A Look Back at Security Problems in the TCP/IP Protocol Suite Review

Transcription

1 A Look Back at Security Problems in the TCP/IP Protocol Suite Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka October 26, Introduction to the topic and the reason for the topic being interesting In this paper the author discusses the paper Security problems in the TCP/IP Protocol Suite which he wrote 15 years ago, in this paper he discussed protocol-level security issues in TCP/IP. In the present paper he discuses where this analysis was correct and where it went wrong. The authors interest in security issues pertaining to protocols grew when he came across the incident when somebody accidentally connected his computer to the backbone and this computer started behaving as the gateway. Discovery of security issues in which an adversary is able to figure out the TCP/IP sequence number also aroused his interest. Other such incidences included a teenager breaking into password files at AT&T using uucp. 2 Questions that the paper asks and how are those questions interesting The paper explores protocol-level security issues in TCP/IP protocol stack. The question is interesting as TCP/IP protocol stack has been most widely employed, hence flaws in it would affect a lot of people, therefore it becomes worthwhile to study flaws in TCP/IP protocol suite and also the ways in which such flaws can be mitigated. 3 How does it answer the questions The paper answers the question by first discussing the problem in which an attacker guesses the TCP sequence number and uses it to launch an attack. Below mentioned is the manner in which TCP handshake between a client, C and a server, S takes place (Reference: A Look Back at Security Problems in the TCP/IP Protocol Suite by Bellovin) : C->S: SYN(ISN C ) S->C: SYN(ISN S ), ACK(ISN C ) C->S: SYN(ISN S ) C->S: data or S->S: data Here, ISN stands for initial sequence number. The attacker launches the attack by guessing the initial sequence number of the server, S and pretending to be the client.this the attacker accomplishes by following the below mentioned steps, here X is the attacker and X succeeds in sending the malicious data to the server (Reference: A Look Back at Security Problems in the TCP/IP Protocol Suite by Bellovin): X->S: SYN(ISN X ), SRC=T 1

2 S->C: SYN(ISN S ), ACK(ISN X ) X->S: ACK(ISN S ), SRC=T X->S: ACK(ISN S ), SRC=T, malicious-data The attacker may ensure that the Client,C does not receive ACK(ISN X ) by flooding the client with requests. This shows that authentication performed on the basis of the IP address of the source is vulnerable to attack. Also it depicts that in order to prevent the attacks, the sequence numbers should not be easily guessable. Since the protocol was not designed for security, hence the flaw is in using TCP sequence numbers for security purposes. In order to prevent the above mentioned attack, the following measures can be adopted: 1. To generate the next sequence number by adding a random number to the current sequence number. Increments of random numbers suffer from disadvantage that the sequence numbers allocated are within a small range, this is according to the central limit theorem. 2. To generate the initial sequence number for the server DES with a simple counter can be used in Electronic Codebook Mode and DES without a counter can be used in output feedback form. The reboot time which is encrypted with a secret key is used as the key for DES. 3. For every connection which is characterized by the IP address and port number of the client and the server, a unique sequence number is created using a hash function. The below mentioned are the attacks which an attacker may target on the routing mechanism: 1. Source Routing: The client may use the source route to get back the reply packets from the server or vice versa. An attacker may exploit this by putting its desired route in the packet. In order to prevent such an attack the following methods can be adopted: (a) One of the methods is the gateways accepting the packets from the local networks and discarding the external packets. This method is difficult to implement in a real life scenario. (b) Verifying the source route by receiving the packets only from trusted gateways. 2. Attacks on the intranet protocol RIP: An attacker may exploit the mechanism of Routing Information Protocol to send false routing information such as sending routing information claiming to be the faulty host, this will effectively route all the faulty hosts packets to the attackers machine. An attacker may also claim that the best route passes through it and when the destinations packets pass through it, he may eavesdrop on the packets. In order to prevent such attacks the following attacks may be adopted: (a) Filtering out the packets with false source and destination addresses at the gateway. (b) If new routes are broad casted to ones own local network, then such routes should not be accepted. 3. Exterior Gateway Protocol: Exterior gateway protocol is used for communicating between core gateways and exterior gateways. The core gateway periodically asks the exterior gateway about the networks it caters to and the same information the exterior gateway asks the core gateway. In order to exploit the weaknesses of EGP an attackers gateway may claim that it has a better route to a faulty gateway, and it may thus capture the packets which were intended for the faulty gateway. In order to prevent such an attack, the core gateways as well as the exterior gateways must be kept on the same network, so that the attacker may claim reachability for a running host or gateway. 4. Internet Control Message Protocol: An attacker may exploit ICMP redirect messages in the same way as it exploited Routing Information Protocol. An attacker may potentially cause a denial of service attack by sending ICMP s Destination Unreachable and Time To Live Exceeded messages as these messages reset the attacked hosts. Also ICMP s false Submnet Mask Reply message is capable of blocking all messages from the attacked machine. In order to prevent such attacks the following measures may be adopted: 2

