Information Systems Security

Information Security, sometimes shortened to InfoSec, is the practice of defending information from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.  It is a general term that can be used regardless of the form the data may take (eg electronic, physical).  (wikipedia)



http://www.digitalattackmap.com/
https://cybermap.kaspersky.com/
http://map.norsecorp.com/#/

Refer to Security Lab Page for completed labs.

Introduction

This week is an introduction to Security of Information Systems, some key terminology. Looking at the different areas of IT we want to secure. 
Lab session:
  • Introduce the Laboratory environment.
  • Familiarise ourselves with some CLI utilities to search out network identities
Tasks:
  • Familiarise yourself with the Forums, reference websites and course outline. 
  • Browse through the Safari catalogue under the "Security" category.


CLI utilities command-line interface or command language interpreter (CLI), also known as command-line user interfaceconsole user interface,[1] and character user interface (CUI), is a means of interacting with acomputer program where the user (or client) issues commands to the program in the form of successive lines of text (command lines).
The CLI was the primary means of interaction with most computer systems until the introduction of the video display terminal in the mid-1960s, and continued to be used throughout the 1970s and 1980s onOpenVMSUnix systems and personal computer systems including MS-DOSCP/M and Apple DOS. The interface is usually implemented with a command line shell, which is a program that accepts commands as text input and converts commands to appropriate operating system functions.
Command-line interfaces to computer operating systems are less widely used by casual computer users, who favor graphical user interfaces.
Alternatives to the command line include, but are not limited to text user interface menus (see IBM AIX SMIT for example), keyboard shortcuts, and various other desktop metaphors centered on the pointer(usually controlled with a mouse). Examples of this include the Windows versions 1, 2, 3, 3.1, and 3.11 (an OS shell that runs in DOS), DosShell, and Mouse Systems PowerPanel.
Command-line interfaces are often preferred by more advanced computer users, as they often provide a more concise and powerful means to control a program or operating system.  Programs with command-line interfaces are generally easier to automate via scripting.
Command line interfaces for software other than operating systems include a number of programming languages such as Tcl/Tk, PHP and others, as well as utilities such as the compression utilities WinZip and UltimateZip, and some FTP and ssh/telnet clients.

Threats, Attacks and Intrusions

Appraise access, modification, DoS and repudiation attacks.
Lesson:
  • Discussion on attacks and types of attacks in IS. 
Lab session:
  • Investigate the concept of vulnerabilities and the relation to attacks.


CIA Triad (confidentialityintegrity and availability)

Availability, confidentiality, integrity, accountability
Lesson:
  • Discussion on the concepts of Availability, Confidentiality, Integrity and Accountability.
Lab session:
  • Evaluating WiFI security


Risk Assessment

Identify & measure organisational risks
Lesson:
  •  Discussion on Identifying and measuring risks to an organisational.
Lab session:
  • Discusson on the DRP, BCP and security policies.
Tasks:
  • Prepare material for Lab 3:Week 6 


Security Policies, Standards & Procedures

Define & deploy security policies.
Lesson:
  • Discussion on compiling, defining and deploying security policies.
  • Designing a Disaster recovery plan.
Lab session:
  • Investigate system recovery software.
Tasks:

Administrative and Technical Security

Discriminate between administrative & technical security, facilitate the security process.
Lesson:
  • Can you discriminate between administrative and technical security and facilitate the security process?
Lab session:
  • Experiment with  some password cracking using commonly available tools
  • Breaking into protected files.


Security auditing

Lesson:
  • Appraise policy adherence using audits. Awareness training
Lab session:
  • Investigation into cryptographic techniques.
Tasks:



Hacking and Malware

Evaluate hacker techniques, malicious code (viruses, Trojan, worms)
Lesson:
  • This week we evaluate different hacker techniques and malicious code including viruses, Trojans, and Worms.
Lab session:
  • Install and configure and evaluate Antivirus software.
Tasks:
  • Prepare material for Lab 2:Week 4 


Firewalling

Firewall types and configurations.
Lesson:
  • Investigation into firewall types and configurations
Lab session:
  • Evaluation of firewall software.
Tasks:
  • Install and evaluate an pfSense - http://www.pfsense.org/



