INTRODUCTION TO NETWORK SECURITY LIMITED WARRANTY AND DISCLAIMER OF LIABILITY THE CD-ROM THAT ACCOMPANIES THE BOOK MAY BE USED ON A SINGLE PC ONLY. THE LICENSE DOES NOT PERMIT THE USE ON A NETWORK (OF ANY KIND). YOU FURTHER AGREE THAT THIS LICENSE GRANTS PERMISSION TO USE THE PRODUCTS CONTAINED HEREIN, BUT DOES NOT GIVE YOU RIGHT OF OWNERSHIP TO ANY OF THE CONTENT OR PRODUCT CONTAINED ON THIS CD-ROM. USE OF THIRD-PARTY SOFTWARE CONTAINED ON THIS CD-ROM IS LIMITED TO AND SUBJECT TO LICENSING TERMS FOR THE RESPECTIVE PRODUCTS. CHARLES RIVER MEDIA, INC. (“CRM”) AND/OR ANYONE WHO HAS BEEN INVOLVED IN THE WRITING, CREATION, OR PRODUCTION OF THE ACCOMPA- NYING CODE (“THE SOFTWARE”) OR THE THIRD-PARTY PRODUCTS CON- TAINED ON THE CD-ROM OR TEXTUAL MATERIAL IN THE BOOK, CANNOT AND DO NOT WARRANT THE PERFORMANCE OR RESULTS THAT MAY BE OBTAINED BY USING THE SOFTWARE OR CONTENTS OF THE BOOK. THE AUTHOR AND PUBLISHER HAVE USED THEIR BEST EFFORTS TO ENSURE THE ACCURACY AND FUNCTIONALITY OF THE TEXTUAL MATERIAL AND PROGRAMS CONTAINED HEREIN. WE, HOWEVER, MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, REGARDING THE PERFORMANCE OF THESE PROGRAMS OR CON- TENTS. THE SOFTWARE IS SOLD “AS IS” WITHOUT WARRANTY (EXCEPT FOR DEFECTIVE MATERIALS USED IN MANUFACTURING THE DISK OR DUE TO FAULTY WORKMANSHIP). THE AUTHOR, THE PUBLISHER, DEVELOPERS OF THIRD-PARTY SOFTWARE, AND ANYONE INVOLVED IN THE PRODUCTION AND MANUFACTURING OF THIS WORK SHALL NOT BE LIABLE FOR DAMAGES OF ANY KIND ARISING OUT OF THE USE OF (OR THE INABILITY TO USE) THE PROGRAMS, SOURCE CODE, OR TEXTUAL MATERIAL CONTAINED IN THIS PUBLICATION. THIS INCLUDES, BUT IS NOT LIMITED TO, LOSS OF REVENUE OR PROFIT, OR OTHER INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF THE PRODUCT. THE SOLE REMEDY IN THE EVENT OF A CLAIM OF ANY KIND IS EXPRESSLY LIMITED TO REPLACEMENT OF THE BOOK AND/OR CD-ROM, AND ONLY AT THE DISCRETION OF CRM. THE USE OF “IMPLIED WARRANTY” AND CERTAIN “EXCLUSIONS” VARIES FROM STATE TO STATE, AND MAY NOT APPLY TO THE PURCHASER OF THIS PRODUCT. INTRODUCTION TO NETWORK SECURITY NEAL KRAWETZ CHARLES RIVER MEDIA Boston, Massachusetts Copyright 2007 Career & Professional Group, a division of Thomson Learning Inc. Published by Charles River Media, an imprint of Thomson Learning, Inc. All rights reserved. No part of this publication may be reproduced in any way, stored in a retrieval system of any type, or transmitted by any means or media, electronic or mechanical, including, but not limited to, photocopy, recording, or scanning, without prior permission in writing from the publisher. Cover Design: Tyler Creative CHARLES RIVER MEDIA 25 Thomson Place Boston, Massachusetts 02210 617-757-7900 617-757-7969 (FAX) [email protected] www.charlesriver.com This book is printed on acid-free paper. Neal Krawetz. Introduction to Network Security. ISBN: 1-58450-464-1 eISBN: 1-58450-643-1 All brand names and product names mentioned in this book are trademarks or service marks of their respective companies. Any omission or misuse (of any kind) of service marks or trademarks should not be regarded as intent to infringe on the property of others. The publisher recognizes and respects all marks used by companies, manufacturers, and developers as a means to distinguish their products. Library of Congress Cataloging-in-Publication Data Krawetz, Neal. Introduction to network security / Neal Krawetz. -- 1st ed. p. cm. Includes bibliographical references and index. ISBN 1-58450-464-1 (pbk. with cd : alk. paper) 1. Computer networks--Security measures--Textbooks. 