespread attacks on DNS infrastructure

executable code attacks (against browsers)

automated widespread attacks

GUI intruder tools

hijacking sessions

Internet social engineering attacks

packet spoofing automated probes/scans

widespread denial-of-service

attacks

techniques to analyze code for vulnerabilities without source code

DDoS attacks

increase in worms

sophisticated command & control

anti-forensic techniques

home users targeted

distributed attack tools

increase in wide-scale Trojan horse distribution

Windows-based remote controllable

Trojans (Back Orifice)

Intruder Knowledge

Atta

ck S

ophi

stic

atio

n

1990 2012

Threats, Risk and Vulnerability

•  Threat –  Any circumstance or event with the potential to cause harm to a

networked system •  Denial of Service / Unauthorized Access / Impersonation / Worms / Viruses

•  Vulnerability –  A weakness in security procedures, network design, or

implementation that can be exploited to violate a corporate security policy

•  Risk –  The possibility that a particular vulnerability will be exploited

•  Risk analysis: The process of identifying security risks, determining their impact, and identifying areas requiring protection

24/04/2014  

5  

Attack Motivation

•  Criminal –  Criminal who use critical infrastructure as a tools to commit crime –  Their motivation is money

•  War Fighting/Espionage/Terrorist –  What most people think of when talking about threats to critical

infrastructure

•  Patriotic/Principle –  Large groups of people motivated by cause - be it national pride or a

passion aka Anonymous

Attack Motivation

•  Nation States want SECRETS •  Organized criminals want MONEY •  Protesters or activists want ATTENTION •  Hackers and researchers want KNOWLEDGE

(copied from NANOG60 keynote presentation by Jeff Moss, Feb 2014)

24/04/2014  

6  

Common Types of Attack

•  Ping sweeps and port scans - reconnaissance

•  Sniffing – capture packet as they travel through the network

•  Man-in-the-middle attack – intercepts messages that are intended for a valid device

•  Spoofing - sets up a fake device and trick others to send messages to it

•  Hijacking – take control of a session

•  Denial of Service (DoS) and Distributed DoS (DDoS)

Attacks on Different Layers Application

Presentation

Session

Transport

Network

Data Link

Physical

Application

Transport

Internet

Network Access (Link Layer)

Layer 2: PPTP, Token Ring

Layer 3: IPv4, IPv6, ICMP, IPsec

Layer 4: TCP, UDP

Layer 5: SMB, NFS, Socks

Layer 7: DNS, DHCP, HTTP, FTP, IMAP, LDAP, NTP, Radius, SSH, SMTP, SNMP, Telnet, TFTP

Ping/ICMP Flood

TCP attacks, Routing attack, SYN flooding,

Sniffing

DNS Poisoning, Phishing, SQL injection, Spam/Scam

ARP spoofing, MAC flooding

OSI Reference Model TCP/IP Model

24/04/2014  

7  

L2 Attacks - ARP Spoofing

Since the client’s ARP Cache has already been poisoned, it will communicate directly to the fake Destination.

I want to connect to 10.0.0.3. I don’t know the

MAC address

10.0.0.1 AA-AA-AA-AA-AA-AA

10.0.0.2 BB-BB-BB-BB-BB-BB

10.0.0.3 CC-CC-CC-CC-CC-CC

10.0.0.4 DD-DD-DD-DD-DD-

DD

ARP Request

ARP Reply

Wait, I am 10.0.0.3!

ARP Reply

I am 10.0.0.3. This is my MAC address

L2 Attacks - DHCP

•  DHCP Starvation Attack –  Broadcasting vast number of DHCP requests with spoofed MAC

address simultaneously. –  DoS attack using DHCP leases

•  Rogue DHCP Server Attacks

Attacker sends many different DHCP requests with many spoofed addresses.

Server runs out of IP addresses to allocate to valid users

24/04/2014  

8  

L3 Attacks - Ping Flood

Internet

Broadcast Enabled Network

Victim

Other forms of ICMP attack: - Ping of death - ICMP ping flood

Attacker

Routing Attacks

•  Attempt to poison the routing information •  Distance Vector Routing

–  Announce 0 distance to all other nodes •  Blackhole traffic •  Eavesdrop

•  Link State Routing –  Can drop links randomly –  Can claim direct link to any other routers –  A bit harder to attack than DV

•  BGP attacks –  ASes can announce arbitrary prefix –  ASes can alter path

24/04/2014  

9  

L4 Attacks – TCP Flooding

•  Exploits the TCP 3-way handshake

•  Attacker sends a series of SYN packets without replying with the ACK packet

•  Finite queue size for incomplete connections

Server

CONNECTION ESTABLISHED

SYN

SYN+ACK

ACK

TCP Attacks

•  Exploits the TCP 3-way handshake

•  Attacker sends a series of SYN packets without replying with the ACK packet

•  Finite queue size for incomplete connections

Server (Victim)

Attacker

OPEN CONNECTIONS

SYN

SYN+ACK

ACK?

24/04/2014  

10  

Attacks on SSL

•  BEAST Attack (2011) –  Browser Exploit Against SSL/TLS –  CBC vulnerability discovered in 2002 –  Fixed in TLS 1.1

•  CRIME Attack (2012) –  Compression Ratio Info-leak Made Easy –  Exploit against HTTP compression –  ‘fixed’ by disabling TLS Compression

•  BREACH Attack (2013) –  Browser Reconnaissance and Exfiltration via Adaptive Compression of

Hypertext –  Presented at BlackHat 2013 (Aug) –  Attacks HTTP responses using HTTP Compression

19

Heartbleed OpenSSL Bug (March 2014)

Source: https://xkcd.com/1354/

24/04/2014  

11  

iOS vulnerability (21 Feb 2014)

•  It appears that when using iOS's Secure Transport component to establish an encrypted connection using a raw IP address, the system does not check that the "common name" record (a hostname pattern, such as *.hetzner.de) in a server's SSL certificate matches the server's IP address (eg, 213.133.107.227)

•  More details at –  http://www.crowdstrike.com/blog/details-about-apple-ssl-vulnerability-

and-ios-706-patch/index.html

•  the vulnerability affects both the iOS and OS X operating systems

•  Some checks: curl -o blah https://213.133.107.227/

Application Layer Attacks

•  Applications don’t authenticate properly

•  Authentication information in clear –  FTP, Telnet, POP

•  DNS insecurity –  DNS poisoning –  DNS zone transfer

1

Are you sending your data in the clear?

24/04/2014  

12  

Application Layer Attacks

•  Scripting vulnerabilities

•  Cookie poisoning

•  Buffer overflow

•  Hidden field manipulation

•  Parameter tampering

•  Cross-site scripting

•  SQL injection

1

Application Layer DDoS: Slowloris

•  Incomplete HTTP requests

•  Properties –  Low bandwidth –  Keep sockets alive –  Only affects certain web servers –  Doesn’t work through load balancers –  Managed to work around accf_http

24/04/2014  

13  

DNS Changer

•  “Criminals have learned that if they can control a user’s DNS servers, they can control what sites the user connects to the Internet.”

•  How: infect computers with a malicious software (malware)

•  This malware changes the user’s DNS settings with that of the attacker’s DNS servers

•  Points the DNS configuration to DNS resolvers in specific address blocks and use it for their criminal enterprise

•  For more: see the NANOG presentation by Merike

Rogue DNS Servers

•  85.225.112.0 through 85.255.127.255

•  67.210.0.0 through 67.210.15.255

•  93.188.160.0 through 93.188.167.255

•  77.67.83.0 through 77.67.83.255

•  213.109.64.0 through 213.109.79.255

•  64.28.176.0 through 64.28.191.255

If your computer is configured with one of these DNS servers, it is most likely infected with DNSChanger malware

Are you using a trusted DNS server?

