DOCSLIB.ORG

Uncovering Network Perimeter Vulnerabilities in Cisco Routers According to Requirements Defined in Pci Dss 2.0 David E

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Uncovering Network Perimeter Vulnerabilities in Cisco Routers According to Requirements Defined in Pci Dss 2.0 David E Regis University ePublications at Regis University All Regis University Theses Summer 2011 Uncovering Network Perimeter Vulnerabilities in Cisco Routers According to Requirements Defined in Pci Dss 2.0 David E. Naples Regis University Follow this and additional works at: https://epublications.regis.edu/theses Part of the Computer Sciences Commons Recommended Citation Naples, David E., "Uncovering Network Perimeter Vulnerabilities in Cisco Routers According to Requirements Defined in Pci Dss 2.0" (2011). All Regis University Theses. 472. https://epublications.regis.edu/theses/472 This Thesis - Open Access is brought to you for free and open access by ePublications at Regis University. It has been accepted for inclusion in All Regis University Theses by an authorized administrator of ePublications at Regis University. For more information, please contact [email protected]. Regis University College for Professional Studies Graduate Programs Final Project/Thesis Disclaimer Use of the materials available in the Regis University Thesis Collection (“Collection”) is limited and restricted to those users who agree to comply with the following terms of use. Regis University reserves the right to deny access to the Collection to any person who violates these terms of use or who seeks to or does alter, avoid or supersede the functional conditions, restrictions and limitations of the Collection. The site may be used only for lawful purposes. The user is solely responsible for knowing and adhering to any and all applicable laws, rules, and regulations relating or pertaining to use of the Collection. All content in this Collection is owned by and subject to the exclusive control of Regis University and the authors of the materials. It is available only for research purposes and may not be used in violation of copyright laws or for unlawful purposes. The materials may not be downloaded in whole or in part without permission of the copyright holder or as otherwise authorized in the “fair use” standards of the U.S. copyright laws and regulations. UNCOVERING NETWORK PERIMETER VULNERABILITIES IN CISCO ROUTERS ACCORDING TO REQUIREMENTS DEFINED IN PCI DSS 2.0 A THESIS SUBMITTED ON 7 OF JUNE, 2011 TO THE DEPARTMENT OF INFORMATION TECHNOLOGY OF THE SCHOOL OF COMPUTER & INFORMATION SCIENCES OF REGIS UNIVERSITY IN PARTIAL FULFILLMENT OF THE REQUIREMENTS OF MASTER OF SCIENCE IN INFORMATION ASSURANCE BY David E. Naples APPROVALS Dan Likarish, Thesis Advisor Stephen D. Barnes Nancy Birkenheuer Running head: NETWORK PERIMETER VULNERABILITIES 2 Abstract According to the Payment Card Industry (PCI), over 500 million records containing sensitive cardholder data have been breached since January 2005. Merchants accepting credit and debit cards are at the center of payment card transactions, making it crucial that standard security procedures and technologies are employed to thwart cardholder data theft. Numerous organizations have experienced embarrassing breaches, which lead to losses of credit card data, including Starbucks, California Pizza Kitchen, and TJX Companies. This paper examined an action research methodology to test the security of a network router and remediate all the vulnerabilities that caused it to fail the requirements of the Payment Card Industry Data Security Standards (PCI DSS). The basic functions of a router include packet forwarding, sharing routing information with adjacent routers, packet filtering, network address translation (NAT), and encrypting or decrypting packets. Since a router is traditionally installed at the perimeter of a network, it plays an important role in network security. By following the approach of this study, administrators should understand how employing a network vulnerability scanner to test a host can illuminate hidden security risks. This study also demonstrated how to use the results of the vulnerability scan to harden a host to ensure it complied with the Payment Card Industry’s (PCI DSS) requirements. Running head: NETWORK PERIMETER VULNERABILITIES 3 Table of Contents Chapter 1 – Introduction ................................................................................................................. 5 Chapter 2 – Review of Literature .................................................................................................... 9 What is PCI DSS? ....................................................................................................................... 9 The Importance of Compliance ................................................................................................ 10 The Importance of Routers in Security Architecture ................................................................ 12 PCI Requirements and Testing ................................................................................................. 15 The Importance of PCI.............................................................................................................. 16 The Action Research Approach ................................................................................................ 17 Chapter 3 – Methodology ............................................................................................................. 19 Action Research ........................................................................................................................ 19 Place .......................................................................................................................................... 