2. Computer network protocols--Textbooks. I. Title. TK5105.59.K73 2007 005.8--dc22 2006012902 Printed in the United States of America 06 7 6 5 4 3 2 CHARLES RIVER MEDIA titles are available for site license or bulk purchase by institutions, user groups, corporations, etc. For additional information, please contact the Special Sales Department at 800-347-7707. Requests for replacement of a defective CD-ROM must be accompanied by the original disc, your mailing address, telephone number, date of purchase and purchase price. Please state the nature of the problem, and send the information to CHARLES RIVER MEDIA, 25 Thomson Place, Boston, Massachusetts 02210. CRM’s sole obligation to the purchaser is to replace the disc, based on defective materials or faulty workmanship, but not on the operation or functionality of the product. Contents Acknowledgments xxvii Part I: Overview 1 1 Security 3 1.1 Importance 3 1.1.1 Terminology 4 1.1.2 Types of Security Issues 5 1.1.3 What Is Secure? 6 1.1.4 Compromise Response 6 1.2 Threat Models 8 1.2.1 Internal versus External 8 1.2.2 Intentional versus Accidental 12 1.3 Concepts 12 1.3.1 Confidentiality and Privacy 13 1.3.2 Authentication 13 1.3.3 Authorization and Access Control 13 1.3.4 Integrity 13 1.3.5 Nonrepudiation 13 1.4 Common Mitigation Methods 14 1.4.1 Compartmentalize 14 1.4.2 Secure Fail 14 1.4.3 Defense-in-Depth 15 1.4.4 Security-by-Obscurity 15 1.4.5 Security and Usability 16 1.5 People and Staff 17 1.5.1 Education 17 1.5.2 Experience 18 1.5.3 Track Record 19 1.6 Certifications 19 1.6.1 CISSP and SSCP 21 1.6.2 GIAC 22 1.6.3 CISA and CISM 23 1.6.4 Security+ 23 1.6.5 Certification Weaknesses 23 Summary 26 v vi Contents Review Questions 26 Discussion Topics 26 Additional Resources 27 2 Ethics 29 2.1 Ethical Training 30 2.1.1 Discipline 30 2.1.2 Access and Power 31 2.1.3 Apprenticeship and Experimentation 32 2.1.4 Professions 32 2.2 Ethical, Social, and Legal Considerations 33 2.2.1 Moral Example: Home Computing 35 2.2.2 Moral Example: Michael Lynn versus Cisco 35 2.2.3 Moral Framework 36 2.3 Intellectual Property 36 2.3.1 Copyright 37 2.3.2 Fair Use 38 2.3.3 Trademark 39 2.3.4 Patents 39 2.3.5 Impact on Network Security 39 2.4 Computer Crimes 40 2.4.1 Motive and Intent 40 2.4.2 Libel and Defamation 41 2.4.3 Forgery and Impersonation 41 2.4.4 Handling Evidence 42 2.4.5 Expectation of Privacy 43 2.4.6 Preparing for the Future 43 Summary 44 Review Questions 45 Discussion Topics 45 Additional Resources 45 3 Network Theory 47 3.1 Standards Bodies 48 3.1.1 Standards 49 3.1.2 RFC 50 3.2 Network Stacks 51 3.2.1 Network Stack Design 51 3.2.2 ISO OSI 53 3.2.3 DoD TCP/IP Stack 56 3.2.4 OSI versus TCP/IP 57 3.2.5 Other Stacks 58 3.2.6 User Layers 59 Contents vii 3.3 Multiple Stacks 59 3.3.1 Sequential Stacks 59 3.3.2 Stacks Within Stacks 59 3.3.3 VPN 60 