3 (a) The hosts much check that the ICMP messages contain the expected serial number. (b) In order to thwart the attacks caused by Redirect messages, a host should include a policy of not using redirect messages for making changes to the routing table. (c) To thwart denial of service attacks caused by Subnet Mask messages, a host should accept such messages only when they are anticipated. In order to perform authentication of the source an authentication server may be used. A server which wishes to authenticate a client may contact its authentication server. However an attacker may circumvent this preventive measure by creating fake authentication replies. Also if the client has been compromised then its authentication server will also be compromised. Another case of an attack arises when the client s authentication server is down and the attacker sends fake replies containing the guessed TCP sequence number. In order to prevent this attack the server must use Needham-Schroeder protocol for authenticating the client. Some other protocols which are prone to attack are given below: 1. Finger: Finger protocol breaches the privacy of its users and aids in password guessing attacks by disclosing the names and telephone numbers of its users. One of the ways to prevent this is for the firewalls to block this protocol. 2. Electronic Mail: As mail servers do not provide authentication, hence attackers draw advantage of this to perform spamming and phishing. However where trusted communication is required there digitally signed certificates can be used. 3. Post Office Protocol: Post office protocol is used to fetch mail stored at mail servers. This protocol uses plain passwords for authentication, which is easily prone to attacks. To prevent this one time passwords, here the client and the server share a key and the server asks a random question each time the session begins to which the client gives a unique reply. Another way to prevent the attack is to use SSL encryption. 4. PCMAIL: PCMAIL uses the same attestation mechanism as POP. 5. Domain name system: DNS is used for translating host names to IP addresses. An attacker may launch an attack against DNS by sending the fake sequence number of attacker s machine in the users query, and hence divert the users traffic to its site. Another way which an attacker may adopt is by sending AXFR request for zone transfer, this way an attacker gets to know the configuration of the attacker s organization. An alert sever can recognize this and sends the error code for refused, hence denying the request. An attacker can create fake enteries into the DNS cache by guessing the sequence number of the DNS query and sending the IP address of its machine in response to the query. This is called DNS cache poisoning. This attacker can be preventing by adopting DNSsec. In DNSsec the resolver checks the validity of the responses by verifying their digital signatures. 6. File Transfer Protocol: In File Transfer Protocol, an attacker exploits its plain password mechanism. However, such an attack can be mitigated by using one-time passwords. Since anonymous FTP creates a duplicate of the directory structure, hence to prevent attacks the files in this directory structure must be stored securely to prevent an attack. Since the data connection of FTP is vulnerable to attacks called bounce attacks, in which an attacker leads an FTP server to attack another machine. In order to prevent such attacks cryptography can be used. 7. Simple Network Management Protocol: Since simple network management protocol uses plain passwords hence it is vulnerable to attacks. In order to prevent such attacks cryptography has been used in SNMPv3. 8. Remote Booting: In order to preform remote booting Reverse Address Resolution Protocol with Trivial File Transfer Protocol and BOOTP with Trivial File Transfer Protocol are used. An attacker may pretend to be a fake server and thus it may send false information. In order to prevent this attack the machine performing the remote booting should assign random numbers for its source port. 3