Virtual private networking

Evaluate types of VPNs systems and techniques
Lesson:
  • Discussion on VPN schematics - IPsec vs SSL
  • Discussion on network proxy systems - Squid caching proxy & Delegate
  • This week we evaluate different types of VPN systems and techniques.
Lab session:
  • Install and configure VPN and proxy software
Tasks:
  • Install and evaluate OpenVPN - http://openvpn.net/index.php/open-source.html
  • Install and evaluate Delegate proxy - http://www.delegate.org/delegate/


Digital Keys and Certificates

Public and private key encryption. Digital signature and the trust systems
Lesson:
  • Discussion on public and private key encryption.
  • Discussion on Digital signature and the trust systems.
Lab session:
  • Install and configure openVPN using certificates generated with openSSL.
Tasks:
  • Install and evaluate an openSSL - http://www.openssl.org/


Intrusion Detection

Explore types of intrusion detection systems. Management vs prevention
Lesson:
  • Exploration into types of intrusion detection systems.
Lab session:
  • Investigate IDS software tools.
Tasks:
  • Install and evaluate an Backtrack or Kali Linux 

Web Application Security

E-Commerce services. Client-side, Server-side, Application & Database security
Lesson:
  • Discussion on web application security.
  • Discussion on SQL injection.

Wireless Security

Wireless Technology and Security
Lesson:
  • Discussion on wireless technology and surrounding security issues

