Lecture Security + Guide to Network Security Fundamentals - Chapter 6 include objectives: Protect e-mail systems, list World Wide Web vulnerabilities, secure Web communications, secure instant messaging.
Chapter 6: Web Security Security+ Guide to Network Security Fundamentals Second Edition Objectives • Protect e-mail systems • List World Wide Web vulnerabilities • Secure Web communications • Secure instant messaging Protecting E-Mail Systems • E-mail has replaced the fax machine as the primary communication tool for businesses • Has also become a prime target of attackers and must be protected How E-Mail Works • Use two Transmission Control Protocol/Internet Protocol (TCP/IP) protocols to send and receive messages – Simple Mail Transfer Protocol (SMTP) handles outgoing mail – Post Office Protocol (POP3 for the current version) handles incoming mail • The SMTP server on most machines uses sendmail to the actual sending; this queue is called the sendmail queue How E-Mail Works (continued) How E-Mail Works (continued) • Sendmail tries to resend queued messages periodically (about every 15 minutes) • Downloaded messages are erased from POP3 server • Deleting retrieved messages from the mail server and storing them on a local computer make it difficult to manage messages from multiple computers • Internet Mail Access Protocol (current version is IMAP4) is a more advanced protocol that solves many problems – E-mail remains on the e-mail server How E-Mail Works (continued) • E-mail attachments are documents in binary format (word processing documents, spreadsheets, sound files, pictures) • Non-text documents must be converted into text format before being transmitted • Three bytes from the binary file are extracted and converted to four text characters E-Mail Vulnerabilities • Several e-mail vulnerabilities can be exploited by attackers: – Malware – Spam – Hoaxes Malware • Because of its ubiquity, e-mail has replaced floppy disks as the primary carrier for malware • E-mail is the malware transport mechanism of choice for two reasons: – Because almost all Internet users have e-mail, it has the broadest base for attacks – Malware can use e-mail to propagate itself Malware (continued) • A worm can enter a user’s computer through an email attachment and send itself to all users listed in the address book or attach itself as a reply to all unread e-mail messages • E-mail clients can be particularly susceptible to macro viruses – A macro is a script that records the steps a user performs – A macro virus uses macros to carry out malicious functions Cookies (continued) • Can be used to determine which Web sites you view • First-party cookie is created from the Web site you are currently viewing • Some Web sites attempt to access cookies they did not create – If you went to www.b.org, that site might attempt to get the cookie A-ORG from your hard drive – Now known as a third-party cookie because it was not created by Web site that attempts to access the cookie Common Gateway Interface (CGI) • Set of rules that describes how a Web server communicates with other software on the server and vice versa • Commonly used to allow a Web server to display information from a database on a Web page or for a user to enter information through a Web form that is deposited in a database Common Gateway Interface (CGI) (continued) • CGI scripts create security risks – Do not filter user input properly – Can issue commands via Web URLs • CGI security can be enhanced by: – Properly configuring CGI – Disabling unnecessary CGI scripts or programs – Checking program code that uses CGI for any vulnerabilities 8.3 Naming Conventions • Microsoft Disk Operating System (DOS) limited filenames to eight characters followed by a period and a three-character extension (e.g., Filename.doc) • Called the 8.3 naming convention • Recent versions of Windows allow filenames to contain up to 256 characters • To maintain backward compatibility with DOS, Windows automatically creates an 8.3 “alias” filename for every long filename 8.3 Naming Conventions (continued) • The 8.3 naming convention introduces a security vulnerability with some Web servers – Microsoft Internet Information Server 4.0 and other Web servers can inherit privileges from parent directories instead of the requested directory if the requested directory uses a long filename • Solution is to disable creation of the 8.3 alias by making a change in the Windows registry database – In doing so, older programs that not recognize long filenames are not able to access the files or subdirectories Securing Web Communications • Most common secure connection uses the Secure Sockets Layer/Transport Layer Security protocol • One implementation is the Hypertext Transport Protocol over Secure Sockets Layer Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) • SSL protocol developed by Netscape to securely transmit documents over the Internet – Uses private key to encrypt data transferred over the SSL connection – Version 2.0 is most widely supported version – Personal Communications Technology (PCT), developed by Microsoft, is similar to SSL Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) (continued) • TLS protocol guarantees privacy and data integrity between applications communicating over the Internet – An extension of SSL; they are often referred to as SSL/TLS • SSL/TLS protocol is made up of two layers Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) (continued) • TLS Handshake Protocol allows authentication between server and client and negotiation of an encryption algorithm and cryptographic keys before any data is transmitted • FORTEZZA is a US government security standard that satisfies the Defense Messaging System security architecture – Has cryptographic mechanism that provides message confidentiality, integrity, authentication, and access control to messages, components, and even systems Secure Hypertext Transport Protocol (HTTPS) • One common use of SSL is to secure Web HTTP communication between a browser and a Web server – This version is “plain” HTTP sent over SSL/TLS and named Hypertext Transport Protocol over SSL • Sometimes designated HTTPS, which is the extension to the HTTP protocol that supports it • Whereas SSL/TLS creates a secure connection between a client and a server over which any amount of data can be sent security, HTTPS is designed to transmit individual messages securely Securing Instant Messaging • Depending on the service, e-mail messages may take several minutes to be posted to the POP3 account • Instant messaging (IM) is a complement to e-mail that overcomes these – Allows sender to enter short messages that the recipient sees and can respond to immediately Securing Instant Messaging (continued) • Some tasks that you can perform with IM: – Chat – Images – Sounds – Files – Talk – Streaming content Securing Instant Messaging (continued) • Steps to secure IM include: – Keep the IM server within the organization’s firewall and only permit users to send and receive messages with trusted internal workers – Enable IM virus scanning – Block all IM file transfers – Encrypt messages Summary • Protecting basic communication systems is a key to resisting attacks • E-mail attacks can be malware, spam, or hoaxes • Web vulnerabilities can open systems up to a variety of attacks • A Java applet is a separate program stored on the Web server and downloaded onto the user’s computer along with the HTML code Summary (continued) • ActiveX controls present serious security concerns because of the functions that a control can execute • A cookie is a computer file that contains user-specific information • CGI is a set of rules that describe how a Web server communicates with other software on the server • The popularity of IM has made this a tool that many organizations are now using with e-mail ... Wide Web Vulnerabilities • Buffer overflow attacks are common ways to gain unauthorized access to Web servers • SMTP relay attacks allow spammers to send thousands of e-mail messages to users • Web. .. the edge of the network to prevent spam from entering the SMTP server • Use a backlist of spammers to block any e-mail that originates from their e-mail addresses • Sophisticated e-mail filters... communication tool for businesses • Has also become a prime target of attackers and must be protected How E-Mail Works • Use two Transmission Control Protocol/Internet Protocol (TCP/IP) protocols to send