19 Participants ................................................................................................................................ 20 Materials ................................................................................................................................... 20 Procedure .................................................................................................................................. 23 Chapter 4 – Background, Analysis, and Results ........................................................................... 25 Background ............................................................................................................................... 25 PCI DSS Requirements ......................................................................................................... 25 Discussion on Routers........................................................................................................... 26 Methods of Hardening Routers. ............................................................................................ 31 Analysis..................................................................................................................................... 36 Initial Results from the QualysGuard PCI Report. ............................................................... 36 Remediating the vulnerabilities. ........................................................................................... 37 Results ....................................................................................................................................... 42 Second Scan .......................................................................................................................... 42 Third Scan .............................................................................. Error! Bookmark not defined. Additional Steps .................................................................................................................... 44 Chapter 5 - Conclusion ................................................................................................................. 46 References ..................................................................................................................................... 51 Running head: NETWORK PERIMETER VULNERABILITIES 4 List of Figures Figure 1. QualysGuard PCI report indicating the security risk rating and the number of vulnerabilities confirmed on the device after the first scan (QualysGuard PCI Report, 2011). ................................................................................................................................ 36 Figure 2: QualysGuard PCI report graphically displaying how the severity levels compare with each other (QualysGuard PCI Report, 2011). ................................................................... 37 Figure 3: Detail of vulnerabilities from second QualysGuard PCI scan (QualysGuard PCI Report, 2011). ................................................................................................................................ 42 Figure 4: Summary of vulnerabilities from third QualysGuard PCI scan (QualysGuard PCI Report, 2011). ................................................................................................................... 43 Figure 5: Detail of vulnerabilities from third QualysGuard PCI scan (QualysGuard PCI Report, 2011). ................................................................................................................................ 44 Running head: NETWORK PERIMETER VULNERABILITIES 5 Chapter 1 – Introduction Protecting cardholder data is definitely a serious concern for many merchants. Over 510 million records containing sensitive cardholder data have been compromised in the past six years (PCI Security Standards Council, 2010). This problem can be greatly attributed to insufficient security measures employed by a number of merchants. One only needs to consider the large amount of data stored by businesses
Load more

Recommended publications
  • User Interface Commands
    CHAPTER 2 User Interface Commands This chapter describes the commands used to access user and privileged EXEC command modes. It provides a description of the help command and features, lists the command editing keys and functions, and details the command history feature. This chapter also includes the EXEC commands that can be used to set various terminal parameters on a temporary basis (for the duration of a session). It includes the Telnet commands you can use to make a connection from a terminal to a remote router in order to configure the router. The commands to actually configure these parameters on a more permanent basis are provided in the “Terminal Line and Modem Support Commands” chapter in the Router Products Command Reference publication. You need enter only enough characters of a command to uniquely identify the command, thereby abbreviating the command syntax you type. For user interface task information and examples, refer to the “Understanding the User Interface” chapter of the Router Products Configuration Guide. User Interface Commands 2-1 clear line clear line Use the clear line EXEC command to return a terminal line to idle state. clear line line-number Syntax Description line-number Absolute line number Default None Command Mode EXEC Usage Guidelines Use this command to log out of a specific session running on another line. If the line uses a modem, the modem will be disconnected. Example In the following example, line 3 is reset: clear line 3 2-2 Router Products Command Reference connect connect To make a Telnet connection, enter the connect EXEC command at the system prompt.