nLesson 20-Wireless Security
nOverview
nIntroduction to wireless networks.
nUnderstanding current wireless technology.
nUnderstanding wireless security issues.
nDeploying wireless safely.
nIntroduction to Wireless Networks
nWireless networks are inexpensive and easy to set up and use.
nBut wireless technology opens up some serious security issues to organizations using them.
nAs yet no effective solution has been put forward to handle the risk of wireless networks.
nUnderstanding Current Wireless Technology
nWireless LANs (WLAN) center around IEEE 802.11x standards.
nThese standards allow workstations to establish connections with a wireless access point (AP).
nAccess points are in turn connected to wired LAN or another workstation.
n802.11x standard provides for exchange of authentication information and for encryption of the information.
nUnderstanding Current Wireless Technology
Standard architectures:
nTypical 802.11x standard allows for connectivity up to 150 feet indoors and 1,500 feet outdoors.
nDHCP server in this architecture provides necessary information that allows proper workstation communication to network.
nUnderstanding Current Wireless Technology
Transmission security:
n802.11x standard defines Wired Equivalent Privacy (WEP) protocol to protect information passing over WLAN.
nWEP provides authentication, confidentiality, and integrity services.
nAuthentication service can be used to authenticate a workstation to the AP.
nUnderstanding Current Wireless Technology
Transmission security:
nOpen System authentication or cryptographic authentication provides no proof to the AP of the workstation’s identity.
nThis method leaves the workstation open to attach itself to any rogue AP.
nAuthentication and confidentiality services use RC4 algorithm, which cannot be easily attacked.
nUnderstanding Current Wireless Technology
Transmission security:
nConfidentiality mechanism protects all protocol header information and data above the 802.11x protocol.
nWEP supports 40-bit and 128-bit keys.
nWEP does not specify a key management system, which means that WEP installations rely on static keys.
nUnderstanding Current Wireless Technology
Transmission security:
nAnother problem with WEP is that an intruder can capture the initialization vectors and also determine the encryption key.
nImplementation of RC4 in WEP is flawed and open to compromise.
nIntegrity check on each packet should be done by using cyclic redundancy check (CRC) of 32 bits.
n
nWi-Fi Protected Access (WPA) is a data encryption specification for 802.11 wireless networks that replaces the weaker WEP. Created by the WiFi Alliance before a 802.11i security standard was ratified by the IEEE, it improves on WEP by using dynamic keys, Extensible Authentication Protocol to secure network access, and an encryption method called Temporal Key Integrity Protocol (TKIP) to secure data transmissions. WPA provides roughly comparable security to VPN tunneling with WEP, with the benefit of easier administration and use.
nUnderstanding Current Wireless Technology
Authentication:
nAuthentication is a part of securing a WLAN.
nWLAN users have service set identifier (SSID), MAC address, WEP, and 802.1x port-based network access control options for authentication.
nThese options cannot manage risk of WLAN by themselves.
nFor a workstation to associate with an AP, it must have the SSID.
nUnderstanding Current Wireless Technology
Authentication:
nSince SSID is broadcast by many APs, listening workstations can use it to add themselves to the appropriate network.
nSome APs use MAC address authentication to authorize computers to access the WLAN.
nMAC addresses must be transmitted in clear or the network would not function.
nAn intruder listening to the traffic could misuse MAC addresses.
nUnderstanding Current Wireless Technology
Authentication:
n802.1X protocol is an add-on to all layer 2 network access protocols including Ethernet and WLANs.
nUse of 802.1X allows for stronger authentication mechanism.
nSince mutual authentication is optional with 802.1X, many default installations will be open to interception attacks.
nUnderstanding Wireless Security Issues
nUse of WLANs involves risks like eavesdropping, direct internal attacks, and attacks against external sites.
nSeveral tools are available to detect WLANs easily.
nWLANs allow computers close to the physical network to communicate as if on the network.
nIn WLANs, intruders have the ability to gain access to an organization’s internal network.
nUnderstanding Wireless Security Issues
nOrganizations using WEP are also subject to eavesdropping because of tools like WEPCrack.
nWEPCrack requires the intruder to collect millions of packets to determine the encryption key.
n A passive eavesdropping attack is almost impossible to detect.
nAn intruder can attack WLANs internally or externally and discover and exploit vulnerabilities.
nUnderstanding Wireless Security Issues
nIt is difficult to find the physical location of an intruder since IP addresses are not location-specific.
nThe organization may be legally responsible if an intruder gained access to the internal network.
n
nDeploying Wireless Safely
nDeployment of WLAN should be preceded by a thorough risk assessment.
nProper security measures should be implemented by the organization to reduce risk while deploying a WLAN.
nAccess point security, transmission security, workstation security, and site security measures assist in risk management.
nDeploying Wireless Safely
Access point security:
nConfiguring the AP is an important starting point.
nSetting WEP key and using MAC addresses help to limit AP detection.
nHTTPS should be used to manage AP when possible along with strong passwords.
nAPs should be positioned so that their range outside the facility is limited.
nDeploying Wireless Safely
Transmission security:
nThough WEP has serious vulnerabilities, it does not provide easy access to casual intruders.
nIt is appropriate to use another encryption system along with WEP.
nWLAN can be treated as a semi-trusted or untrusted segment of the network.
nDeploying Wireless Safely
Workstation security:
nIt is possible to directly attack workstations on a WLAN.
nAppropriate anti-virus software or personal firewalls should be used on workstations for protection.
nDeploying Wireless Safely
Site security:
nWLANs should be placed on their own network and protected with a firewall between WLAN and the internal network.
nAn intrusion detection system should be deployed on WLAN to detect unauthorized visitors.
nOrganizations must address illegal or unauthorized APs by performing periodic wireless assessments on their networks.
nSummary
nWireless LANs center around the 802.11x standards.
nWEP provides authentication, confidentiality, and integrity services.
nWLAN users have service set identifier (SSID), MAC address, WEP, and 802.1x port-based network access control options for authentication.
nSummary
nSecurity risks in WLANs include eavesdropping, direct internal attacks, and attacks against external sites.
nSecurity measures like access point security, transmission security, workstation security, and site security assist in managing risk.
n
nKey Points:
nIf Wireless attacked then internal LAN access is obtained.
nEavesdropping is most obvious type of attack.
nPassive attack is hard to detect (not ‘on the wire’)
nWEP – weak – WPA better (suggest you read up on these 2 historically – reason why WEP weak etc
nE.g. an EIT implementation may require Users to submit laptops to IT services or at least sign/verify that Laptop is sound OS, has updated anti-virus etc
n
nBogus AP’s attracting workstations is an unusual but interesting scenario….
n
n
nAP
n
n
nExcellent article explaining Wireless overall …
n
n
n
nWPA Link
n

No comments:

Post a Comment

Subscribe to: Posts (Atom)