24/04/2014  

14  

DNS Cache Poisoning

•  Caching incorrect resource record that did not originate from authoritative DNS sources.

•  Result: connection (web, email, network) is redirected to another target (controlled by the attacker)

DNS Cache Poisoning

(pretending to be the authoritative

zone)

ns.example.com Webserver

(192.168.1.1)

DNS Caching Server

Client

I want to access www.example.com

1

QID=64571

2

QID=64569

QID=64570

QID=64571

www.example.com 192.168.1.1

match!

www.example.com 192.168.1.99 3

3

Root/GTLD

QID=64571

24/04/2014  

15  

DNS Amplification

•  A type of reflection attack combined with amplification –  Source of attack is reflected off another machine –  Traffic received is bigger (amplified) than the traffic sent by the

attacker

•  UDP packet’s source address is spoofed

DNS Amplification Attack Queries for

www.example.com

Attacker

ns.example.com

Victim Server

DNS Recursive server

Compromised Machines

(spoofed IP)

Root/GTLD

www.example.com 192.168.1.1

24/04/2014  

16  

Open Resolvers

•  DNS servers that answer recursive queries from any host on the Internet

•  http://openresolverproject.org/

•  Check if you’re running open resolvers –  http://dns.measurement-factory.com/cgi-bin/openresolvercheck.pl

•  More statistics at –  http://dns.measurement-factory.com/surveys/openresolvers/ASN-

reports/latest.html

For systems admins: Are you running an open resolver?

Open Resolvers

Reference: http://openresolverproject.org/

As of 13 Apr 2014: 27,429,020 servers responded to udp/53 probe 23,084,156 returned OK

24/04/2014  

17  

Open NTP Project

•  http://openntpproject.org/

•  To check if you are running Open NTP –  ntpdc -n -c monlist 192.0.2.1 –  ntpq -c rv 192.0.2.1

•  New effort similar to the OpenResolvers project

Wireless Attacks

•  WEP – first security mechanism for 802.11 wireless networks

•  Weaknesses in this protocol were discovered by Fluhrer, Mantin and Shamir, whose attacks became known as “FMS attacks”

•  Tools were developed to automate WEP cracking –  Chopping attacks were released to crack WEP more effectively and

faster

•  Cloud-based WPA cracker –  https://www.wpacracker.com/

How secure is your wireless connectivity?

24/04/2014  

18  

Botnet

•  Collection of compromised computers (or ‘bot’)

•  Computers are targeted by malware (malicious software)

•  Once controlled, an attacker can use the compromised computer via standards-based network protocol such as IRC and HTTP

•  How to become a bot: –  Drive-by downloads (malware) –  Go to malicious websites (exploits web browser vulnerabilities) –  Run malicious programs (Trojan) from websites or as email

attachment Are you aware if your machine has been compromised?

Password Cracking

•  Dictionary attacks –  Guessing passwords using a file of 1M possible password values

•  Ordinary words and people’s names

–  Offline dictionary attack when the entire password file has been attacked

–  Use random characters as password with varying upper and lower case, numbers, and symbols

•  Brute-force attacks –  Checking all possible values until it has been found –  The resource needed to perform this attack grows exponentially while

increasing the key size

•  Social engineering Do you use secure passwords?

24/04/2014  

19  

Pharming and Phishing

•  Phishing – victims are redirected to a fake website that looks genuine. When the victim supplies his account and password, this can be used by the attacker to the target site –  Typically uses fraud emails with clickable links to fake websites

•  Pharming – redirect a website’s traffic to another fake site by changing the victim’s DNS settings or hosts file

Do you click every link you receive in an email?

Questions

24/04/2014  

20  

Layered Approach to Security Attack Mitigation

Goals of Information Security

Confidentiality Integrity Availability

SE

CU

RIT

Y

prevents unauthorized use or disclosure of information

safeguards the accuracy and completeness of information

authorized users have reliable and timely access to information

24/04/2014  

21  

Access Control

•  The ability to permit or deny the use of an object by a subject.

•  It provides 3 essential services: –  Authentication (who can login) –  Authorization (what authorized users can do) –  Accountability (identifies what a user did)

Authentication

•  A means to verify or prove a user’s identity

•  The term “user” may refer to: –  Person –  Application or process –  Machine or device

•  Identification comes before authentication –  Provide username to establish user’s identity

•  To prove identity, a user must present either of the following: –  What you know (passwords, passphrase, PIN) –  What you have (token, smart cards, passcodes, RFID) –  Who you are (biometrics such as fingerprints and iris scan, signature or

voice)

24/04/2014  

22  

Trusted Network

•  Standard defensive-oriented technologies –  Firewall – first line of defense –  Intrusion Detection – second line of defense

•  Build TRUST on top of the TCP/IP infrastructure –  Strong authentication

•  Two-factor authentication •  something you have + something you know

–  Public Key Infrastructure (PKI)

Two-factor Authentication

•  Requires a user to provide at least two authentication ‘factors’ to prove his identity –  something you know

Username/userID and password –  something you have

Token using a one-time password (OTP)

•  The OTP is generated using a small electronic device in physical possession of the user –  Different OTP generated each time and expires after some time –  An alternative way is through applications installed on your mobile

device

•  Multi-factor authentication is also common

24/04/2014  

23  

Authorization

•  Defines the user’s rights and permissions on a system

•  Typically done after user has been authenticated

•  Grants a user access to a particular resource and what actions he is permitted to perform on that resource

•  Access criteria based on the level of trust: –  Roles –  Groups –  Location –  Time –  Transaction type

Authentication vs. Authorization

Client

Service

Authentication Mechanism Authorization

Mechanism

“Authentication simply identifies a party, authorization defines whether they can perform certain action” – RFC 3552

24/04/2014  

24  

Accountability

•  The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity –  Senders cannot deny sending information –  Receivers cannot deny receiving it –  Users cannot deny performing a certain action

•  Supports nonrepudiation, deterrence, fault isolation, intrusion detection and prevention and after-action recovery and legal action

Source: NIST Risk Management Guide for Information Technology Systems

Security on Different Layers

Application

Presentation

Session

Transport

Network

Data Link

Physical

Layer 2: ARP, Token Ring

Layer 3: IPv4, IPv6, ICMP, IPsec

Layer 4: TCP, UDP

Layer 5: SMB, NFS, Socks

Layer 7: DNS, DHCP, HTTP, FTP, IMAP, LDAP, NTP, Radius, SSH, SMTP, SNMP, Telnet, TFTP

Ping/ICMP Flood

TCP attacks, Routing attack, SYN flooding, Sniffing

DNS Poisoning, Phishing, SQL injection, Spam/Scam

ARP spoofing, MAC flooding IEEE 802.1X, PPP & PPTP

IPsec

TLS, SSL, SSH

HTTPS, DNSSEC, PGP, SMIME

24/04/2014  

25  

VPN Protocols

•  PPTP (Point-to-Point tunneling Protocol) –  Developed by Microsoft to secure dial-up connections –  Operates in the data-link layer

•  L2F (Layer 2 Forwarding Protocol) –  Developed by Cisco –  Similar as PPTP

•  L2TP (Layer 2 Tunneling Protocol) –  IETF standard –  Combines the functionality of PPTP and L2F

•  IPsec (Internet Protocol Security) –  Open standard for VPN implementation –  Operates on the network layer

IPSec!

