Courses/Computer Science/CPSC 526.F2015/Lecture Notes
- 1 September 8: Intro and Overview
- 2 September 10: Important Concepts, Basic Threats and Adversaries
- 3 September 15: Intro to the Deception Surface: Setting up a Network From Scratch
- 4 Sept 17: Setting up a network from scratch (cont)
- 5 Sept 22: Attacking the Deception Surface: ARP attacks
- 6 Sept 24: Network Recon: Understanding the State of Alice, Bob, and Everyone in Between (Scanning, Sniffing, etc.)
- 7 Sept 29: Network Recon: Scanning + Sniffing
- 8 Oct 1: Ethics of Network Traffic Sniffing
- 9 Oct 6: Firewalls
- 10 Oct 8: Firewalls (cont.)
- 11 Oct 13: A Motivating Threat: Internet Worms
- 12 Oct 15: No lecture
- 13 Oct 20: Introduction to Authentication
- 14 Oct 22: Password-based Authentication Lulz
- 15 Oct 27: Authentication Protocol Basics
- 16 Oct 29: Protocol Pitfalls
- 17 Nov 3. Protocol Pitfalls (cont)
- 18 Nov 5: Crypto Fails and Subversion
- 19 Nov 10: Email Security
- 20 Nov 12: No Class (Reading Week)
- 21 Nov 17: PGP Key Signing Party
- 22 Nov 19: Spam (Guest Lecture by Prof. Aycock)
- 23 Nov 24: SSH
- 24 Nov 26: IPsec (Modes, Key Agreement, Operation, Applications)
- 25 Dec 1: Web Security 1: Authentication and Privacy Challenges
- 26 Dec 3: Web Security 2: Gruyere
- 27 Dec 8: LangSec and USRI
- 28 Misc
September 8: Intro and Overview
- Course policies, grading, etc. (Course Outline, Description, Syllabus)
- Concepts / Organization
With some background in security concepts and principles, we set security challenges and problems into a networked environment. Basic crypto primitives become building blocks of systems whose major focus is authentication and protecting the confidentiality and integrity of communications channels. This major topic is complemented with a variety of security mechanisms that attempt to provide C-I-A in other ways (e.g., firewalls, IDS, authentication systems & standards).
- Topics (i.e., knowledge & skills I want you to know by the end of the semester)
- common networking tools
- bit-level agility (packet crafting)
- working knowledge of common applied crypto
- authentication and secure protocols (design and major examples)
- network security application domains: routing security, web security
- network security mechanisms: firewalls, IDS, etc.
- Semester Highlights
- PGP key signing party
- web application hacking (Google Gruyere)
- build a VPN
- build a CA
- network introspection
- Write your "Question of the Day": this is one question about network security that you want answered by the end of the semester
- include your real name
- include a psuedonym if you wish
September 10: Important Concepts, Basic Threats and Adversaries
Today, we will briefly discuss some security concepts and then dive into a reminder and refresher of some basic Unix networking tools. Our goal is to get two computers, Alice and Bob, to exchange traffic.
Questions of the Day:
Results of Poll: out of 25 votes as of 10:15am, 19 people have not taken CPSC 418 or are taking it concurrently. We will dedicate the opening weeks of tutorials to providing a high-level overview of basic crypto concepts and terminology as well as an introduction to some crypto libraries.
September 15: Intro to the Deception Surface: Setting up a Network From Scratch
We will start with a QoD that leads us back to a discussion of basic network security threats and concepts. It also leads us toward the topic of the "deception surface": the collection of protocols and network state that networked computers and application rely on to accomplish their communication -- but these protocols are also, by their very nature, open to manipulation.
Sept 17: Setting up a network from scratch (cont)
Setting up and configuring network interfaces in Linux, discussion of IP addresses, netmasks, routing, relationship of ARP
demonstrate ICMP messages between Alice and Bob in a hub/broadcast environment vs. a switched environment
Sept 22: Attacking the Deception Surface: ARP attacks
building blocks for arp spoofing and arp poisoning
Sept 24: Network Recon: Understanding the State of Alice, Bob, and Everyone in Between (Scanning, Sniffing, etc.)
Today I want to discuss the concepts and tradeoffs involved in scanning the network for other hosts. We will also explore the relationship between scanning and sniffing. Sniffing can be seen as one form of passive scanning.
Neither scanning nor sniffing is inherently "bad"; both good guys and bad guys can undertake scanning and sniffing at various times and for various purposes.
- penetration testing
- network auditing (any rogue or forgotten hosts?)