    [Show full text]
  • CSE 142 Python Slides
    CSE 390a Lecture 4 Persistent shell settings; intro to shell scripting slides created by Marty Stepp, modified by Jessica Miller & Ruth Anderson http://www.cs.washington.edu/390a/ 1 Lecture summary • persistent settings for your bash shell • basic script syntax and running scripts • shell variables and types • control statements: the for loop 2 .bash_profile and .bashrc • Every time you log in to bash, the commands in ~/.bash_profile are run . you can put any common startup commands you want into this file . useful for setting up aliases and other settings for remote login • Every time you launch a non-login bash terminal, the commands in ~/.bashrc are run . useful for setting up persistent commands for local shell usage, or when launching multiple shells . often, .bash_profile is configured to also run .bashrc, but not always Note: a dot (.) in front of a filename indicates a normally hidden file, use ls –a to see 3 Exercise:Edit your .bashrc • Exercise : Make it so that our attu alias from earlier becomes persistent, so that it will work every time we run a shell. • Exercise : Make it so that whenever you try to delete or overwrite a file during a move/copy, you will be prompted for confirmation first. 4 .plan • Another fun settings file • Stored in your home directory • Contains information you’d like others to be able to see . is displayed when the finger protocol is run • Exercise: create a quick .plan file, and make sure it works with finger 5 Shell scripts • script: A short program meant to perform a targeted task.
    [Show full text]
  • NBAR2 Standard Protocol Pack 1.0
    NBAR2 Standard Protocol Pack 1.0 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 © 2013 Cisco Systems, Inc. All rights reserved. CONTENTS CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 1 CHAPTER 2 BGP 3 BITTORRENT 6 CITRIX 7 DHCP 8 DIRECTCONNECT 9 DNS 10 EDONKEY 11 EGP 12 EIGRP 13 EXCHANGE 14 FASTTRACK 15 FINGER 16 FTP 17 GNUTELLA 18 GOPHER 19 GRE 20 H323 21 HTTP 22 ICMP 23 IMAP 24 IPINIP 25 IPV6-ICMP 26 IRC 27 KAZAA2 28 KERBEROS 29 L2TP 30 NBAR2 Standard Protocol Pack 1.0 iii Contents LDAP 31 MGCP 32 NETBIOS 33 NETSHOW 34 NFS 35 NNTP 36 NOTES 37 NTP 38 OSPF 39 POP3 40 PPTP 41 PRINTER 42 RIP 43 RTCP 44 RTP 45 RTSP 46 SAP 47 SECURE-FTP 48 SECURE-HTTP 49 SECURE-IMAP 50 SECURE-IRC 51 SECURE-LDAP 52 SECURE-NNTP 53 SECURE-POP3 54 SECURE-TELNET 55 SIP 56 SKINNY 57 SKYPE 58 SMTP 59 SNMP 60 SOCKS 61 SQLNET 62 SQLSERVER 63 SSH 64 STREAMWORK 65 NBAR2 Standard Protocol Pack 1.0 iv Contents SUNRPC 66 SYSLOG 67 TELNET 68 TFTP 69 VDOLIVE 70 WINMX 71 NBAR2 Standard Protocol Pack 1.0 v Contents NBAR2 Standard Protocol Pack 1.0 vi CHAPTER 1 Release Notes for NBAR2 Standard Protocol Pack 1.0 NBAR2 Standard Protocol Pack Overview The Network Based Application Recognition (NBAR2) Standard Protocol Pack 1.0 is provided as the base protocol pack with an unlicensed Cisco image on a device.