Internet!

Network Layer Security - IPsec

•  IETF standard that enables encrypted communication between peers: –  Consists of open standards for securing private communications –  Network layer encryption ensuring data confidentiality, integrity, and

authentication –  Scales from small to very large networks

24/04/2014  

26  

Pretty Good IPsec Policy

•  IKE Phase 1 (aka ISAKMP SA or IKE SA or Main Mode) –  3DES (AES-192 if both ends support it) –  Lifetime (8 hours = 480 min = 28800 sec) –  SHA-2 (256 bit keys) –  DH Group 14 (aka MODP# 14)

•  IKE Phase 2 (aka IPsec SA or Quick Mode) –  3DES (AES-192 if both ends support it) –  Lifetime (1 hour = 60 min = 3600 sec) –  SHA-2 (256 bit keys) –  PFS 2 –  DH Group 14 (aka MODP# 14)

51

Receiving Prefixes

•  There are three scenarios for receiving prefixes from other ASNs –  Customer talking BGP –  Peer talking BGP –  Upstream/Transit talking BGP

•  Each has different filtering requirements and need to be considered separately

24/04/2014  

27  

Receiving Prefixes: From Customers

•  ISPs should only accept prefixes which have been assigned or allocated to their downstream customer

•  If ISP has assigned address space to its customer, then the customer IS entitled to announce it back to his ISP

•  If the ISP has NOT assigned address space to its customer, then: –  Check in the five RIR databases to see if this address space really

has been assigned to the customer. Legitimacy of Address (LoA) check

–  The tool: whois –h jwhois.apnic.net x.x.x.0/24 •  (jwhois queries all RIR database)

Receiving Prefixes: From Customers

•  Example use of whois to check if customer is entitled to announce address space:

$ whois -h whois.apnic.net 2406:6400::/32 Inet6num: 2406:6400::/32 netname: APNIC-AP descr: Asia Pacific Network Information Centre descr: Regional Internet Registry for the Asia-Pacific descr: 6 Cordelia Street descr: South Brisbane, QLD 4101 descr: Australia country: AU admin-c: AIC1-AP tech-c: NO4-AP mnt-by: APNIC-HM mnt-irt: IRT-APNIC-AP changed: hm-changed@apnic.net status: ASSIGNED PORTABLE changed: hm-changed@apnic.net 20110309 source: APNIC

Portable – means its an assignment to the customer, the customer can announce it to you

24/04/2014  

28  

Receiving Prefixes: From Peers

•  A peer is an ISP with whom you agree to exchange prefixes you originate into the Internet routing table –  Prefixes you accept from a peer are only those they have indicated

they will announce –  Prefixes you announce to your peer are only those you have

indicated you will announce

Receiving Prefixes: From Peers •  Agreeing what each will announce to the other:

–  Exchange of e-mail documentation as part of the peering agreement, and then ongoing updates

OR –  Use of the Internet Routing Registry and configuration tools such as

the IRRToolSet http://www.isc.org/software/irrtoolset

24/04/2014  

29  

Receiving Prefixes: From Upstream

•  Upstream/Transit Provider is an ISP who you pay to give you transit to the WHOLE Internet

•  Receiving prefixes from them is not desirable unless really necessary

•  Ask upstream/transit provider to either: –  originate a default-route

OR –  announce one prefix you can use as default

SSL/TLS •  Most widely-used protocol for security •  Encrypts the segments of network connections above the

Transport Layer •  SSL and TLS

–  SSL v3.0 specified in an I-D in 1996 (draft-freier-ssl-version3-02.txt) –  TLS v1.0 specified in RFC 2246 in 1999 –  TLS v1.0 = SSL v3.1 ≈ SSL v3.0 –  TLS v1.1 in 2006 –  TLS v1.2 in 2008

•  Goals of protocol –  Secure communication between applications –  Data encryption –  Server authentication –  Message integrity –  Client authentication (optional)

24/04/2014  

30  

Benefits of TLS •  Application-layer independent

–  can be implemented with any applications –  a wide range of applications supporting it

•  SSL makes use of both asymmetric and symmetric key cryptography. –  performance reasons. –  Only the initial "client key exchange message" is encrypted with asymmetric

encryption. –  Symmetric encryption is better in terms of performance/speed

•  Uses X.509 certificates –  Certificates and Public Key Infrastructure

•  SSL protocol layers comes on top of TCP (transport Layer), and is below application layer. –  no network infrastructure changes are required to deploy SSL

•  Each and every connection that's made, through SSL has got one session information. –  Session can also be reused or resumed for other connections to the server

59

SSL Protocol Building Blocks SSL is a Combination of a Primary Record Protocol

with Four ‘Client’ Protocols

SSL Change Cipher

Spec Protocol

SSL Alert

Protocol

SSL Handshake

Protocol

Application Data

Protocol

SSL Record Protocol

24/04/2014  

31  

Applications Using SSL/TLS

Protocol Defined Port Number SSL/TLS Port Number HTTP 80 443 NNTP 119 563 LDAP 389 636 FTP-data 20 989 FTP-control 21 990 Telnet 23 992 IMAP 143 993 POP3 110 995 SMTP 25 465

Public Key Infrastructure

•  Combines public key cryptography and digital signatures to ensure confidentiality, integrity, authentication, non-repudiation, and access control

•  Digital certificate – basic element of PKI; secure credential that identifies the owner

•  Basic Components: –  Certificate Authority (CA) –  Registration Authority (RA) –  Repository –  Archive

24/04/2014  

32  

Secure Shell Protocol (SSH)

•  Protocol for secure remote login

•  Provides support for secure remote login, secure file transfer, and secure forwarding of TCP/IP and X Window System traffic

•  Consists of 3 major components: –  Transport layer protocol (server authentication, confidentiality,

integrity) –  User authentication protocol (authenticates client to the server) –  Connection protocol (multiplexes the encrypted tunnel into several

logical channels)

Application Layer Security

•  HTTPS

•  PGP (Pretty Good Privacy)

•  SMIME (Secure Multipurpose Internet Mail Extensions)

•  TSIG and DNSSEC

•  Wireless Encryption - WEP, WPA, WPA2

24/04/2014  

33  

HTTPS

•  Hypertext Transfer Protocol Secure

•  Widely-used, message-oriented communications protocol

•  Connectionless oriented protocol

•  Technically not a protocol in itself, but simply layering HTTP on top of the SSL/TLS protocol

•  Encapsulates data after security properties of the session

•  Not to be confused with S-HTTP

Note: A website must use HTTPS everywhere, otherwise it is still vulnerable to some attacks

Pretty Good Privacy (PGP)

•  Stands for Pretty Good Privacy, developed by Phil Zimmerman in 1995

•  PGP is a hybrid cryptosystem –  combines some of the best features of both conventional and public

key cryptography

•  Assumptions: –  All users are using public key cryptography and have generated

private/public key pairs (using RSA or El Gamal) –  All users also use symmetric key system (DES or Rijndael)

•  Offers authentication, confidentiality, compression, e-mail compatibility and segmentation

24/04/2014  

34  

PGP - Trust

•  Centralized / hierarchal trust – where certain globally trusted bodies sign keys for every one else.

•  Decentralized webs of trust – where you pick who you trust yourself, and decide if you trust who those people trust in turn.

•  Which works better for what reasons?

Key management: Partying

•  Key signing parties are ways to build webs of trust.

•  Each participant carries identification, as well as a copy of their key fingerprint. (maybe some $ as well J )

•  Each participant decides if they’re going to sign another key based on their personal policy.

