Virtual Private Networks 309 If you are running a firewall with NAT, you may have to write a special rule in your firewall so that it doesn’t translate the network address of that machine. Many newer firewall models automatically recognize IPsec packets and pass them through unchanged so this extra step is unnecessary. 8. To test your connection, try pinging an internal address on the other side of the remote gateway. If you get a successful response, then you have an IPsec tunnel up and running. 9. If you really want to verify that the packets are being encrypted, use a packet sniffer such as Tcpdump or Ethereal to see if you can read any of the packets. If the sniffer identifies the packets as ESP packets (ESP is one of the IPsec subprotocols) Table 9.2 FreeS/WAN Parameters Parameters Description Left The IP address of your Left IPsec gateway. Leftsubnet The range of IPs behind the Left gateway. Leftid The host name in a fully qualified domain name format and with an @ in front of it. For example, @gateway.example.com . Leftrsasigkey The key you copied earlier from the Left machine. Leftnexthop The default gateway for the Left machine. The default setting should work in most cases. Right Same as Left above but for the Right machine Rightsubnet Same as Leftsubnet above but for the Right machine. Rightid Same as Leftid above but for the Right machine. Rightrsasigkey Same as Leftrsasigkey above but for the Right machine. Rightnexthop Same as Leftnexthop above but for the Right machine. Auto The default setting of add authorizes the connection but doesn’t start it up when the system is booted. If you want it to start automatically, change this to start . Howlett_CH09.fm Page 309 Thursday, June 24, 2004 11:12 PM 310 Chapter 9 • Encryption Tools and the packet payloads come up looking like gibberish, then all is working cor- rectly. 10. If you want to add multiple net-to-net connections, you can just add another sec- tion with a new title such as conn office1-to-office2. You can also rename the orig- inal net-to-net connection name as long as it is the same in the ipsec config files on both machines. Road Warrior Mode This procedure is fairly similar to the last one, with a few excep- tions. In this mode, the Right machine is the local machine on your IPsec gateway and the Left machine is your remote user. 1. On your remote machine, edit the same /etc/freeswan/ipsec.conf file using the fol- lowing template. It looks similar to the net-to-net configuration with a few differences. conn road left=%defaultroute leftnexthop=%defaultroute leftid=@tonyslaptop.example.com leftrsasigkey=0sAQPIPN9uI right=192.0.2.2 rightsubnet=10.0.0.0/24 rightid=@gateway.example.com rightrsasigkey=0sAQOnwiBPt auto=add The remote configuration uses %defaultroute to pick up your dynamic IP. 2. The Right side should contain the information for the gateway. Get on the gateway machine and use this template for that ipsec.conf file. conn road left=192.0.2.2 leftid=gateway@example.com leftsubnet=192.0.2.1/24 leftrsasigkey=0sAQOnwiBPt rightnexthop=%defaultroute right=%any rightid=tonyslaptop@example.com rightrsasigkey=0sAQPIPN9uI auto=add Notice the entries are reversed on the gateway, using left for the Local machine and right for the remote. Also, the right IP is defined as %any . This is a wildcard that allows any IP address, since you won’t learn it until the remote user tries to con- nect. 3. Save this file. Howlett_CH09.fm Page 310 Thursday, June 24, 2004 11:12 PM Virtual Private Networks 311 4. You are ready to connect. Make sure that IPsec is up and running on the gateway machine, and then type the following command on the remote user end: ipsec auto start road This should initiate the connection as before. If you don’t get the message Ipsec SA established , check your settings or refer to the troubleshooting section on the FreeS/WAN Web site. 5. Test and verify the connection in the same manner as the net-to-net procedure. 