    [Show full text]
  • Router Products Configurationguide
    Software Release 9.21 Chapters to ci co OlE Router Products ConfigurationGuide Chapters to6 Software Release 9.21 Corporate Headquarters PO Box 3075 1525 OBrien Drive Menlo Park CA 94026 415 326-1941 800 553-NETS Customer Order Number DOC-RTCG9.21 Cisco Document Assembly Number 83-0120-01 Text Part Number 78-1241-01 The products and specifications configurations and other technical information regarding the products contained in this manual are subject to change without notice All statements technical information and recommendations contained in this manual are believed to be accurate and reliable but are without of and take full for their of in this presented warranty any kind express or implied users must responsibility application any products specified manual incidental or limitation how warranties so Some states do not allow limitation or exclusion of liability for consequential or damages on long implied last and also have other that the above limitations or exclusions may not apply to you This warranty gives Customers specific legal rights you may rights vary from state to state instruction This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the manual may cause with the limits for device interference to radio communications This equipment has been tested and found to comply Class computing pursuant to Subpart of Part 15 of FCC Rules which are designed to provide reasonable protection against such interference when operated in commercial will be environment Operation
    [Show full text]
  • Edition with Romkey, April 16, 1986 (PDF)
    PC/IP User's Guide MASSACHUSETTS INSTITUTE OF TECHNOLOGY Laboratory For Computer Science Network programs based on the DoD Internet Protocol for the mM Personal Computer PC/~ release or March, 1986; document updated Aprill4, 1986 by: Jerome H. Saltzer John L. Romkey .• Copyright 1984, 1985, 1986 by the Massachusetts Institute or Technology Permission to use, copy, modlt'y, and distribute these programs and their documentation ror any purpose and without ree ls hereby granted, provided that this copyright and permission notice appear on all copies and supporting documentation, the name or M.I.T. not be used in advertising or publlclty pertalnlng to dlstrlbutlon or the programs without written prior permission, and notice be glven in supporting documentation that copying and distribution ls by permlsslon or M.I.T. M.I.T. makes no representations about the suitablllty or this software for any purpose. It is provided "as ls" without express or Implied warranty. - ii - CREDITS The PC/IP packages are bullt on the work of many people in the TCP/IP community, both at M.I.T. and elsewhere. Following are some of the people who directly helped in the creation of the packages. Network environment-John L. Romkey Terminal emulator and customizer-David A. Bridgham Inltlal TFTP-Kari D. Wright Inltlal telnet-Louls J. Konopelskl Teinet model-David D. Clark Tasking package-Larry W. Allen Development system-Christopher J. Terman Development environment-Wayne C. Gramlich Administrative Assistant-Muriel Webber October 3, 1985. This document is in cover .mss - iii- - iv Table of Contents 1. Overview of PC/IP network programs 1 1.1.
    [Show full text]
  • CSE 391 Lecture 4
    CSE 391 Lecture 4 Persistent shell settings; users/groups; permissions slides created by Marty Stepp, modified by Jessica Miller and Ruth Anderson http://www.cs.washington.edu/391/ 1 Lecture summary • Persistent settings for your bash shell • User accounts and groups • File permissions • The Super User 2 .bash_profile and .bashrc • Every time you log in to bash (e.g. ssh attu), the commands in ~/.bash_profile are run . you can put any common startup commands you want into this file . useful for setting up aliases and other settings for remote login • Every time you launch a non-login bash terminal (e.g. bash), the commands in ~/.bashrc are run . useful for setting up persistent commands for local shell usage, or when launching multiple shells . Do not put things that would produce output in .bashrc (e.g. echo) . often, .bash_profile is configured to also run .bashrc, but not always Note: a dot (.) in front of a filename indicates a normally hidden file, use ls –a to see 3 Exercise:Edit your .bashrc • Exercise : Make it so that our attu alias from earlier becomes persistent, so that it will work every time we run a shell. • Exercise : Make it so that whenever you try to delete or overwrite a file during a move/copy, you will be prompted for confirmation first. 4 Making Changes Visible • After editing your .bashrc or .bash_profile, how do you make the aliases etc. in the file take effect? . .bash_profile • log on again (e.g ssh attu), or • bash -l (el not one) will start a login shell, or • source .bash_profile .
