Securing 7 Layers of Insecurity

DeepSec Vienna 2007 7 Layers of Insecurity l o c o t l

o ff e r a? t o ing wil

k P hi n de e

a r W good.” H

e wor o spe f id for he s t s a

s tion. s t good i ' n a a

out ca that t a il he e r , ush l! ik T ing ma tha ns

k e l o Is i nt B s mmuni 2 . a a t Mai not l ll ing 6

e wor eno ide s co o

M s s r t a r g L it'

a e us

y a r e a e ity w t n,

e l P

m ve Ja a s “ -

' ur

p p

u c u --

e a

e me ll o

not be m s

thing

Ho h I

a i Y



S C DeepSec Vienna 2007 7 Layers of Insecurity r om .c owing n unte de ung) r t foll i r e w

mons rbe on) t i a t a unde ite c k Be om i i be if n or r e a a ec t be w l

P od ri r v s h T i i m ha st t ye M uc th a or a e f Au S nz ( n und be e Ma , ify - orbe ng t o nc n

ze d n v u o e

cr 2 z i ite e Li als nna ic 6 tia rde e r l t mo e (

e s

ht i w. d e Nut c V a

rbr e lbe us ba nd , m e e le l e a a l v

s Re nc a ww S i m

nnt we s e e ie r , te ngs r r r r zt, rc rz e na f fe bu e nig p:// i e o if r me nut t raini r f n: Ei unde

it unte n ge is T ge htt om be

e n Pfe omm d / d

i c d be t s I k e , e r

v né e 7 f ht r t work Ar 0 f c e e e r ngunge

Re us s 0 i ng an mus non v v , i h y i i ni s d t n müs l t t a re 2 or

e e a a f r ür ul g

s fk it da

f Be : v v e i hor or a ri ri n b nt fre be r K ght e y

De Only Nur De Aut Aut m ri

Ar y e

m Cons nde e . e

e e

ha p e s .T

e a o lge ou ma

o o N a Di f Mic C. Y Som

  C DeepSec Vienna 2007 7 Layers of Insecurity l o c o t P o T r M P S

rks r 2 6 e f isks s ewo R n t am a r r rity ten T

n l m F i o asics 7 2 a C 0 6

0 Secu B

M Spa 2 P P r

e e ti e

b da t

l n

m p

p E-Mail SMT A SMT e en

v a     g

o m

h i N A

S C DeepSec Vienna 2007 7 Layers of Insecurity . P T ivery M el S -

D 2 6 f Mail o

n s o c ti i 7 s 0 da 0 a n 2 r u B e

o b

F P m

T v

M N T

 S DeepSec Vienna 2007 7 Layers of Insecurity n y icatio d n n s er+bo mmu g II missio P b ead T din h M SC

S co ver co A - SL r

e su as ts 2

it S r 6 n o it en o P+ i l p ssag s P co e se 7-b i C t to SMT me T se 8-b r r r server-se smiss s u t u r e

d fo fo p pro 7 fo P P 0 o 0 eren P C C r

e tran 2 ff C r i P e ased mman

o ata may P m 587/T 465/T 25/T D C

T v   ses d   

ext b

M N U Messag T

 S DeepSec Vienna 2007 7 Layers of Insecurity U) P /GN T M ian n S - o

(Deb i 2 6 fix t> s st .ne s 8A9 e TP Po 00 ample S M S

S CR> t> t E .ex < E ne P .ne on et et n le. .n T p 2CB7C24 m e.n e s >. 7 am ample M 0 am d a ample ex ex 0 0 xampl S

.ex .e 2 on. x@ 80 @ag r n S on e yn e E m

nx que with n l e 428 e CEDSTATUSCOD b M I :

m am 0 By 0 Ok: 0 Ok 5 Ok m E e

ITM d d amem

v .0. .0. .1. .1.