6. You can set up multiple remote connections as in the previous procedure and rename them whatever makes sense to you. Opportunistic Encryption If you want to do this with FreeS/WAN, your gateway box must not be behind a firewall doing NAT (the change in the IP address in the headers messes up the IPsec header verification mode). It is preferable to have a static IP address on your gateway box. There are two ways to do OE: full or partial. In the full OE you can initiate outward IPsec connections and other IPsec hosts can initiate OE sessions with your gateway. In partial mode, your gateway must always initiate the connection. Both OE modes require you to have access to the DNS record for the hostname you want set up. Setting Up a Partial Opportunistic Encryption (initiate only) 1. First, edit the DNS record for the host name that you intend to use to add an entry for your key. The DNS record must match the ID you use in the ipsec.conf file. In the Road Warrior example earlier, that was gateway.example.com . Issue the following command on your gateway machine to create this record: ipsec showhostkey txt @ gateway_hostname Replace gateway_hostname with your hostname, such as gateway. example.com . It produces a text file with a text record containing your key and formatted in the proper DNS syntax. 2. Insert this record into the zone file for that domain as a forward TXT record. Note: If you aren’t sure how to edit DNS records, have your DNS administrator help you. Making a mistake with a DNS record can easily take your whole domain down. Also, keep in mind that the changes will take a while to propagate across the Internet. Depending on where you are querying from, this process might take as long as 48 hours. 3. You can check to see if the change has taken place yet with the following query: ipsec verify host gateway.example.com It should respond with an OK statement for the forward record. The reverse record lookup will fail, but this is acceptable as long as you don’t want to do a full OE. Remember that even though you can correctly query the DNS server, the other end of your connection may not be able to yet. Have them run the verify command as well. Howlett_CH09.fm Page 311 Thursday, June 24, 2004 11:12 PM 312 Chapter 9 • Encryption Tools 4. Once both sides can see the DNS record, then all you should have to do is restart your IPsec service by typing: service ipsec restart When it comes back up, you should be ready to go. This is all that is required, since FreeS/WAN will automatically configure the connec- tion using the DNS record information when it comes up. Setting Up Full Opportunistic Encryption In order to do full OE, you must have a static IP on the gateway and have full control of the DNS record for that IP. FreeS/WAN OE uses a reverse DNS lookup to verify the public key of any machine attempting to connect. The instructions are exactly the same as for partial OE, except that you also create a reverse DNS record for your gateway host name. Create the text file the same way as above and after adding it as a forward record, add it as a reverse record tying it back to your static IP address. Again, if you are unsure of how to edit a DNS file, get some help. DNS is not something to monkey around with lightly. Once both records are visible from the Internet, you should be able to restart your IPsec service and establish connections with IPsec OE compliant hosts. Password Crackers You have learned how to protect your information various ways using encryption, and how to encrypt files, sessions, and whole connections with other sites. The next section looks at a tool to help you make sure your password files are safe. This tool is a password encryption cracker. It does the reverse of all the tools in this chap- ter in that it tries to decrypt the password file without any keys. It is primarily to be used on password files to make sure you don’t have passwords that are easy to crack. Most passwords these days are not stored in plain text on the server. They are stored as hashes of the password so that the clear text password is not being passed across the network. On some operating systems, however, this hashing system is weak and the encryption is easily cracked. Worst case, if someone captures a password file, he or she can run a brute force attack on the hashes, discovering some passwords. This takes advan- tage of the tendency of most people to use simple passwords. You can limit this ability in most operating systems, but even then, people will figure out ways to get around the limi- tations in the interest of making their life simpler. Testing your password files with pass- word crackers is the only way to know for sure how safe your users’ passwords are. John the Ripper: A Password Cracking Tool John the Ripper Author/primary contact: Solar Designer Web site: www.openwall.com/john Platforms: Windows and most UNIX License: Freeware, BSD-like Version reviewed: 1.6 Howlett_CH09.fm Page 312 Thursday, June 24, 2004 11:12 PM Virtual Private Networks 313 John the Ripper was designed by the enigmatic