    [Show full text]
  • Miineport W1 Series User's Manual
    MiiNePort W1 Series User’s Manual Edition 5.0, November 2017 www.moxa.com/product © 2017 Moxa Inc. All rights reserved. MiiNePort W1 Series User’s Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice © 2017 Moxa Inc. All rights reserved. Trademarks The MOXA logo is a registered trademark of Moxa Inc. All other trademarks or registered marks in this manual belong to their respective manufacturers. Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of Moxa. Moxa provides this document as is, without warranty of any kind, either expressed or implied, including, but not limited to, its particular purpose. Moxa reserves the right to make improvements and/or changes to this manual, or to the products and/or the programs described in this manual, at any time. Information provided in this manual is intended to be accurate and reliable. However, Moxa assumes no responsibility for its use, or for any infringements on the rights of third parties that may result from its use. This product might include unintentional technical or typographical errors. Changes are periodically made to the information herein to correct such errors, and these changes are incorporated into new editions of the publication. Technical Support Contact Information www.moxa.com/support Moxa Americas Moxa China (Shanghai office) Toll-free: 1-888-669-2872 Toll-free: 800-820-5036 Tel: +1-714-528-6777 Tel: +86-21-5258-9955 Fax: +1-714-528-6778 Fax: +86-21-5258-5505 Moxa Europe Moxa Asia-Pacific Tel: +49-89-3 70 03 99-0 Tel: +886-2-8919-1230 Fax: +49-89-3 70 03 99-99 Fax: +886-2-8919-1231 Moxa India Tel: +91-80-4172-9088 Fax: +91-80-4132-1045 Table of Contents 1.
    [Show full text]
  • Finger RFC #1288
    Network Working Group D. Zimmerman Request for Comments: 1288 Center for Discrete Mathematics and Obsoletes: RFCs 1196, 1194, 742 Theoretical Computer Science December 1991 The Finger User Information Protocol Status of this Memo This memo defines a protocol for the exchange of user information. This RFC specifies an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This memo describes the Finger user information protocol. This is a simple protocol which provides an interface to a remote user information program. Based on RFC 742, a description of the original Finger protocol, this memo attempts to clarify the expected communication between the two ends of a Finger connection. It also tries not to invalidate the many existing implementations or add unnecessary restrictions to the original protocol definition. This edition corrects and clarifies RFC 1196. Table of Contents 1. Introduction ........................................... 2 1.1. Intent ............................................... 2 1.2. History .............................................. 3 1.3. Requirements ......................................... 3 1.4. Updates .............................................. 3 2. Use of the protocol .................................... 4 2.1. Flow of events ......................................
    [Show full text]
  • AIS Data Profile 30 December 2016
    AIS Data Profile 30 December 2016 STIX Tab STIX Sub-Tab IN/OUT Examples Field Guidance Type Text Type STIX Core STIX Type BOTH [Company Name]:[Column A]- @id This is a required field - NCCIC will replace on xs:QName Schema restricted text [Company Unique ID] dissemination with NCCIC values. (partial) BOTH 1.1.1 @version This is a required field - DHS will not accepted stix:STIXPackageVersionEnum Vocabulary defined text anything other than 1.1.1 If anything other than the accepted value is submitted the field will be removed during the sanitization process. BOTH 2002-05-30T09:00:00 @timestamp This is a required field - Schema restricted text - xs:dateTime Schema restricted text This field should be date and time only. BOTH NA STIX_Header This is a required Container Object. stix:STIXHeaderType Container BOTH NA Indicators Container Object stix:IndicatorsType Container BOTH NA TTPs Container Object stix:TTPsType Container BOTH NA Courses_of_Action Container Object stix:CoursesOfActionType Container BOTH NA Exploit_Targets Container Object stix_common:ExploitTargetsType Container STIX Header Type BOTH Provides an unstructured, text Title Review Field - On automated dissemination this xs:string Free form text title field will be replaced by an auto-generated Title. The submitted contents will be reviewed/modified/sanitized and disseminated via human manual process. Future capabilities may eliminate the human review process. BOTH See Vocab Tab Package_Intent This is a required field - Reference the Vocab stixCommon:ControlledVocabularyStringType Vocabulary defined text Tab - stixVocabs:PackageIntentEnum-1.0 stixVocabs:PackageIntentEnum-1.0 If anything other than the accepted value is submitted the field will be removed during the sanitization process.