•  Keys are easiest kept in a keyring on an openpgp keyserver in the aftermath of the party.

24/04/2014  

35  

VPN and IPsec

Virtual Private Networks

•  Creates a secure tunnel over a public network

•  Any VPN is not automagically secure. You need to add security functionality to create secure VPNs. That means using firewalls for access control and probably IPsec or SSL/TLS for confidentiality and data origin authentication.

70

24/04/2014  

36  

VPN Protocols

•  PPTP (Point-to-Point tunneling Protocol) –  Developed by Microsoft to secure dial-up connections –  Operates in the data-link layer

•  L2F (Layer 2 Forwarding Protocol) –  Developed by Cisco –  Similar as PPTP

•  L2TP (Layer 2 Tunneling Protocol) –  IETF standard –  Combines the functionality of PPTP and L2F

•  IPsec (Internet Protocol Security) –  Open standard for VPN implementation –  Operates on the network layer

Other VPN Implementations

•  MPLS VPN –  Used for large and small enterprises –  Pseudowire, VPLS, VPRN

•  GRE Tunnel –  Packet encapsulation protocol developed by Cisco –  Not encrypted –  Implemented with IPsec

•  L2TP IPsec –  Uses L2TP protocol –  Usually implemented along with IPsec –  IPsec provides the secure channel, while L2TP provides the tunnel

24/04/2014  

37  

IPSec!

Internet!

What is IPSec?

•  IETF standard that enables encrypted communication between peers: –  Consists of open standards for securing private communications –  Network layer encryption ensuring data confidentiality, integrity, and

authentication –  Scales from small to very large networks

What Does IPsec Provide ?

•  Confidentiality….many algorithms to choose from •  Data integrity and source authentication

–  Data “signed” by sender and “signature” verified by the recipient –  Modification of data can be detected by signature “verification” –  Because “signature” based on a shared secret, it gives source

authentication

•  Anti-replay protection –  Optional : the sender must provide it but the recipient may ignore

•  Key Management –  IKE – session negotiation and establishment –  Sessions are rekeyed or deleted automatically –  Secret keys are securely established and authenticated –  Remote peer is authenticated through varying options

74

24/04/2014  

38  

Different Layers of Encryption

Network Layer - IPsec

Link Layer Encryption

Source Destination

Application Layer – SSL, PGP, SSH, HTTPS

Relevant Standard(s)

•  IETF specific –  rfc2409: IKEv1 –  rfc4301: IPsec Architecture (updated) –  rfc4303: IPsec ESP (updated) –  rfc4306: IKEv2 –  rfc4718: IKEv2 Clarifications –  rfc4945: IPsec PKI Profile

•  IPv6 and IPsec –  rfc4294: IPv6 Node Requirements –  Rfc4552: Authentication/Confidentiality for OSPFv3 –  rfc4877: Mobile IPv6 Using IPsec (updated) –  rfc4891: Using IPsec to secure IPv6-in-IPv4 Tunnels

76

24/04/2014  

39  

IPsec Modes

•  Tunnel Mode –  Entire IP packet is encrypted and becomes the data component of a

new (and larger) IP packet. –  Frequently used in an IPsec site-to-site VPN

•  Transport Mode –  IPsec header is inserted into the IP packet –  No new packet is created –  Works well in networks where increasing a packet’s size could cause

an issue –  Frequently used for remote-access VPNs

Tunnel vs. Transport Mode IPsec

Payload TCP

Header IP

Header Without IPsec

Transport Mode IPsec

Tunnel Mode IPsec

Payload TCP

Header IP

Header IPsec

Header IP

Header

Payload TCP

Header IP

Header IPsec

Header New IP Header

24/04/2014  

40  

Transport vs Tunnel Mode

79

Transport Mode: End systems are the initiator and recipient of protected traffic

Tunnel Mode: Gateways act on behalf of hosts to protect traffic

Routing Update TFTP

File Transfer

File Transfer

IPsec Architecture

ESP

AH

IKE

IPsec Security Policy

Encapsulating Security Payload

Authentication Header

The Internet Key Exchange

24/04/2014  

41  

Security Associations (SA)

•  A collection of parameters required to establish a secure session

•  Uniquely identified by three parameters consisting of –  Security Parameter Index (SPI) –  IP destination address –  Security protocol (AH or ESP) identifier

•  An SA is unidirectional –  Two SAs required for a bidirectional communication

•  A single SA can be used for AH or ESP, but not both –  must create two (or more) SAs for each direction if using both AH and

ESP

Authentication Header (AH)

•  Provides source authentication and data integrity –  Protection against source spoofing and replay attacks

•  Authentication is applied to the entire packet, with the mutable fields in the IP header zeroed out

•  If both AH and ESP are applied to a packet, AH follows ESP

•  Operates on top of IP using protocol 51

•  In IPv4, AH protects the payload and all header fields except mutable fields and IP options (such as IPsec option)

DEPRECATED

24/04/2014  

42  

Encapsulating Security Payload (ESP)

•  Uses IP protocol 50

•  Provides all that is offered by AH, plus data confidentiality –  It uses symmetric key encryption

•  Must encrypt and/or authenticate in each packet –  Encryption occurs before authentication

•  Authentication is applied to data in the IPsec header as well as the data contained as payload

IPv4 IPsec AH

84

Original IP Header TCP/UDP Data

Original IP Header

AH Header TCP/UDP Data

Before applying AH:

After applying AH:

Authenticated except for mutable fields in IP header

Mutable Fields: - ToS - TTL - Hdr Checksum - Offset - Flags

IPv4 AH Transport Mode:

Original IP Header TCP/UDP Data

New IP Header

AH Header Data

Before applying AH:

After applying AH:

Authenticated except for mutable fields in new IP header

Original IP Header

Mutable Fields: - ToS - TTL - Hdr Checksum - Offset - Flags

IPv4 AH Tunnel Mode:

24/04/2014  

43  

IPv4 IPsec ESP

85

Original IP Header TCP/UDP Data

Original IP Header

ESP Header

Before applying ESP:

After applying ESP:

Encrypted

ESP Auth

Authenticated

TCP/UDP Data ESP

Trailer

Original IP Header TCP/UDP Data

New IP Header

ESP Header

Before applying ESP:

After applying ESP:

Encrypted

ESP Auth

Authenticated

Original IP Header TCP/UDP Data

ESP Trailer

IPv4 ESP Transport Mode:

IPv4 ESP Tunnel Mode:

ESP Header Format

86

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Next Header Padding Length

SPI: Arbitrary 32-bit number that specifies SA to the receiving device Seq #: Start at 1 and must never repeat; receiver may choose to ignore IV: Used to initialize CBC mode of an encryption algorithm Payload Data: Encrypted IP header, TCP or UDP header and data Padding: Used for encryption algorithms which operate in CBC mode Padding Length: Number of bytes added to the data stream (may be 0) Next Header: The type of protocol from the original header which appears in the encrypted part of the packet Auth Data: ICV is a digital signature over the packet and it varies in length depending on the algorithm used (SHA-1, MD5)

Payload Data (Variable)

Padding (0-255 bytes)

Initialization Vector (IV)

Sequence Number

Security Parameter Index (SPI)

Authentication Data (ICV)

EN

CR

YP

TED

24/04/2014  

44  

Internet Key Exchange (IKE)

•  “An IPsec component used for performing mutual authentication and establishing and maintaining Security Associations.” (RFC 5996)

•  Typically used for establishing IPsec sessions

•  A key exchange mechanism

•  Five variations of an IKE negotiation: –  Two modes (aggressive and main modes) –  Three authentication methods (pre-shared, public key encryption,

and public key signature)

•  Uses UDP port 500

IKE Modes Mode Description Main mode Three exchanges of information between IPsec peers.