Solar Designer to help system admin- istrators flush out weak passwords, mostly on UNIX systems. John uses a text password file and checks the hash for each word in the file against the password file. It even tries variations on dictionary words such as cat1, cat2, and so on. It also uses some randomizing techniques after it runs out of words to keep on trying as long as you want to let it run. It comes with a basic word file and you can also download various custom word files for dif- ferent operating systems or create your own. It is available for both UNIX and Windows. Since it is a command line tool only, the basic operations are the same for both operating systems. The separate installation pro- cesses are covered here. Windows Installation 1. Download the Windows binary package from the Web site or the book’s CD-ROM and unzip the file into its own directory. 2. There is no real Windows setup process here. Just put the files where you want them to reside and run them from that directory with the proper commands. You may want to add that directory to your system path if you want to be able to run John the Ripper from any directory. Otherwise, change to the john/run directory to access the binaries and run the program. UNIX Installation 1. Download and untar the source code files from the Web site or the book’s CD-ROM. 2. Issue the following command from the src directory it created: make This displays a list of systems supported. Note: If your system is not listed, substitute the command make generic in the next step (this should work most of the time). 3. Issue the following command substituting your supported system type for system : make system This builds the program and puts the main binary programs in the john/run directory. 4. Change into that directory and you are ready to run John the Ripper. Using John the Ripper 1. First, you need to have a copy of the password file. On most UNIX systems the password hashes aren’t stored in the main password file but are kept in a file called the shadow password file (called shadow on Linux systems). This protects the password hashes from being viewed easily, since the main user password file has to be accessible to various other parts of the operating system and so has to be world-readable. Howlett_CH09.fm Page 313 Thursday, June 24, 2004 11:12 PM 314 Chapter 9 • Encryption Tools The password hash file looks something like Listing 9.1. Listing 9.1 Sample Password Hash File root:$1$‰8_pwš/‚$3ABCmAmVVtBbgXc1EpAZ7.:12080:0:99999:7::: bin:*:12080:0:99999:7::: daemon:*:12080:0:99999:7::: adm:*:12080:0:99999:7::: lp:*:12080:0:99999:7::: sync:*:12080:0:99999:7::: apache:!!:12080:0:99999:7::: postfix:!!:12080:0:99999:7::: mysql:!!:12080:0:99999:7::: tony:$1$™bFÌb/_R$6RFzrkqq6nY4zTkmWQ8xV0:12080:0:99999:7::: The seemingly list of random characters after the account name is the hash of the password. That is what John the Ripper goes to work on. 2. The text file password in your John the Ripper directory contains the default word list. You can add to this list if you have some custom passwords you want it to try or replace it with your own word list. 3. To run John the Ripper, type the following command: john password_filename Replace password_filename with the filename of the password file you want to test. John the Ripper shows you any passwords it is able to crack on the screen as it tries. Most of the word lists will be run through in a few minutes. This is long enough for most purposes, but if you want to let it run longer to really test your passwords, you can run the process in the background. You can also interrupt the testing process and return to it later. Press CTRL+C once to stop the testing and save the results in a file called john.pot. Note that pressing CTRL+C twice will abort the search and not save your results. 4. You can view the passwords retrieved thus far by typing: john -show password_file 5. If you want to back up a cracking session, use the following command: john –restore And that’s about all there is to it. Happy password cracking (only your own password files, please!). If you find weak passwords, you can go to those people and have them change them or institute policies on the server that require stronger passwords. Howlett_CH09.fm Page 314 Thursday, June 24, 2004 11:12 PM 315 C HAPTER 10 Wireless Tools Until recently, network administrators mostly only had to worry about securing physical, fixed information technology assets. This includes servers, routers, and firewalls: the