- reconnaissance, host and service enumeration
- listening for unwanted traffic, data exfiltration
- listening for unencrypted traffic, authentication tokens
- listening for communication flows (traffic analysis)
Sniffing (i.e., listening) complements scanning (i.e., actively probing). Sniffing will only sample the network, and provide only a partial view of who is talking during the sampling period. Scanning allows you to attempt to contact and enumerate hosts and open ports, but hosts are under no obligation to respond to your probes. Thus, sniffing and scanning complement each other, but even together may not provide a complete picture of the network.
The "Big Picture" concept for today is that you'll often be asked some form of the question "how good is this tool?"; evaluating the power and limitations of tools, frameworks, techniques, mechanisms, algorithms, etc. entails an understanding how how they work, how they might fail, etc.
Today we will play a bit with traceroute and nmap.
We've already spent 1.5 weeks on the "who am I" question. Here are some other questions
- Where am I? Where are you? What are you (running)?
We can seek to answer these questions with:
- netstat (what services am I offering to the world? local broadcast? local machine?)
- iptables (what communication flows or packets is my kernel actually blocking for me? How? What is 'stealth mode'?)
- traceroute (where are you in relation to me? How do I anticipate this affecting the flow of packets between us?)
- nmap (what services are you running (that I can see?))
- tcpdump (how does nmap actually work? what is scanning, after all? what does a scan produce, and what are the expected replies?)
For example, how far away from scanme.nmap.org are we? http://pages.cpsc.ucalgary.ca/~locasto/teaching/2015/CPSC526/Winter/files/traceroute-nmap.org
Pick a partner. One of you is Alice, the other is Bob.
Have Bob list his open ports:
Have Bob list his firewall rules:
iptables -L //for Linux, for Windows, see [netsh http://windowsitpro.com/windows-server/top-10-windows-firewall-netsh-commands] for Mac, see ipfw or pfctl
Have Bob start up tcpdump:
tcpdump -i eth1 -n
Have Alice nmap Bob with
nmap -sS -sV -O -n --reason --traceroute bob.ip.addr.ess
What packets does Bob see? What ports does Alice see? If Bob flushes his firewall:
does this change the scan results?
For the past two weeks, we've looked at the (inherent!) weaknesses of the basic network fabric and low-level services/protocols --- the so-called deception surface. We made the point that these weaknesses are also strengths in terms of providing low-configuration connectivity and plug-and-talk type communication. The Internet probably wouldn't have taken off if participants had to sign complex multilateral treaties and do complex cryptographic dances simply to bind an IP address to a MAC address.
While countermeasures exist to detect many basic forms of layer2 and layer3 spoofing, poisoning, and flooding attacks and there are authentication protocols to provide basic network access control, our experience has shown us the need for a combination or composition of functionality that (a) provides connectivity and (b) protects the confidentiality, integrity, and availability of such channels. To this end, we will examine the role cryptography plays in network security over most of the rest of the semester.
However, it is worth noting that even with good crypto, and even with simple countermeasures for protecting against ARP flooding, ARP poisoning, DHCP hijacking, DNS poisoning, DoS, etc., many networks still have an ill-defined "edge" and many often have open doors; for example, management interfaces that may be accessible on a public-facing IP via telnet (perhaps on a "hidden/undocumented" port, or available via port-knocking). BYOD also makes the definition of "your" network quite fuzzy. Networks are also composed of more than just desktop computers and servers. See the links below for efforts that provide scanners, a census of the internet, network topology information, and search engines.
- scanning the Internet in under 5 minutes: https://github.com/robertdavidgraham/masscan and http://blog.erratasec.com/2013/09/masscan-entire-internet-in-3-minutes.html#.VMvYOsYQ5sg
- http://internetcensus2012.bitbucket.org/paper.html "Port scanning /0 using insecure embedded devices"
- Shodan: http://www.shodanhq.com/
Sept 29: Network Recon: Scanning + Sniffing
In this session, we will continue observing what various probes to the network actually look like. We will also begin to take a look at the topic of firewalls.
- Announcements, dump eth1, consider the ethics of this
- Selected questions of the day
- Octavissi: What is a backdoor and how does it work?
- T3AA8: How can we tie network security into virus and malware [the course?]
- John: How does IP sniffing and IP spoofing affect a network? Can ethical hacking prevent that?
- [anon]: How can we detect intrusions and find the breach?
- Current events:
- Scanning and sniffing, plus firewalls
- tcpdump, Wireshark
Read Chapter 23 in your textbook. For class on Thursday, read this paper:
and write 1 paragraph summarizing it and 1 paragraph taking a position on the question of whether it is ethical to listen to network traffic, with, e.g., tcpdump. Be prepared to discuss your position on Thursday.