ga m Fro

. T To: o

P a e, 1 2 0 2 4 En 0 2 0 2 0-STARTTL 0-ENHAN 0-8B 0 DSN 0-PIPEL 0-SIZ 0-VRFY 0-ETRN 0 a 0-ag nx N

AIL

QU 22 . 25 By Ly Hi! DATA 35 RC 25 M 25 25 25 25 25 25 25 25 25 EHLO ag 25 22

a 2 g SMTP S 6 or mo at f in E E d fu d n ( y r

rt a ort o eli P fo p

s an t T p pp d r d rel pip o M d an p S an 7

s su S su 0 up 0 A d mm s em

2 e /TL r

e it -d MT mman co d

o y n m

On SSL 8-b C e

ds e

v t     d

o x N Man A

 E DeepSec Vienna 2007 7 Layers of Insecurity P T . M S er -

g s 2 k 6 s i ssen R e y t e M i r u 7 t th 0 c 0 e oo 2 r h S

S b

P m

T v

et's

M N L

 S DeepSec Vienna 2007 7 Layers of Insecurity l i s y a f ema l P o sed T e e s M mail R su c S L i

lem e r - y

r d u m 2

6 to e RB rob ve s in n i o l be eli r

ig p ify so d o r b h cked e(s) ve t

a l a g u mail p m e a 7 u relay wil i 0 s to t ran n

igh

0 p are E stil 2 P U

u en r

w C r e eed / p t I am b

U i

o / n

act: h n k: med Pu D Sp Mal e

A y

p e v s i  n    BE

m p

N R I A MT U

 O DeepSec Vienna 2007 7 Layers of Insecurity ” ” i i g g c c . . t t u u s! p p / / i i s A g g c c b / / c c s MT c c m . . g b b to o . . n

ay a a / / B / /

: : P es ed T p p li e t t t t M p p h h O stri S om i - “| “|

ap P 2

O O 6 is L L O E H th E H

3 3 ect H E 4 4 ke

ity also sp H r p: p: / t t n k li i m m o m O s s u ecu l l 7 o u L i 0 b b s igh

r r 0 s l H g 2

… … r g - - e yo E e 7 7 o

b tin 0 0 i l P 0 0 p

m r act: h k: med 2 2 e

u T p ag

v s i  

o o m

M N I Scri R Y I

sses e e ut P r T nc o e co d M Y b S F - ssa

ad i 2 with 6 will

na FY n ts re VR i n co u e ts email ou w VR r m req r u lo i tes m Y s 7 u Y F i g acc ed 0 nt F 0 e se fo R ay al 2

r )u V cli e VR

b b

P P m act: m k: med (A Existin e

As m

me T p v s i  

M N I MT R So SMT

 S DeepSec Vienna 2007 7 Layers of Insecurity trolled n n e y co n y l r P atio a ht T c M itr ti tig S b

- n en 2 6 o th i t be t es very easy e easily do t is ar a us au b c o en m i i t n ssag g n e f me ks can h recip 7 ffers ayin t 0 l o

0 e u er/ g

2 ttac r d ol o l r n A e a

b fi oc P o m M

Mai Sen e

o T T v  

M N Sp MI Prot

 S DeepSec Vienna 2007 7 Layers of Insecurity ted ca i ms A s T i ent M critical

an th → u rd P A n T T ech na M lem m S M

- sswo

/ 2 s A 6 rob SL tay u r ticatio pa p s

MT se SA en u ay es → l rt th rced e o r bile ress pp en H te-fo 7 T 0 su ru ffers au ffers 0 r mo A U for MUA l add b

2 o r fo t/ A ai e P l

b ces op sed os t P u m

L Em U

T v  sefu  ed 

M N Mos U R ESMT

 S DeepSec Vienna 2007 7 Layers of Insecurity mises ro ip p ified S sh L n o i at l SL/T e S P ever ver

T ates M st r s S c o n hat u - t t

2 t t

g 6 o e ex l n hin

tificate S r e yt L ssib s & certifi ave n ce er T o

m / p u i L y h es ar ed m ll 7 n u S ti i ed h key all 0 es ev g t s 0 i S i d

ficat i 2 su i r w M t + e

T b s er

P k m act: m k: med r C MI Self-s Prov e

As u

T p v s o i    

M N I R MT W

 S DeepSec Vienna 2007 7 Layers of Insecurity e. r su Mea y t ri P T s M k S r -

2 o 6 w e m lexity as Secu lexity a r mp F o

7 C

0 m 0 a 2

ced p e

S an

m -

e i

v t

o n N En

 A DeepSec Vienna 2007 7 Layers of Insecurity e sag e cks he mes nam c r e n i P T ure ks le e M r b s pe at ma S n - o tu si

s essag g 2 d r brea

6 m na os sum f ge f si to p sig n t o

eck t o ation o ana r h c ked t ti i f m n ten i s n ec d t pa j y filter ist hic ch o e 7 er wi in l n 0