things that make up our wire-line networks. However, with the advent of inexpensive wire- less network equipment, there is a whole new spectrum (no pun intended) of security problems to contend with. This new technology has helped to lower the cost of deploying networks, brought access to places it wasn’t before, and made the term “mobile computing” truly a reality. It has also drastically changed the network security perimeter for companies of all sizes. Tra- ditionally, corporate networks were connected to the outside world in only a few places (see Figure 10.1). This allowed network managers to concentrate on protecting these lim- ited access points. You could put firewalls and other defenses at these crucial choke points. The inside of the network was largely treated as trusted because there was no way to get there other than through the protected points. Chapter Overview Concepts you will learn: • Wireless LAN terms • The 802.11 protocols • Weaknesses of wireless LANs • Wireless assessment equipment Tools you will use: NetStumbler, StumbVerter, Kismet Wireless, and AirSnort Howlett_CH10.fm Page 315 Friday, June 25, 2004 12:07 AM 316 Chapter 10 • Wireless Tools Now the advancing march of technology has moved the security bar up a notch again. With a wireless LAN deployed, your new security perimeter becomes literally the air around you. Wireless attackers or eavesdroppers can come from any direction. If you have wireless access deployed, anyone with a $50.00 card can potentially listen in on your network wire without ever stepping foot on your premises. Figure 10.2 shows the new net- work security perimeter with wireless technology. As you can see, if you are using wireless for part of your network, your security threats go up considerably. But before you can properly secure your wireless network, you need to understand how wireless local area networks function and what their basic weaknesses are. Manufacturers of wireless LAN equipment have lowered the prices so much that it is now a feasible alternative for home networks. Rather than wiring your house for Ethernet to connect your PCs, you can buy a wireless base station and a couple of wireless cards and use the Internet from any room in your house (or outside for that matter). Many busi- ness conventions now offer free wireless Internet access to their attendees via wireless sta- tions. There are grassroots campaigns to create free Internet access for neighborhoods outside the reach of DSL or cable by using public wireless access points. Wide deploy- ment of wireless LAN technology is definitely here to stay, and sooner or later you will probably have to deal with it. Wireless LAN Technology Overview The most popular protocol for wireless LAN technology today is by far the 802.11 series, commonly known as Wi-Fi . The 802.11 wireless standards are basically an extension of the Ethernet protocol, which is why it interoperates so well with wired Ethernet networks. It uses the frequencies of 2.4GHz for 802.11b and 802.11g and 5GHz for 802.11a to Figure 10.1 Network Threats Before Wireless Networking Firewall Attacks Attacks Computer Computer Computer Computer Computer The Internet Local LAN Howlett_CH10.fm Page 316 Friday, June 25, 2004 12:07 AM Wireless LAN Technology Overview 317 broadcast data signals. These frequencies are general-use spectrum, so you don’t have to apply for a license from the FCC to use them. The downside of this is that other consumer devices can use these wavelengths too. Some cordless phones and microwaves are also on the 2.4GHz band, so if you have these devices or other Wi-Fi networks in your area, you may encounter some interference. This wavelength is perfect for the short range that Wi-Fi is intended for. Its design parameters allow for about 150 feet indoors and over 800 feet outdoors under normal con- ditions. However, with a high-power antenna and line of sight, you can get up to a 20-mile range, which makes it attractive for office-to-office communications within a city (this assumes you are not in very mountainous terrain and you have access to a rooftop at least several floors up). Table 10.1 describes the four flavors of the 802.11 wireless standard that have emerged. Wi-Fi Terms A Wi-Fi wireless network can operate in one of two modes. Ad-hoc mode allows you to directly connect two nodes together. This is useful if you want to connect some PCs together and don’t need access to a LAN or to the Internet. Infrastructure mode lets you set up a base station, known as