Oct 1: Ethics of Network Traffic Sniffing
Today we will discuss the ethics of listening to network traffic.
Oct 6: Firewalls
Today we will consider the topic of firewalls
- Linux netfilter architecture
- packet filtering firewalls
- stateful vs. stateless
- firewall policy interpretation models
- gateways, application level firewalls, DPI
- NAT, SNAT, MASQUERADE, DNAT
class activity: nmap a box with different firewalls rulesets and replies (ACCEPT, REJECT, DROP), icmp-admin-prohibited watch traffic in wireshark / tcpdump
- netfilter architecture: http://www.netfilter.org/documentation/HOWTO/netfilter-hacking-HOWTO-3.html
- Wiley Hacker, 1st edition online for free: http://www.wilyhacker.com/1e
- Wiley Hacker, second edition: http://www.wilyhacker.com/
- "A Technique for Counting NAT'd Hosts" https://www.cs.columbia.edu/~smb/papers/fnat.pdf
Oct 8: Firewalls (cont.)
We'll talk about some terminology, firewall policy interpretation, various kinds of firewall architecture, and play with some iptables rule sets.
We began by reviewing the table of contents for the Wiley Hacker, 1st edition book http://www.wilyhacker.com/1e and thinking about how it reflects the state of the growing Internet and nascent topic of network security in the early 1990's. We then tried to put together some basic iptables rules for:
Issues Involved in Firewalls
- semantics of rule interpretation (order: first, last, best match)
- how do you handle scaling of 1000's of rules?
- how much does the firewall slow down traffic processing? What kind of hardware do you need for a network edge?
- How are rule conflicts handled / detected / resolved
- how is this done in a distributed environment?
Oct 13: A Motivating Threat: Internet Worms
The topic of Internet worms is a good way to transition from our consideration of the lack of security in basic network protocols along with the capabilities and limitations of firewalls to a more nuanced view of network security. To a certain extent, worms illustrate how firewalls can sometimes be effective (if a worm signature is precise enough), but they also illustrate the problem of network security being reliant on endpoint (i.e., node) security.
- What is the relation between all elements in network to provide security? The big picture, elements and relations between them and weak points and bottlenecks, what to improve and how? [pg 22, Stallings. But we must also recognize the cost to our other values of implementing 'complete' security -Ed.]
- How secure is peer-to-peer file sharing ?
- Is there a way to secure a network such that the only possible attack left is social engineering (i.e., no software penetration can be successful)
- Can you envisage any circumstances wherein a network is completely secure? (and that connects to an outside network)?
- "The Internet Worm Program: An Analysis" http://spaf.cerias.purdue.edu/tech-reps/823.pdf
- Some citations for the Morris Worm from the Bellovin and Cheswick "Firewalls" book: http://www.wilyhacker.com/1e/chap09.pdf
- Code Red, Code Red II: http://www.unixwiz.net/techtips/CodeRedII.html
- Linux Lion Worm: http://www.symantec.com/security_response/writeup.jsp?docid=2001-032311-2042-99
- "Warhol Worm" Concept from "How to 0wn the Internet in your spare time" paper http://www.icir.org/vern/papers/cdc-usenix-sec02/
- SQL Slammer, Sapphire
- Witty Worm
Oct 15: No lecture
Oct 20: Introduction to Authentication
This week, we begin our discussion of the topic of authentication by considering the topic of challenge-response protocols. We started by looking at HTTP Basic authentication and Unix login-based authentication.
Something you know, something you have, something you are
- Something you have: http://www.emc.com/security/rsa-securid/rsa-securid-hardware-tokens.htm#!details
- How can you be sure that the person you are talking to is who they say they are, if you've never met them before in person (Online verification / Chain of Trust)
- Textbook, Chapter 9
- Textbook, Chapter 10
- Wiley Hacker, Chapter 5: http://wilyhacker.com/1e/chap05.pdf
Oct 22: Password-based Authentication Lulz
- Storing passwords
- Lamport's Hash
- Mark Burnett's release of password data: https://xato.net/passwords/ten-million-passwords/#.VQxRO2ZOlRE
- "A Research Agenda Acknowledging the Persistence of Passwords" http://research.microsoft.com/apps/pubs/?id=154077
- Intel asks: How Strong is Your Password? https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html
Top 25 passwords listed at http://us.cnn.com/2012/10/25/tech/web/worst-passwords-2012/index.html?hpt=hp_bn5
- Rootkit.com / HBGary 2011
- LinkedIn 2012
- IEEE 2012
- Yahoo 2012
Oct 27: Authentication Protocol Basics
- wide-mouthed frog
Oct 29: Protocol Pitfalls
Protocol Fails Exercise
Nov 3. Protocol Pitfalls (cont)
- Protocol State Machines and Session Languages: http://spw15.langsec.org/papers/poll-automata.pdf
Nov 5: Crypto Fails and Subversion
Lots of Lulz today. A review of poor crypto and implementation mistakes, and allegations of backdoors.