4 Some other attacks which an attacker may resort to are mentioned below: 1. Exploiting weaknesses in the Local Network: Since Ethernet networks in Local Area Networks are prone to spying. Hence strong monitoring and encryption should be employed to prevent such attacks. Also Local Area Networks are susceptible to denial of service attacks, which are caused by sending a huge number of ICMP echo request messages by the way of broadcasting them. Upon receiving ICMP echo request messages the machines reply back with an ICMP echo request message, thus sending a huge amount of traffic to the target host, leading to denial of service attacks called Smurf attack. 2. Trivial File Transfer Protocol: Since anybody can read the files transferred by the way of Trivial File Transfer Protocols, hence proper caution must be taken in selecting the set of devices which can read the file. 3. Reserved Ports: The network administrators should refrain from the idea of using privileged pots for security. Some of the widely employed mechanisms of protection are described below: 1. Authentication: Since relying on source address for authentication makes the hosts vulnerable to attacks, hence proper authentication of the source must be performed by employing Needham-Schroeder algorithm, in this the machines which wish to communicate obtain keys from the server and set up the conversation, at the end of the conversation each machine is confident about the other s identity. 2. Encryption: By employing cryptographic techniques like encryption many of the attacks can be thwarted. By encrypting each packet which is used for encryption called link-level encryption can be achieved. In order to achieve network layer e encryption Blacker from End(BFE) can be employed. In BFE all communications are first validated by the Access Control Center (ACC), which translates the unencrypted IP address, denoted by red to an encrypted IP address, denoted by black. For this purpose BFE obtains the keys from the Key Distribution Center (KDC). However, blacker is no longer used. 3. Trusted Systems: TCP/IP follows the Orange Book and Red Book criteria and hence provide security by labeling all the information present on the computer according to its sensitivity. Also the processes which are called subjects are also labeled similarly. Hence according to this security criteria, a process may access the data, if the process belonging to higher or equivalent level to the data. Similarly in TCP the processes label is given to the processes connection. Hence the receiving process must have the security level which is greater than or equal to the senders process. Also for security different routing tables should created depending on the security level and authentication should be granted based upon the level of security of the hosts. 4 Methodology used to investigate the paper The author investigates this paper by analyzing the statements which he made in the paper Security problems in TCP/IP Protocol Suite, which he wrote 15 years before he wrote this paper. 5 What I learned from the paper I learned from the paper the protocol level problems in TCP/IP protocol stack, the way in which an attacker may exploit them and the methods by which such attacks can be prevented. 6 How the paper relates to previous work The paper relates to the authors previous work Security problems in TCP/IP Protocol Suite and in this paper he analysis the predictions where he was correct and where he made a mistake. 4

5 7 Strengths of the paper I like the manner in which the author has written the paper, as first he gives what he thought 15 years ago and then he gives the analysis of the points at which he was right and where he was wrong. 8 Weaknesses of the paper The author mentions in the paper that one-time passwords are a secure alternative to simple passwords. For this he gives the statement that In one-time passwords the communicating machines share a secret key, which is irretrievably stored in the device. But I find that a major weakness of this would be it will make it difficult for a person to retrieve his/her from a different machine, thus reducing the flexibility which a user may access s. 9 Results In this paper the author states that following results: 1. IP source addresses should not be relied upon for authentication. 2. The sequence numbers used in the protocols should be chosen randomly. 3. The hosts should not loosely give away one processes information to some other process. 4. The routing information should be verifiable and must be stored securely. 5