an access point (AP), and connect it to your LAN. All of the wireless nodes connect to the LAN through this point. This is the most common con- figuration in corporate networks, as it allows the administrator to control wireless access at Figure 10.2 Network Threats with Wireless Networking Firewall Attacks Attacks Attacks Computer Computer Computer Computer Computer The Internet Local LAN Wireless access point Laptop Laptop Laptop Howlett_CH10.fm Page 317 Friday, June 25, 2004 12:07 AM 318 Chapter 10 • Wireless Tools one point. Each wireless access point and card has a number assigned to it called a Basic Station System ID (BSSID). This is the MAC address for the access point’s wireless side. The access point also has a Station Set Identifier (SSID), which defines the name of the wireless network that all the nodes associate with. This name is not necessarily unique to that access point. In fact, most manufacturers assign a default SSID to APs so they are usable right out of the box. The access point’s SSID is needed to connect to the network. Some base stations have additional functionality, including routers and built-in DHCP servers. There are even some integrated units that act as a wireless access point, firewall, and router for home and small business users. You set up a wireless network node by installing a wireless network interface card (NIC) in a computer. A wireless NIC comes in several forms: It can be a card that goes in a PC slot, a PCMCIA card, an external USB device, and now even a compact flash format for the smaller slots in handheld computers. An 802.11 wireless network in infrastructure mode has an access point that acts as your bridge between the wired Ethernet LAN and one or more wireless endpoints. The access point sends out “beacon” broadcasts fre- quently to let any wireless node in the area know that it is there. The beacon broadcasts act like a lighthouse, inviting any wireless nodes in the area to log on. These beacon signals are part of the problem with Wi-Fi. It is impossible turn off these signals completely, which makes it hard to hide the fact that you have a wireless network in your office. Any- one with a wireless card can at least see your beacon signals if they are in range, although some sets allow you to limit the amount of information that goes out in these broadcasts. Table 10.1 802.11 Wireless Standards Standards Descriptions 802.11a This version of the standard uses the 5 GHz wavelength, which is a less crowded spectrum and is less likely to have interference problems. The theo- retical potential for this technology is 54Mps, which is a huge amount of band- width, but most applications in the field do not get that nearly that much. 802.11b This is currently the most popular wireless standard. It uses the 2.4 GHz wave- length, which Bluetooth and other consumer devices also use. It offers up to 11Mps of bandwidth, although practical applications under less than optimal conditions usually yield about half of that. 802.11g A newer release, this standard provides up to 54Mps bandwidth, but in the same 2.4GHz spectrum as 11b. It is also backwardly compatible with 11b hardware. 802.11i This new protocol is basically an extension of 802.11b with fixes to the encryption protocol to make it much more secure. It has just recently been approved by the IEEE, and products using it should be available in late 2004. Howlett_CH10.fm Page 318 Friday, June 25, 2004 12:07 AM . File root:$1$‰8_pwš/‚$3ABCmAmVVtBbgXc1EpAZ7 .:1 208 0:0 :9 999 9:7 :: : bin: *:1 208 0:0 :9 999 9:7 :: : daemon: *:1 208 0:0 :9 999 9:7 :: : adm: *:1 208 0:0 :9 999 9:7 :: : lp: *:1 208 0:0 :9 999 9:7 :: : sync: *:1 208 0:0 :9 999 9:7 :: : apache:! !:1 208 0:0 :9 999 9:7 :: : postfix:! !:1 208 0:0 :9 999 9:7 :: : mysql:! !:1 208 0:0 :9 999 9:7 :: : tony:$1$™bFÌb/_R$6RFzrkqq6nY4zTkmWQ8xV 0:1 208 0:0 :9 999 9:7 :: : The. File root:$1$‰8_pwš/‚$3ABCmAmVVtBbgXc1EpAZ7 .:1 208 0:0 :9 999 9:7 :: : bin: *:1 208 0:0 :9 999 9:7 :: : daemon: *:1 208 0:0 :9 999 9:7 :: : adm: *:1 208 0:0 :9 999 9:7 :: : lp: *:1 208 0:0 :9 999 9:7 :: : sync: *:1 208 0:0 :9 999 9:7 :: : apache:! !:1 208 0:0 :9 999 9:7 :: : postfix:! !:1 208 0:0 :9 999 9:7 :: : mysql:! !:1 208 0:0 :9 999 9:7 :: : tony:$1$™bFÌb/_R$6RFzrkqq6nY4zTkmWQ8xV 0:1 208 0:0 :9 999 9:7 :: : The seemingly list of random. commands. You may want to add that directory to your system path if you want to be able to run John the Ripper from any directory. Otherwise, change to the john/run directory to access the binaries