- smacktls https://www.smacktls.com/
- Debian OpenSSL bug (2008)
- Heartbeat message RFC: https://tools.ietf.org/html/rfc6520#section-4
- OpenBSD IPsec allegations (unfounded accusations, but an interesting episode in security auditing)
- Apple goto fail: https://www.imperialviolet.org/2014/02/22/applebug.html
- lulz: "Bug 647959 - Add Honest Achmed's root certificate" https://bugzilla.mozilla.org/show_bug.cgi?id=647959
- on the related topic of security snake-oil: https://www.schneier.com/crypto-gram/archives/1999/0215.html
Nov 10: Email Security
SMTP Refresher, PEM, S/MIME
- RFC 821
- RFC 5321
Sender Policy Framework, Domain Keys, Anti-spam
- SPF record format: http://www.openspf.org/SPF_Record_Syntax
- bring your favorite piece of spam or spear-phishing message to class
- the paper / tech report : http://www.hashcash.org/papers/hashcash.pdf
- RFC 4880: http://tools.ietf.org/html/rfc4880#section-5.2
Nov 12: No Class (Reading Week)
Nov 17: PGP Key Signing Party
- HW2 released: http://pages.cpsc.ucalgary.ca/~locasto/teaching/2015/CPSC526/Fall/hw2.txt
- Use these steps to locally "sign" the key fingerprints of the people you have verified in person: https://www.gnupg.org/gph/en/manual/x56.html
- then, use the gpg --send-keys command to upload those signed public keys (attesting merely that you have done casual checking of the binding between the fingerprint and the owner of that Name and Email)
gpg --keyserver pool.sks-keyservers.net --send-keys 0x1B5CD0EF
(you may wish to use another key server)
Nov 19: Spam (Guest Lecture by Prof. Aycock)
Guest lecture given by Prof. John Aycock
Nov 24: SSH
An overview of the SSH protocol and software.
- privilege separation in OpenSSH: http://www.citi.umich.edu/u/provos/ssh/privsep.html
Nov 26: IPsec (Modes, Key Agreement, Operation, Applications)
What is IPsec? Terminology, Modes of operation; tunneling, touch on some key agreement concepts
- RFC 1636
- Security Architecture for IP (definitions, etc.) RFC 4301 http://www.rfc-editor.org/rfc/rfc4301.txt
- AH: http://www.rfc-editor.org/rfc/rfc4302.txt
- ESP: http://www.rfc-editor.org/rfc/rfc4303.txt
- IPsec Key agreement / establishment protocols, IKEv1, IKEv2, JFK
- Key and policy management
- distributed firewalls
Happy (real) Thanksgiving!
Dec 1: Web Security 1: Authentication and Privacy Challenges
- HTTP auth
Dec 3: Web Security 2: Gruyere
Bring your computers to class today; Prof. Locasto will give a guided tour of the Google Gruyere exercise, and you'll all play along.
Make sure to bring along your laptop and log on to the wireless network before/as class begins.
NB: some of the Gruyere exercises work better with older browsers (i.e., some of the attacks that are demonstrated no longer work in "modern" browsers)
Please glance through this ahead of time:
The Google Browser Security Handbook https://code.google.com/p/browsersec/
Dec 8: LangSec and USRI
Today we will start with the USRI.
To finish up the semester, we'll touch on the growing research area of LangSec, which can be seen as the basis of a "science of insecurity".
Time permitting, we'll try to bat cleanup on the remaining questions of the day.
- Foolings NIDS
- Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection by Thomas H Ptacek and Timothy M. Newsham HTML
"The problem with this technique is that a passive network monitor cannot accurately predict whether a given machine on the network is even going to see a packet, let alone process it in the expected manner. A number of issues exist which make the actual meaning of a packet captured by an IDS ambiguous."
- Certificate Parsing
- Confusing PHY Layer
certificate pinning, PKI, Kerberos, EKE, Dolev Yao paper Advanced Password-based Authentication
- Bellovin-Merritt / EKE: https://www.cs.columbia.edu/~smb/papers/neke.pdf
- nonce definition & types