Initiator sends one or more proposals to the other peer (responder), responder selects a proposal Diffie-Hellman (DH) key exchange Establish ISAKMP session

Aggressive Mode Achieves same result as main mode using only 3 packets First packet sent by initiator containing all info to establish SA Second packet by responder with all security parameters selected Third packet finalizes authentication of the ISAKMP session

Quick Mode Negotiates the parameters for the IPsec session. Entire negotiation occurs within the protection of ISAKMP session

24/04/2014  

45  

Internet Key Exchange (IKE)

•  Phase I –  Establish a secure channel (ISAKMP SA) –  Using either main mode or aggressive mode –  Authenticate computer identity using certificates or pre-shared secret

•  Phase II –  Establishes a secure channel between computers intended for the

transmission of data (IPsec SA) –  Using quick mode

IPsec with IKE

90

Traffic which needs to be protected is

recognized as requiring IPsec protection

IPsec Peer IPsec Peer

IKE Phase 1

Secure communication channel

IKE Phase 2

IPsec Tunnel

Secured traffic exchange

1 2

3

4

Peers Authenticate using: - Pre-shared key - Digital Certificate

Secured Communications

24/04/2014  

46  

IPsec IKE Phase 1 Uses DH Exchange

•  First public key algorithm (1976)

•  Diffie Hellman is a key establishment algorithm –  Two parties in a DF exchange can generate a shared secret –  There can even be N-party DF changes where N peers can all

establish the same secret key

•  Diffie Hellman can be done over an insecure channel

•  IKE authenticates a Diffie-Hellman exchange –  Pre-shared secret –  Nonce (RSA signature) –  Digital signature

91

IKE Phase 1 Main Mode

92

Responder Initiator

1

2

IKE Message 1 (SA proposal)

IKE Message 2 (accepted SA)

IKE Message 3 (DH public value, nonce)

IKE Message 4 (DH public value, nonce)

IKE Message 5 (Authentication material, ID)

IKE Message 6 (Authentication material, ID) 4

3

Negotiate IKE Policy

Authenticated DH Exchange

Compute DH shared secret and derive keying material

Protect IKE Peer Identity

Internet

(Encrypted)

24/04/2014  

47  

IKE Phase 2 Quick Mode

93

Responder Initiator

3

Compute keying material

Internet

Message 1 (authentication/keying material and SA proposal)

Message 2 (authentication/keying material and accepted SA)

Message 3 (hash for proof of integrity/authentication)

1

2

5

Validate message 1

7

4

6 Validate

message 3

Validate message 2

IKE v2: Replacement for Current IKE Specification •  Feature Preservation

–  Most features and characteristics of baseline IKE v1 protocol are being preserved in v2

•  Compilation of Features and Extensions –  Quite a few features that were added on top of the baseline IKE

protocol functionality in v1 are being reconciled into the mainline v2 framework

•  Some New Features

24/04/2014  

48  

IKE v2: What Is Not Changing

•  Features in v1 that have been debated but are ultimately being preserved in v2 –  Most payloads reused –  Use of nonces to ensure uniqueness of keys

•  v1 extensions and enhancements being merged into mainline v2 specification –  Use of a ‘configuration payload’ similar to MODECFG for address

assignment –  ‘X-auth’ type functionality retained through EAP –  Use of NAT Discovery and NAT Traversal techniques

IKE v2: What Is Changing

•  Significant Changes Being to the Baseline Functionality of IKE –  EAP adopted as the method to provide legacy authentication

integration with IKE –  Adds standard mobility support through MOBIKE –  Ability to detect whether the tunnel is still alive or not

•  “Liveness” check

–  Incorporation of NAT traversal –  DoS attack resilience

•  Check if source actually exists

24/04/2014  

49  

How Does IKE v2 Work?

IKE_SA_INIT (Two Messages)

IKE_AUTH (Two Messages)

Protected Data

IKE_SA Authentication Parameters Negotiated

IKE Authentication Occurs and One CHILD_SA Created

CREATE_CHILD_SA (Two Messages) Second CHILD_SA Created

Non-Vendor Specific Deployment Issues •  Historical Perception

–  Configuration nightmare –  Not interoperable

•  Performance Perception –  Need empirical data –  Where is the real performance hit?

•  Standards Need Cohesion

98

24/04/2014  

50  

Vendor Specific Deployment Issues

•  Lack of interoperable defaults –  A default does NOT mandate a specific security policy –  Defaults can be modified by end users

•  Configuration complexity –  Too many knobs –  Vendor-specific terminology

•  Good News: IPv6 support in most current implementations

99

Pretty Good IPsec Policy

•  IKE Phase 1 (aka ISAKMP SA or IKE SA or Main Mode) –  3DES (AES-192 if both ends support it) –  Lifetime (8 hours = 480 min = 28800 sec) –  SHA-2 (256 bit keys) –  DH Group 14 (aka MODP# 14)

•  IKE Phase 2 (aka IPsec SA or Quick Mode) –  3DES (AES-192 if both ends support it) –  Lifetime (1 hour = 60 min = 3600 sec) –  SHA-2 (256 bit keys) –  PFS 2 –  DH Group 14 (aka MODP# 14)

100

24/04/2014  

51  

Sample Router Configuration crypto isakmp policy 1

authentication pre-share

encryption aes

hash sha

group 5

crypto isakmp key Training123 address 172.16.11.66

!

crypto ipsec transform-set ESP-AES-SHA esp-aes esp-sha-hmac

!

crypto map LAB-VPN 10 ipsec-isakmp

match address 101

set transform-set ESP-AES-SHA

set peer 172.16.11.66

Phase 1 SA

Encryption and

Authentication

Phase 2 SA

Sample Router Configuration

int fa 0/1

crypto map LAB-VPN

Exit

!

access-list 101 permit ip 172.16.16.0 0.0.0.255 172.16.20.0 0.0.0.255

Apply on outbound interface

Define interesting VPN traffic

24/04/2014  

52  

Help With Configuring IPsec

•  http://www.vpnc.org/InteropProfiles/

•  Documents for Cisco IPsec configuration: –  http://www.cisco.com/en/US/tech/tk583/tk372/

technologies_configuration_example09186a0080093f73.shtml –  http://www.cisco.com/en/US/tech/tk583/tk372/

technologies_configuration_example09186a0080093f86.shtml

•  Document for Juniper IPsec configuration: –  http://kb.juniper.net/InfoCenter/index?page=content&id=KB10128

103

Capture: Telnet

104

24/04/2014  

53  

Capture: Telnet + IPsec

105

Public Key Infrastructure Network Security Workshop

24/04/2014  

54  

Public Key Infrastructure

•  Framework that builds the network of trust

•  Combines public key cryptography, digital signatures, to ensure confidentiality, integrity, authentication, nonrepudiation, and access control

•  Protects applications that require high level of security

Functions of a PKI

•  Registration

•  Initialization

•  Certification

•  Key pair recovery

•  Key generation

•  Key update

•  Cross-certification

•  Revocation

24/04/2014  

55  

Public Key Infrastructure

Source: http://commons.wikimedia.org

Components of a PKI

•  Certificate authority –  The trusted third party –  Trusted by both the owner of the certificate and the party relying upon

the certificate.

