UnixNetworkSecuirty-05-2004-CIT-ACDS / Unix Network Security Mehmet Balman / Introduction A machine connected to phone lines or local network has the potential for intruders. Therefore security aspect of every system must always be kept in mind. Since internet grows rapidly, network services gain more importance in terms of operational and business requirements. This makes security concept one of the key points for the quality and availability of the running service. Basic idea behind secure environments is to decrease the probability for being compromised and analyze the risk of vulnerabilities. This paper presents a brief survey about the security concept in host and network environment according to philosophy behind Unix. Instead of working about the details, we will discuss the general concepts, guidelines to implement basic structure. We will present an implementation as the example in practice. In the first chapter basic concepts about Information security will be explained for motivation and introduction. Next chapter is about properties of Unix systems. Third chapter will provide an architectural view of the overall concepts and introduce idea behind Unix Network Security. Fourth chapter will guide through Unix security concepts. Last chapter is a special example for Solaris implementation. Security Essentials Security is a very general terminology in computer science environment. Since electronic communication and electronic data has an essential importance in all aspects of business and personal process, leaking information may produce harmful damages for different situation. However, securing information will bring difficult tasks and policies which are hard to apply and most probably will affect service given. Thus, security concept must be investigated in such a policy plan which first analyze risks and then reorganize the structure and implementation to improve quality and decrease probability of unexpected conditions. Moreover, security service can not be abandoned in today’s environment in which Internet is growing and network is being the basic resource of information industry. “Broadly speaking, security is keeping anyone from doing things you do not want them to do to, with, or from your computers or any peripherals” -William R. Cheswick Information security deals with three major concepts; confidentiality, integrity, availability. Information Security Classification: • Confidentiality Prevention of unauthorized disclosure of information. • Integrity Prevention of unauthorized modifications of information. • Availability Prevention of unauthorized withholding of information or resources Confidentiality is keeping your data or communication secret to others. Only authorized person should be able to access the information. Integrity is being sure that information has not been changed while processing or communicating. Availability is obtaining resources only to authorized clients. Confidentiality, availability and integrity are the basic term and point to different types of problems technically. They should be analyzed separately for services and systems to provide a composite security mechanism. Confidentiality is the problem that someone obtained the data that must be confidential. If this data is changed or manipulated, it is about integrity. For a secure network or secure system, security services should be applied and possible cases must be investigated in terms of confidentiality, availability and integrity Security services can be defined as methodologies and processes which are needed to enhance system in terms of confidentiality, availability and integrity. “A service that enhances the security of the data processing systems and the information transfers of an organization. The service counters security attacks and makes use of one or more security mechanisms to provide the service.” -William Stallings Security Service Classification: • Confidentiality Restricts information access to authorized parties. • Authentication Identification of the user/service/system/etc. • Integrity Restricts alterations to authorized parties. • Nonrepudiation Yes you did send it or yes you did read it. • Access Control Restricts access to resources to authorized parties. • Availability Keeping the system up when needed by authorized parties. Security services are implemented for possible attacks which are interruption, interception, modification and fabrication. Each attack class should be prevented with a counter service implementation. Security Attack Classification: •Interruption Attack on Availability •Interception Attack on Confidentiality •Modification Attack on Integrity •Fabrication Attack on Authentication Unix Operating System Unix Operating System is an environment which is widely used in different vendor products. It is an approved OS in terms of performance, utilization and also security. In Internet environment Unix machines are mostly used and it has started to be standard as an Operating System and dominant over other systems. Some derivates are Red Hat Linux, Suse Linux, SUN Solaris, IBM AIX, MAC OS X, Debian Linux, FreeBSD, OpenBSD, etc. System has a modular structure in which resources such as memory, CPU and IO are treated in different layers. This behavior makes Unix more flexible for increasing necessities of Information Technology. Os layers: • user programs • Input/output management • Operator-process communication • Memory management • CPU scheduling • Hardware Unix Operating System is designed according to security concepts to provide better qualitative service. It is a multithreaded, time-sharing environment which is very portable for development and enhancements. Some properties of basic Unix environments are the followings: •Designed to be a time-sharing system. •Has a simple standard user interface (shell) that can be replaced. •File system with multilevel tree-structured directories. •Files are supported by the kernel as unstructured sequences of bytes. •Supports multiple processes. •High priority given to making system interactive and providing facilities for program development Most of the security attacks are initiated from forgotten simple administrative or implementation defects. Main intuition while administrating a Unix system is to start from a higher level strong design and not to skip any case. Most of the security attacks are formed due to simple unimportant defects that seem insignificant; even there exists strong security services. Architectural Overview Unix Network security model is based on Internet connectivity and firewall model. Layers of firewalls also determine the layers of vulnerability. In order to understand the concept and start with healthy and working strategy, architectural overview of Unix Network system in terms of security will be introduced. General statements which apply to all network systems are risk, vulnerability, and threat. Analyzes of those statements should be done completely according to the necessities of the network and system. • Risk • Vulnerability • Treat Risk Risk is possibility of successful attack. An intruder may gain access in your local network and work on your system to read confidential data, manipulate or destroy information, or deny your running services. • Read Access. Read or copy information from your network. • Write Access. Write to or destroy data on your network (including planting trojan horses, viruses, and back-doors). • Denial of Service. Deny normal use of your network resources by consuming all of your bandwidth, CPU, or memory. Vulnerability Vulnerability is degree of your security and protection. Security attack may be caused from your network or outside of your network. Most of the attacks are originated from inside of the company, also intrudes will try to hide traces by breaking into the local network from outside. Treat Treat is the intruder who attempt to gain unauthorized access. However, value of your data and training of your trusted users will affect the vulnerability to treats. Motivation and Trust are two common factors. • Motivation • Trust Motivation is the usability of your data or how useful if your network is destroyed. Trust factor depends on how well you can trust to your users. Moreover, understanding and training of trusted users about feasible or approvable actions influences vulnerability. Therefore, while preparing a security implementation both motivation of intruders and effect of trusted users must be kept in mind. Unix Network Security Architecture can be organized within seven different layers: Security Layers: Layer Name Functional Description LAYER 7 POLICY POLICY DEFINITION AND DIRECTIVES LAYER 6 PERSONNEL PEOPLE WHO USE EQUIPMENT AND DATA LAYER 5 LAN COMPUTER EQUIPMENT AND DATA ASSETS LAYER 4 INTERNAL-DEMARK CONCENTRATOR - INTERNAL CONNECT LAYER 3 GATEWAY FUNCTIONS FOR OSI 7, 6, 5, 4 LAYER 2 PACKET-FILTER FUNCTIONS FOR OSI 3, 2, 1 LAYER 1 EXTERNAL-DEMARK PUBLIC ACCESS - EXTERNAL CONNECT Policy Policy is the high level definition of acceptable risk down to the low level directives of what and how to implement equipment and procedures at the lower layers. It is the most important part of the concept. Without a complete and effective policy, security services can not be accomplished. After analyzing risk, vulnerability and treat, policy which is usually a living and updating documentation is produced according to the service requirements of the organization. It is not a detailed implementation plan; a well defined policy only captures overall structure which will be utilized in the