    [Show full text]
  • Section 4 Network Programming and Administration Exercises
    Lab Manual SECTION 4 NETWORK PROGRAMMING AND ADMINISTRATION EXERCISES Structure Page Nos. 4.0 Introduction 48 4.1 Objectives 48 4.2 Lab Sessions 49 4.3 List of Unix Commands 52 4.4 List of TCP/IP Ports 54 3.5 Summary 58 3.6 Further Readings 58 4.0 INTRODUCTION In the earlier sections, you studied the Unix, Linux and C language basics. This section contains more practical information to help you know best about Socket programming, it contains different lab exercises based on Unix and C language. We hope these exercises will provide you practice for socket programming. Towards the end of this section, we have given the list of Unix commands frequently required by the Unix users, further we have given a list of port numbers to indicate the TCP/IP services which will be helpful to you during socket programming. To successfully complete this section, the learner should have the following knowledge and skills prior to starting the section. S/he must have: • Studied the corresponding course material of BCS-052 and completed the assignments. • Proficiency to work with Unix and Linux and C interface. • Knowledge of networking concepts, including network operating system, client- server relationship, and local area network (LAN). Also, to successfully complete this section, the learner should adhere to the following: • Before attending the lab session, the learner must already have written steps/algorithms in his/her lab record. This activity should be treated as home- work that is to be done before attending the lab session. • The learner must have already thoroughly studied the corresponding units of the course material (BCS-052) before attempting to write steps/algorithms for the problems given in a particular lab session.
    [Show full text]
  • Terminal / Remote Access Server Reference Manual
    Terminal / Remote Access Server Reference Manual version 1.2 Reference Manual - Terminal / Remote Access Server Conventions To help with reading and using this reference manual, we will use the following conventions : Bold : ACS commands. Only commands are displayed in bold font, not parameters. Italic : Commands parameters and examples values are displayed in italic font. Text box All text typed during an ACS session GRAY Commands syntax - 2 - Reference Manual - Terminal / Remote Access Server CONTENTS AUDIT...................................................................................................................................5 CLOSE SESSION................................................................................................................8 DHCP...................................................................................................................................9 DOMAIN.............................................................................................................................11 EXIT...................................................................................................................................13 FINGER..............................................................................................................................14 HELP..................................................................................................................................15 IFCONFIG..........................................................................................................................16
    [Show full text]
  • Command Reference Master Index
    COMMAND REFERENCE MASTER INDEX Cisco lOS Release 12.0 Documentation also available on CD-ROM and the World Wide Web Cisco SYSTEMS Command Reference Master ndex Cisco lOS Release 12.0 Corporate Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134-1706 USA http/Iwwwcisco.com Tel 408 526-4000 800 553-NETS 6387 Fax 408 526-4100 Customer Order Number DOC-785857 Text Part Number 78-5857-01 CHANGE WITHOUT HE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO TO BE ACCURATE BUT ARE NOTICE ALL STATEMENTS INFORMATION AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED RESPONSIBILITY FOR THEIR PRESENTED WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED USERS MUST TAKE FULL APPLICATION OF ANY PRODUCTS THE INFORMATION THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN YOU ARE UNABLE TO PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE IF COPY LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY CONTACT YOUR CISCO REPRESENTATIVE FOR with the limits for Class of Class devices This has been tested and found to comply The following information is for FCC compliance equipment interference when the 15 of the FCC rules These limits are to reasonable protection against harmful digital device pursuant to part designed provide if not installed and used environment This and can radiate radio-frequency energy and equipment is operated in consmercial equipment generates uses communications of this in residential area is in accordance with the instruction
    [Show full text]