•  Validation authority

•  Registration authority –  For big CAs, a separate RA might be necessary to take some work

off the CA –  Identity verification and registration of the entity applying for a

certificate

•  Central directory

24/04/2014  

56  

Certificates

•  Public key certificates bind public key values to subjects •  A trusted certificate authority (CA) verifies the subject’s identity

and digitally sign each certificate –  Validates

•  Has a limited valid lifetime •  Can be used using untrusted communications and can be

cached in unsecured storage –  Because client can independently check the certificate’s signature

•  Certificate is NOT equal to signature –  It is implemented using signature

•  Certificates are static –  If there are changes, it has to be re-issued

Digital Certificate

•  Digital certificate – basic element of PKI; secure credential that identifies the owner

•  Also called public key certificate

•  Certificate examples: –  X509 (standard) –  PGP (Pretty Good Privacy)

24/04/2014  

57  

Every certificate contains…

•  Body of the certificate –  Version number, serial number, names of the issuer and subject –  Public key associated with the subject –  Expiration date (not before, not after) –  Extensions for additional tributes

•  Signature algorithm –  Used by the CA to sign the certificate

•  Signature –  Created by applying the certificate body as input to a one-way hash

function. The output value is encrypted with the CA’s private key to form the signature value

Digital Certificate Lifecycle Key Pair Generated

Certificate Issued

Certificate valid

and in use

Private Key compromised

Certificate Expires

Recertify

Certificate Revoked

Keypair Expired

114

24/04/2014  

58  

Certificate Authority

•  Issuer and signer of the certificate •  Trusted (Third) Party

–  Based on trust model –  Who to trust?

•  Types: –  Enterprise CA –  Individual CA (PGP) –  Global CA (such as VeriSign)

•  Functions: –  Enrolls and Validates Subscribers –  Issues and Manages Certificates –  Manages Revocation and Renewal of Certificates –  Establishes Policies & Procedures

Certificate Revocation Lists

•  CA periodically publishes a data structure called a certificate revocation list (CRL).

•  Described in X.509 standard.

•  Each revoked certificate is identified in a CRL by its serial number.

•  CRL might be distributed by posting at known Web URL or from CA’s own X.500 directory entry.

24/04/2014  

59  

Who Can Be a CA?

•  A CA signs certificates, but which CA? Who picks CAs?

•  Perhaps another CA issues a certificate to other CAs—but who picked them?

•  Ultimately, you have to trust someone—the trust anchor

•  Modern operating systems and browsers come with a list of built-in CAs

•  You are trusting your vendors; they have decided to trust certain CAs –  Are these CAs trustworthy?

117

The Browser CA Problem

•  Microsoft trusts over 300 certificate authorities –  If you delete one, Windows will helpfully reload it for

you… •  Mozilla trusts 150 •  Apple trusts 180 •  Any CA your browser trusts can issue a certificate for any

site at all, even if there is already some other certificate for it

•  If any single CA is compromised, your browser can be fooled

•  This has happened…

118

24/04/2014  

60  

The Diginotar Case

•  Someone penetrated Diginotar (a CA) and stole its private key

•  This key was used to create fake certificates for gmail.com

•  People in Iran who tried to connect securely to gmail instead connected to somewhere else—but it looked authentic, because there was a Diginotar-issued certificate for Google

•  Note: Diginotar was not Google’s CA… •  Diginotar is (a) no longer trusted by browsers, and (b)

out of business…

119

RPKI Resource Public Key Infrastructure

24/04/2014  

61  

SIDR Working Group

•  Secure Inter-Domain Routing (SIDR)

•  Its purpose is to “reduce vulnerabilities to the inter-domain routing system”

•  Addresses two vulnerabilities: •  Is an Autonomous System authorized to originate an IP prefix? •  Is the AS-Path represented in the route the same as the path through

which the NLRI traveled?

•  Projects: PKI, RPKI, BGPsec

Source: SIDR WG https://datatracker.ietf.org/wg/sidr/charter/

BGP Security (BGPsec)

•  Extension to BGP that provides improved security for BGP routing

•  Currently an IETF Internet draft

•  Implemented via a new optional non-transitive BGP path attribute that contains a digital signature

•  Two things: –  BGP Prefix Origin Validation (using RPKI) –  BGP Path Validation

24/04/2014  

62  

Three Pieces

•  RPKI – Resource Public Key Infrastructure, the Certificate Infrastructure to Support the other Pieces (deployed at all RIRs)

•  Origin Validation – Using the RPKI to detect and prevent mis-originations of someone else’s prefixes (in deployment)

•  AS-Path Validation / BGPsec – Prevent Path Attacks on BGP (future work)

What is RPKI?

•  Resource Public Key Infrastructure (RPKI)

•  A robust security framework for verifying the association between resource holder and their Internet resources

•  Created to address the issues in RFC 4593

•  Uses X.509 v3 certificates –  With RFC3779 extensions

24/04/2014  

63  

What is RPKI?

•  “represents the allocation hierarchy of IP address space and Autonomous Systems (AS) numbers”

•  A system to manage the creation and storage of digital certificates and the associated Route Origin Authorization documents

•  Helps to secure Internet routing by validating routes –  Proof that prefix announcements are coming from the legitimate

holder of the resource

RPKI is in the process of standardization through the Secure Inter-Domain Routing (SIDR) working group

RFCs on RPKI

•  RFC 6810 – The Resource Public Key Infrastructure (RPKI) to Router Protocol (January 2013) - Standard

•  RFC 6480 – An Infrastructure to Support Secure Internet Routing (Feb 2012) - informational

•  RFC 6481 – A Profile for Resource Certificate Repository Structure (Feb 2012) - standard

•  RFC 6491 – RPKI Objects Issued by IANA

•  RFC 6493 – The RPKI Ghostbusters Record

•  RFC 6487 – A Profile for X.509 PKIX Resource Certificate

24/04/2014  

64  

A bit of History

•  1986 – Bellovin & Perlman identify the vulnerability in DNS and Routing

•  1999 - National Academies study called it out

•  2000 – S-BGP – X.509 PKI to support Secure BGP - Kent, Lynn, et al.

•  2003 – NANOG S-BGP Workshop

•  2006 – RPKI.NET(for ARIN) & APNIC start work on RPKI. RIPE starts in 2008.

•  2009 – RPKI.NET Open Testbed and running code in test routers

Benefits of RPKI - Routing

•  Prevents “Route Hijacking” –  when an entity participating in Internet routing announces a prefix

without authorization –  Reason: malicious attack

•  Prevents mis-origination –  A prefix that is originated by an AS which does not own it –  Reason: configuration mistake

24/04/2014  

65  

Internet Routing

The Internet

Traffic 202.12.29.0/24

Announce 202.12.29.0/24

Global Routing Table

4.128/9 60.100/16 60.100.0/20 135.22/16 …

Global Routing Table

4.128/9 60.100/16 60.100.0/20 135.22/16

202.12.29.0/24 …

202.12.29.0/24

“Right” to Resources

•  ISP gets their resources from the RIR

•  ISP notifies its upstream of the prefixes to be announced

•  Upstream _MUST_ check the Whois database if resource has been delegated to customer ISP.

We need to be able to authoritatively prove who owns an IP Prefix and what AS(s) may announce it.