3.4 Layers and Protocols 62 3.4.1 Mapping Protocols to Layers 62 3.4.2 Misaligned Mappings 62 3.4.3 Different Layers, Different Views 63 3.5 Common Tools 64 3.5.1 Querying Tools 64 3.5.2 Collection Tools 65 3.5.3 Assessment Tools 65 3.5.4 Analysis Tools 66 Summary 66 Review Questions 66 Discussion Topics 67 Additional Resources 67 4 Basic Cryptography 69 4.1 Securing Information 70 4.2 Necessary Elements 70 4.2.1 Plaintext and Ciphertext 70 4.2.2 Algorithm 70 4.2.3 Environment 71 4.2.4 Key 72 4.2.5 Cracking Cryptographic Systems 72 4.3 Authentication and Keys 73 4.3.1 Key Management Risks 74 4.3.2 Keys and Automated Systems 76 4.3.3 Symmetrical versus Asymmetrical Keys 76 4.3.4 Key Exchange 77 4.3.5 Certificates and Certificate Authorities 78 4.3.6 Kerberos 78 4.4 Cryptography and Randomness 79 4.4.1 Random Numbers 80 4.4.2 Confusion and Diffusion 80 4.4.3 S-Box 81 4.5 Hashes 81 4.5.1 Parity 82 4.5.2 Checksum 82 4.5.3 CRC 82 4.5.4 Cryptographic Hash Functions 85 4.5.5 Sparse Hash Mappings 86 viii Contents 4.5.6 Signed Cryptographic Hashes and HMAC 86 4.6 Ciphers 88 4.6.1 Simple Ciphers 88 4.6.2 Monoalphabetic and Polyalphabetic Ciphers 89 4.6.3 One-Time Pads 89 4.6.4 Book Ciphers 90 4.7 Encryption 90 4.7.1 Streaming and Block Ciphers 91 4.7.2 Block Cipher Modes 91 4.8 Steganography 93 Summary 94 Review Questions 94 Discussion Topics 95 Additional Resources 95 Part II OSI Layer I 97 5 Physical Layer 99 5.1 Types of Physical Mediums 100 5.1.1 Wired Network Protocols 100 5.1.2 Fiber-Optic Networks 101 5.1.3 Trunk Lines 101 5.1.4 Dynamic Networks 102 5.1.5 Wireless 102 5.2 Physical Network Components 103 5.3 Physical Network Risks 104 5.3.1 Eavesdropping 104 5.3.2 Replay 105 5.3.3 Insertion 105 5.3.4 Denial of Service (DoS) 105 5.4 Topologies 106 5.4.1 Bus Networks 107 5.4.2 Star Networks 108 5.4.3 Ring Networks 109 5.4.4 Broadcast Networks 110 5.4.5 Hybrid Networks 111 5.5 Physical Layer Security 111 5.6 Tracking Attacks 112 Summary 113 Review Questions 113 Discussion Topics 114 Additional Resources 114 Contents ix 6 Physical LAN 115 6.1 Physical LAN Regions 115 6.1.1 LAN 116 6.1.2 WAN 116 6.1.3 DMZ 117 6.1.4 MAN 117 6.2 Types of Attacks 117 6.2.1 Disruption 117 6.2.2 Interference 118 6.2.3 Intentional Attacks 118 6.3 Firewalls 118 6.3.1 Software Firewalls 119 6.3.2 Hardware Firewalls 120 6.3.3 Home Users and Firewalls 121 6.4 Privileged Zones 122 6.4.1 DMZ 123 6.4.2 Onion 124 6.4.3 Garlic 124 6.5 LAN Connections 125 6.5.1 Static Connections 125 6.5.2 Dynamic Connections 125 Summary 127 Review Questions 128 Discussion Topics 128 Additional Resources 129 7 Wireless Networking 131 7.1 Wireless Spectrum 131 7.2 Wireless Protocols 133 7.2.1 SSID 133 7.2.2 WEP 133 7.2.3 WEP Cracking 136 7.3 Wireless Risks 137 7.3.1 Packet Sniffing 138 7.3.2 SSID Information 138 7.3.3 Impersonation 139 7.3.4 Parasites 140 7.3.5 Direct Security Breaches 140 7.4 Risk Mitigation Options 140 7.4.1 SSID Labeling 140 7.4.2 Broadcasting SSID 141 7.4.3 Antenna Placement 141 x Contents 7.4.4 MAC Filtering 142 7.4.5 WEP: Better Than Nothing 142 7.4.6 Other Cryptographic Systems 142 7.4.7 Network Architecture 144 Summary 146 Review Questions 146 Discussion Topics 146 Additional