0 K y d co ture li

rap ent 2 a ead r l pe g

ling n na ne e nt i h b nsit mo

to o ep

a a m r R C Mai Sig Sig e

velo yp

v m -t     r  d

n o N En I C A

 D DeepSec Vienna 2007 7 Layers of Insecurity et n . e l : mp ity r fields exa cu

. key se as … h key ; wn P o er T KIM key M . main S ffer - ead o

2 es D S o 6 kim e h ._d N d r ly as well D p y to tu

a ; s= t & ap

etermin ay tr s kim.key y d m e 7 ity d : y-Sign ple.ne 0 r ttacks e p 0 K ker

a 2

r ku n

e ecu i xam o

b s e NS ttac a

m lo

= D A e

mainK

d m   NS o

o o N D … PK D

 D DeepSec Vienna 2007 7 Layers of Insecurity g ) F s n S el P ardin i S) g S w ev r ( ri DN

n o k fo st l r P e (SR e en T o ail tt M gu S em le t tru w l - icies i icies em b

email wri e l i 2 d e s o 6 ialo fau m ss p Sch d

e ali

e r a v d r P b

reak ed po T e e F b h

iting st

r s y li am am SM king c mu n n ew i

n l ub e R 7 letely loc o 0

s i p 0 b k

er P 2 r

mp r y d r on e mains mains

b e co o o

m d Sen Messag Earl D D e

v n      ased

o e N SPF SPF B

 S DeepSec Vienna 2007 7 Layers of Insecurity s st eters n ) ly l on L aram ca B p cess li tatio i t u mm P R ts ac ( T s am

M li s rep g S trary

yn s co i - n n n 2 remen i o 6 t S i

urce e d s N ed o i ed l tso easu ang k as u ave arb as m b c

o by D a ch y L n l e l ay h elp o B i B h

7 R m

0 s ar ut e s 0 y g L c ib 2

n m r B res can

i i tr e an R

s st are simp T i i

m l Metri Sco L D e

v a sing     BL

o e N U Mos R

 R DeepSec Vienna 2007 7 Layers of Insecurity re. ly safe. l o ctu c seless. o ssari t P o e u T r r ece . M frastru a n

P S

t n - o in '

r 2 ti . BL S 6 e y f ll N R tec s n LS isn n D a /T r s pro T

s carefu l ies o i l L eed 7 SSL 2 e a 0 6

0 r + servers on n

y M 2 P P P P r

ar e e e

b t l

m p

p SMT Pick RB SMT SMT SMT e

v a . . . . .

o m

h i N Su

S C DeepSec Vienna 2007 7 Layers of Insecurity P T M S -

2 6 7 u 0 s? 0 o n 2

r Y o

b ti k

m n e es

v a

o h N Qu

 T DeepSec Conference © November 2007

Chapter 62 Simple Mail Transfer Protocol

 You've got Mail! D 7

eep L

“President Bush said for ayers o

security reasons, he's sworn off Sec all e-mail communication. He will

not be using email at the White Vien

House at all. Is that a good idea? f I

I mean, it's not like that speaking n secu thing was working out so good.” n a 2007 rity -- Jay Leno

99 - Things in Life 1 DeepSec Conference © November 2007

 Some rights reserved / Einige Rechte vorbehalten

 Michael Kafka, René Pfeiffer, Sebastian Mayer C.a.T. Consulting and Trainings, Vienna, Austria

 You may freely use, distribute and modify this work under following D agreement: 7

eep  Diese Arbeit darf frei genutzt, verbreitet und bearbeitet werden unter L

folgenden Bedingungen: ayers o Sec Authors must be referenced (also for modification) Autoren müssen genannt werden (auch bei Bearbeitung)

Vien

Only for non commercial use f I Nur für nichtkommerzielle Nutzung n secu

Derivative work under same licence n

Derivative Arbeit unter selber Lizenz a 2007

http://www.creativecommons.com rity

This presentation is published under the CreativeCommons License which can be viewed in detail on their hompage: http://creativecommons.org/licenses/by-nc-sa/2.0/at/ Read more on http://www.creativecommons.com

You are free:

to Share — to copy, distribute and transmit the work

to Remix — to adapt the work

Under the following conditions: Attribution. You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work). Noncommercial. You may not use this work for commercial purposes.

Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

● For any reuse or distribution, you must make clear to others the license terms of this work. The best way to do this is with a link to this web page. ● Any of the above conditions can be waived if you get permission from the copyright holder. ● Nothing in this license impairs or restricts the author's moral rights.

Chapter 62 Simple Mail Transfer Protocol

 Agenda  SMTP Basics  SMTP Security Risks D 7

eep  Anti-Spam Frameworks L ayers o

 E-Mail Content Sec

Vien f I n secu n a 2007 rity

SMTP Basics

 The Foundation of Mail Delivery. D 7

eep L ayers o Sec

Vien f I n secu n a 2007 rity

SMTP Properties

 Text based protocol  Commands use 7-bit ASCII  Data may use 8-bit encodings D 7

eep  Message transmission as header+body L ayers o

 Uses different TCP ports Sec  25/TCP for server-server communication

Vien  465/TCP for SMTP+SSL f I n secu  587/TCP for message submission n a 2007 rity

SMTP/ESMTP transactions distinguish between three roles of the endpoint. • Mail Submission Agent (MSA) receives email from a MUA and relays it to other MTAs. • Mail Transport Agent (MTA) is the classical “mail server” that transports email messages to other MTAs. • Mail User Agent (MUA) is the classical “mail software” that enables users to read, write and send email. MTAs speak ESMTP/SMTP with each other on port 25/TCP. MUAs submit their messages either via ESMTP/SMTP to a MTA on port 25/TCP or to a MSA on port 587/TCP. Submission by using MSA supports mobile users and offers authentication along with correction of the submitted messages (adding missing header fields for example). In practice most MUAs use a local MTA or submission via 25/TCP. ESMTP/SMTP is proposed in RFC 821, 822, 2821, 2822 among others. Message submission via 587/TCP is proposed in RFC 2476.

Sample SMTP Session

220 agamemnon.example.net ESMTP Postfix (Debian/GNU) EHLO agamemnon.example.net 250-agamemnon.example.net 250-PIPELINING 250-SIZE 52428800 250-VRFY D 250-ETRN 7

250-STARTTLS eep 250-ENHANCEDSTATUSCODES L 250-8BITMIME ayers o 250 DSN MAIL From: Sec 250 2.1.0 Ok RCPT To:

250 2.1.5 Ok Vien DATA f I

354 End data with . n

Hi! secu n

Bye, a 2007 Lynx.

Extended SMTP (ESMTP)

 Adds commands and functionalities  Command pipelining  SSL/TLS support D 7

eep  8-bit support for data L ayers o

 On-demand relay for mobile users Sec  Many MTAs support ESMTP

Vien f I n secu n a 2007 rity

SMTP Security Risks

 Let's Shoot the Messenger. D 7

eep L ayers o Sec

Vien f I n secu n a 2007 rity

Open / Unauthorised Relays

 UBE/UCE still a big problem  Malware packed into email  Spam D 7

eep  MTA needs to verify source of email L ayers o

 Any open relay will be misused Sec  Disrupt email delivery

Vien  Put IP range(s) on RBLs f I n secu  Risk: medium n a 2007  Impact: high rity

Most MTAs are equipped with anti-spam and anti-virus filters. This is no safeguard against open relaying of malware or email messages. A lot of servers have satellite MTAs installed that act only as a collector for locally generated email. Usually the central mail hub gets all messages and delivers them. The mail filters are not equally strong and so a satellite MTA may inject malformed messages, thus discrediting the central MTA when the emails leave the network. ISPs often suffer from this effect, because they have to relay mail from their customers. The same can happen to a LAN where the outbound MTA trusts every client. DMZs usually have their share of web servers that might act as HTTP-to-SMTP gateway and also feed the central MTA with malware or spam emails. Mitigation: • Tightly configure access rules for all of your MTAs. • Inspect internal email as you would inspect external email messages. • Use multiple outbound relays and use them for specific classes of email.

SMTP EHLO/HELO Pipe Bombs

 Imagine you inspect HELO strings  Your logs look like this someday  2007-…rblsmtp: 43 EHLO “|http://a.b.cc/cgi/put.cgi” D 7

 eep 2007-…rblsmtp: 43 HELO “|http://a.b.cc/cgi/put.cgi” L ayers o  Scripting security also applies to MTAs! Sec  Risk: medium

 Vien Impact: high f I n secu n a 2007 rity

Mitigation: • Be careful with MTA functionality augmented by plugins. • Limit MTA software on server (access controls, privileges). • Do security checks with all your filtering systems (collections of malformed email can be generated and are available).