24/04/2014  

66  

X.509 Certificate

•  Resource certificates are based on the X.509 certificate format - RFC 5280

•  Extended by RFC 3779 – this extension binds a list of resources (IP, ASN) to the subject of the certificate

X.509 Certificate with 3779 Extension

•  SIA – Subject Information Access; contains a URI that references the directory X.509 Certificate

RFC 3779Extension

SIA

Owner's Public Key

24/04/2014  

67  

Two Components

•  Certificate Authority (CA) –  Internet Registries (RIR, NIR, Large LIR) –  Issue certificates for customers –  Allow customers to use the CA’s GUI to issue ROAs for their prefixes

•  Relying Party (RP) –  Software which gathers data from CAs

Route Origin Authorization (ROA)

•  Certificate holder uses its private key to sign an ROA

•  Verifies that an AS has been given permission by an address block holder to advertise routes to one or more prefixes without that block

24/04/2014  

68  

Resource Certification

•  RIRs have been developing a new service for their members

•  APNIC has now launched Resource Certification for the AP region

•  The goal is to improve the security of inter-domain routing and augmenting the information published in the APNIC Whois Database

Resource Certification Benefits

•  Routing information corresponds to properly delegated address resources

•  Resource Certification gives resource holders proof that they hold certain resources

•  Resource holders can attest to those resources when distributing them

•  Resource Certification is a highly robust means of preventing the injection of false information into the Internet's routing system.

24/04/2014  

69  

APNIC Resource Certification

•  A robust security framework for verifying the association between resource holders and their Internet resources.

•  Initiative from APNIC aimed at –  improving the security of inter-domain routing, and –  augmenting the information published in the Whois database

•  Verifies a holder’s current “right-of-use” over an Internet resource

How it Works

24/04/2014  

70  

Creating ROA Records

•  Login to MyAPNIC, then Resources -> Certification

Adding ROA Records

24/04/2014  

71  

Deleting ROA Records

RPKI Validation

•  RPKI-capable routers can fetch the validated ROA dataset from a trust anchor

•  BGP states: –  VALID if a matching VRP* was found –  INVALID a VRP was found, but ASN did not match –  UNKNOWN if no matching or covering VRP was found

24/04/2014  

72  

Questions

How APNIC can help you?

144

24/04/2014  

73  

Internet Challenges Today

•  Internet Security –  Unauthorized Intrusions –  Denial of Service (DoS) Attacks –  Internal Attacks –  Non-compliance etc.

•  Spam –  Unsolicited Commercial Email (UCE) & Unsolicited Bulk Email (UBE) –  Spam volume is exploding

•  Network abuse –  RIR’s do not regulate conduct of Internet activity –  Investigation possibilities

•  Cooperation of the network administrators •  Law enforcement agencies

APNIC Service offerings

•  Whois Database – an important resource! –  Troubleshooting –  Tracking source of abuse – Protecting address space to prevent hijacking

•  Information dissemination – APNIC Conferences

•  Technical talks & tutorials – Publications & Research

•  Education –  Training courses, Workshops and Seminars

24/04/2014  

74  

Steps we take to ensure Whois accuracy •  Member account opening

–  verification of corporate existence with corporate registries or regulators (where possible)

•  Membership renewal –  once a year –  email to corporate contact, with payment record –  Internet resources revoked if account not paid or

renewed

•  Transfer policies –  encourage registration of resources –  “value” of Internet resources encourage registration

Efforts in Preventing Network Abuse

•  As a registry, APNIC adopts and applies policies for it’s community which address network abuse. APNIC does not have the capacity to investigate abuse complaints or the legal powers to regulate Internet activity.

•  APNIC seeks to raise awareness of the need for responsible network management in the Asia Pacific, through training and communication.

24/04/2014  

75  

Why APNIC appear as the source in some abuse search reports? •  Some designed to search the ARIN Whois

database and may refer to APNIC as the culprit

•  Many websites with Whois lookup functions has the same limitations

•  However the IP addresses are registered by five RIRs on a regional basis

•  If a standard search refers you to APNIC – It means only that the network in question is

registered in the Asia Pacific region – Does not mean that APNIC is responsible or that

the hacker/spammer is using APNIC network

Detecting the Abuse

24/04/2014  

76  

Can APNIC stop Abuse?

•  No, because… – APNIC is not an ISP and does not provide network

connectivity to other networks – APNIC does not control Internet routing – APNIC is not a law enforcement agency – APNIC has no industry regulatory power

Investigation of Complaints •  Laws relating to network abuse vary from

country to country

•  Investigation possibilities – Cooperation of the network administrators –  Law enforcement agencies

•  Local jurisdiction •  Jurisdiction where the problem originates

24/04/2014  

77  

What can you do?

•  Use the APNIC Whois Database to obtain network contact information

•  APNIC Whois may or may not show specific customer assignments for the addresses in question –  But will show the ISP holding APNIC space

•  Contact the network responsible and also its ISP/upstream

•  Contact APNIC for help, advice, training or support

•  Community discussions can be raised in the APNIC conferences, mailing lists, etc.

APNIC Resource Quality Assurance

•  Community awareness

•  Build relationships with reputable organizations that maintain bogon/black list

•  Keep the WHOIS Database accurate –  Actively remind resource holders to update their data

24/04/2014  

78  

APNIC also manages Reverse DNS

•  ‘Forward DNS’ maps names to numbers –  svc00.apnic.net è202.12.28.131

•  ‘Reverse DNS’ maps numbers to names –  202.12.28.131 è svc00.apnic.net

Person (Host) Address (IPv4/IPv6)

155

The APNIC Whois Database

156

24/04/2014  

79  

The APNIC Whois Database

•  Holds IP address records within the AP region •  Can use this database to track down the source of

the network abuse –  IP addresses, ASNs, Reverse Domains, Routing policies

•  Can find contact details of the relevant network administrators –  not the individual users –  use administrators log files to contact the individual

involved

Resource Registration

•  As part of the membership agreement with APNIC, all members are required to register their resources in the APNIC Whois database.

•  Members must keep records up to date: –  Whenever there is a change in contacts –  When new resources are received –  When resources are sub-allocated or assigned

158

24/04/2014  

80  

Whois Object Types

OBJECT PURPOSE person contact persons role contact groups/roles inetnum IPv4 addresses Inet6num IPv6 addresses aut-num Autonomous System number domain reverse domains route prefixes being announced mntner (maintainer) data protection mnt-irt Incident Response Team

http://www.apnic.net/db/

159

How to use APNIC Whois

•  Web browser –  http://www.apnic.net/whois

•  Whois client or query tool – whois.apnic.net

•  Identify network contacts from the registration records –  IRT (Incident Response Team) if present – Contact persons: “tech-c” or “admin-c”

24/04/2014  

81  

What if Whois info is invalid?

•  Members (ISPs) are responsible for reporting changes to APNIC – Under formal membership agreement

•  Report invalid ISP contacts to APNIC –  http://www.apnic.net/invalidcontact – APNIC will contact member and update registration

details

What if Whois info is invalid?