SMTP VRFY

 SMTP VRFY tests email addresses  Existing accounts will be confirmed  (Ab)use for reconnaissance D 7

eep  Some clients require VRFY L ayers o

 MTAs may allow VRFY without announcement Sec  Risk: medium

Vien  Impact: medium f I n secu n a 2007 rity

Account/address enumeration is a tool routinely used by attackers. SMTP is one way of getting hold of verified information, harvesting LDAP trees is another. Mitigation: • Disable VRFY if possible. • Disable the EXPN command (allows listing of mailing list subscribers). • Limit SMTP connection and disconnect after n invalid commands or errors. • Deploy SMTP greylisting and rate limiting at your border MTAs.

SMTP Authentication

 Protocol offers no authentication  Sender/recipient is arbitrary  Mail relaying must be tightly controlled D 7

eep  MITM attacks can be easily done L ayers o

 Spoofing of messages very easy Sec

Vien f I n secu n a 2007 rity

SMTP AUTH

 ESMTP offers authentication  Used for MUA→MTA / MTA→MTA  Email addresses stay unauthenticated D 7

eep  Reduces open relay problem L ayers o

 Lost/brute-forced password critical Sec  Useful for mobile users

Vien  Most MTA support SASL mechanisms f I n secu n a 2007 rity

SMTP + SSL/TLS

 Works with keys & certificates  Provides everything that SSL/TLS promises  MTAs usually have no trust relationship D 7

eep  Self-signed certificates L ayers o

 Certificates are next to never verified Sec  MITM still possible

Vien  Risk: medium f I n secu  Impact: medium n a 2007 rity

Most MTAs can be configured to deny unencrypted SMTP sessions. However this breaks the SMTP specification and thus can only used for clients and networks under your control. Mitigation: • Use certificate verification on a dedicated TLS-only MTA for roaming users. • Use VPN technology to bring roaming users to your MTA.

Anti-Spam Frameworks

 Enhanced Complexity as Security Measure. D 7

eep L ayers o Sec

Vien f I n secu n a 2007 rity

Domain Keys

 Adds header with signature  Signed content of message  Signature linked to domain name D 7

eep  Cryptographic checksums per message L ayers o

 In-transit modification breaks checks Sec  Mailing list managers

Vien  Content filter f I n secu  Envelope not part of signature n a 2007  Replay injection possible rity

Domain Keys should always be used as a component in a layered security design. Use it in combination with VPN technologies, SSL/TLS, authentication and verified configurations of MUAs/MTAs. The DomainKeys Identified Mail (DKIM) web site has more information on implementation and deployment.

Domain Keys & DNS

 DomainKey-Signature header has fields: …d=example.net; s=dkim.key;…  PK lookup: dkim.key._domainkey.example.net D 7

 eep DNS security determines DKIM security L ayers o  DNS attacks apply as well Sec  Attacker may try to offer own key

Vien f I n secu n a 2007 rity

Sender Policy Framework (SPF)

 Based on published policies in DNS  Domains name valid email origins  Domains name default trust level D 7

eep  SPF works in SMTP dialogue L ayers o

 Early blocking possible Sec  SPF completely breaks email forwarding

Vien  Message must be rewritten f I n secu  Sender Rewriting Scheme (SRS) n a 2007 rity

The details of implementation and protocol specifics can be found on the OpenSPF web site.

Real Time Blacklisting (RBL)

 RBL are simply based on lists  Distribution by DNS is common  Listing may have arbitrary parameters D 7

eep  Most RBLs are based on reputation L ayers o

 Metrics help measurement Sec  Scores can change dynamically

Vien  Using any RBL outsources access lists f I n secu n a 2007 rity

Chapter 62 Simple Mail Transfer Protocol

 Summary . SMTP needs protection. . SMTP relies on DNS infrastructure. D 7

eep . SMTP + SSL/TLS isn't necessarily safe. L ayers o

. SMTP servers on RBL are useless. Sec . Pick RBLs carefully.

Vien f I n secu n a 2007 rity

Thank You

 Questions? D 7

eep L ayers o Sec

Vien f I n secu n a 2007 rity

99 - Things in Life 21