•  Customer assignment information is the responsibility of ISPs –  ISPs are responsible for updating their customer network

registrations

•  Tools such as ‘traceroute’, ‘looking glass’ and RIS may be used to track the upstream provider if needed – More information available from APNIC

24/04/2014  

82  

Inetnum / Inet6num Objects

•  Contains IP allocation and assignment information •  APNIC creates an inetnum (or inet6num) object for

each allocation or assignment they make to the Member

•  All members must create inetnum (or inet6num) objects for each sub-allocation or assignment they make to customers

163

IRT Object

•  Incident Response Team (IRT) –  Dedicated abuse handling teams (not netops)

•  Implemented in Nov 2010 through Prop-079

•  Abuse contact information

•  Mandatory object reference in inetnum, inet6num, and aut-num objects

24/04/2014  

83  

IRT Object

•  Why provide abuse contact –  Dedicated contacts or team that specifically resolve computer

security incidents –  Efficient and accurate response –  Stops the tech-c and admin-c from getting abuse reports –  Shared response to address abuse

APNIC Whois Registration

24/04/2014  

84  

APNIC Whois Registration

APNIC Whois Registration

24/04/2014  

85  

APNIC Whois Registration

Maintainer Hierarchy Diagram

170

Allocated to APNIC: Maint-by can only be changed by IANA

Allocated to Member: Maint-by can only be changed by APNIC

Sub-allocated to Customer: Maint-by can only be changed by Member

24/04/2014  

86  

inetnum:

Allocation (Created by APNIC)

3

Using the Whois – step by step

Customer Assignments (Created by Member)

person: nic-hdl:

KX17-AP

Contact info

1

Data Protection

mntner: 2

inetnum: ... KX17-AP

... mnt-by: ...

4 inetnum: ... KX17-AP

... mnt-by: ...

5 inetnum: ... KX17-AP

... mnt-by: ...

6

Whois Database Queries

–  Flags used for inetnum queries

None one level less specific matches

- L find all less specific matches

- m find first level more specific matches

- M find all More specific matches

- x find exact match (if no match, nothing)

- d enables use of flags for reverse domains

- r turn off recursive lookups

24/04/2014  

87  

inetnum: 202.64.0.0 – 202.64.15.255

202.64.0.0/20

inetnum: 202.0.0.0 – 202.255.255.255

202.0.0.0/8

Whois Database Query - inetnum

202.64.12.128/25

inetnum:

whois -L 202.64.0.0 /20

whois 202.64.0.0 /20

whois –m 202.64.0.0 /20 inetnum:

202.64.15.192/26

inetnum: 202.64.10.0/24

More specific (= smaller blocks)

Less specific (= bigger block)

Recursive Lookups •  whois 202.12.29.0

à

–  whois -r 202.12.29.0 à –  whois -T inetnum 202.12.29.0 à –  whois -r -T inetnum 202.12.29.0 à

person inetnum route

inetnum

route

person

person

inetnum

inetnum

recursion enabled by default

recursion turned off

‘type’ of object specified

‘type’ of object specified & recursion turned off

, &

&

&

24/04/2014  

88  

Inverse Queries

•  Inverse queries are performed on inverse keys •  See object template (whois –t)

•  Returns all public objects that reference the object with the key specified as a query argument

•  Practical when searching for objects in which a particular value is referenced, such as your nic-hdl

•  Syntax: whois -i <attribute> <value>

Customer Privacy

•  Public data –  Includes portable addresses (inetnum objects), and other

objects e.g.route objects – Public data: must be visible

•  Private data – Can include non-portable addresses (inetnum objects) – Members have the option to make private data visible

•  Customer assignments – Can be changed to be public data (public data is an

optional choice)

24/04/2014  

89  

What needs to be visible?

IANA range

Non-APNIC range APNIC range

NIR range APNIC allocations & assignments

NIR allocations & assignments

Customer assignments Infrastructure Sub-allocations

must be visible

visibility optional

LIR/ISP

PORTABLE addresses

NON-PORTABLE addresses

APNIC Whois Database & the Internet Routing Registry

•  APNIC Whois Database –  Two databases in one

•  Public Network Management Database –  “Whois” info about networks & contact persons

•  IP addresses, AS numbers etc

•  Routing Registry –  contains routing information

•  routing policy, routes, filters, peers etc.

–  APNIC RR is part of the global IRR

24/04/2014  

90  

Benefits of APNIC RR integrated in Whois Database

•  Facilitates network troubleshooting •  Registration of routing policies •  Generation of router configurations •  Provides global view of routing

Security Management and Practices

24/04/2014  

91  

Open-Source Tools for Monitoring

•  Logging and monitoring systems –  Syslog, SNMP, Nagios, Cacti, Netflow, Nfsen

•  Detection and data gathering –  IDS system, active scanners, packet analyzers, Netflow

•  Firewalls and NAC –  IPTables, Packetfence

Security  tools  does  not  have  to  be  expensive!    It  can  also  be  free.  

NetFlow

182

24/04/2014  

92  

Packetfence

Securing the Host Machine

•  Encrypt! •  Encrypting emails

–  IMAPS –  SMTP over TLS/SSL –  Use PGP

•  Browser –  Set browser preferences –  Add-ons or plugins (NoScript, HTTPS Everywhere, Adblock, etc)

•  File encryption –  Full disk encryption (FileVault for Mac, Bitlocker on Windows,

Truecrypt)

24/04/2014  

93  

RFC2827 (BCP38) – Ingress Filtering

•  If an ISP is aggregating routing announcements for multiple downstream networks, strict traffic filtering should be used to prohibit traffic which claims to have originated from outside of these aggregated announcements.

•  The ONLY valid source IP address for packets originating from a customer network is the one assigned by the ISP (whether statically or dynamically assigned).

•  An edge router could check every packet on ingress to ensure the user is not spoofing the source address on the packets which he is originating.

Guideline for BCP38

•  Networks connecting to the Internet –  Must use inbound and outbound packet filters to protect network

•  Configuration example –  Outbound—only allow my network source addresses out –  Inbound—only allow specific ports to specific destinations in

•  Use the following techniques –  Static ACLs on the edge of the network –  Unicast RPF strict mode –  IP source guard

24/04/2014  

94  

BCP 140 – RFC5358

•  Prevents use of recursive nameservers in Reflector Attacks

•  http://tools.ietf.org/html/bcp140

•  Recommendations –  Disable recursive service when not necessary –  Implementing client authorization

•  Accept queries from customers only – client authorization acl my-net { 192.0.2.0/24; 2001:db8::/32; };

options { recursion yes;

allow-query { my-net; }; };

Securing the Nameserver •  Run the most recent version of the DNS software

–  Bind 9.9.1 or Unbound 1.4.16 –  Apply the latest patches

•  Hide version •  Restrict queries

–  Allow-query { acl_match_list; }; •  Prevent unauthorized zone transfers

–  Allow-transfer { acl_match_list; };

•  Run BIND with the least privilege (use chroot) •  Randomize source ports

–  don’t use query-source option

•  Secure the box •  Use TSIG and DNSSEC

24/04/2014  

95  

DNS - Response Rate Limiting (RRL)

•  Protects against DNS amplification attack

•  Implemented in CZ-NIC Knot (v1.2-RC3), NLNetLabs NSD (v3.2.15), and ISC BIND 9 (v9.9.4) release rate-limit { responses-per-second 5; log-only yes; };

•  If using older versions, a patch is available from –  http://ss.vix.su/~vjs/rrlrpz.html –  patch –p0 -l

The Challenge

•  Keeping up with the security requirements of changing technology –  Policies and standards must be updated

•  Changing usage – more mobile phones, BYOD

•  Think like a hacker –  Where are the vulnerabilities? –  Will someone exploit this vulnerability? –  Who are the possible perpetrators? –  Should I do pentesting?

24/04/2014  

96  

Do you have a CERT? (Computer Emergency Response Team)

Security Management

•  Network security is a part of a bigger information security plan

•  Policies vs. Standards vs. Guidelines

•  Must develop and implement comprehensive security policy –  Minimum password length, frequency of password change –  Access of devices, host firewalls –  User creation/deletion process –  Data signing/encryption –  Encrypting all communication (remote access) –  Use of digital certificates

•  Disaster Recovery and Attack Mitigation Plan

24/04/2014  

97  

Thank you!