Your SlideShare is downloading. ×
0
Securing Network – Wireless – and Connected Infrastructures Fred Baumhardt  Infrastructure Solutions Consulting Microsoft ...
Agenda <ul><li>Defining the Datacenter Network Security Problem </li></ul><ul><li>Penetration Techniques and Tools </li></...
The Datacenter Problem We All Face <ul><li>Systems organically grown under “Project” context </li></ul><ul><li>No clear be...
The Big Picture of Security <ul><li>OS hardening is only one component of security strategy AND  Firewalls are not a Panac...
Threat Modelling <ul><li>Internal Users are usually far more dangerous </li></ul><ul><li>Normal employees have tools, expe...
The First Phase of Hacking <ul><li>Information Gathering and Intelligence </li></ul><ul><ul><li>Port Scanning – Banner Gra...
The Second Phase of Hacking <ul><li>Analysis of Collected Information </li></ul><ul><ul><li>Process relevant bits of data ...
The Third Phase of Hacking <ul><li>The Compromise </li></ul><ul><ul><li>OS Specific Attacks </li></ul></ul><ul><ul><li>Den...
Networking and Security <ul><li>The network component is the single most important aspect to security </li></ul><ul><li>Wi...
Network Problems ctd <ul><li>Use encryption and authentication to control access to network </li></ul><ul><ul><li>WEP – Wi...
Securing a Wireless Connection <ul><li>Three major strategies </li></ul><ul><ul><li>WEP – basic low security simple soluti...
What about the wired network ? <ul><li>This is where the hackers kill you </li></ul><ul><li>Currently a “total trust” mode...
VPN <ul><li>Extend the “internal” network space to clients in internet </li></ul><ul><li>Extends the security perimeter to...
How the Architecture Can Prevent Attack Internet Redundant Routers Redundant Firewalls VLAN VLAN VLAN VLAN Redundant Inter...
How do I do it ? <ul><ul><li>A Flat DMZ Design to push intelligent inspection outwards </li></ul></ul><ul><ul><li>ISA laye...
Call To Action <ul><li>Take Action – your network transport is insecure </li></ul><ul><li>Read and use security operations...
____________________________________________________________ Wherever you go – go securely !
Upcoming SlideShare
Loading in...5
×

Securing Network – Wireless – and Connected Infrastructures

277

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
277
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Securing Network – Wireless – and Connected Infrastructures"

  1. 1. Securing Network – Wireless – and Connected Infrastructures Fred Baumhardt Infrastructure Solutions Consulting Microsoft Security Solutions, Feb 4 th , 2003
  2. 2. Agenda <ul><li>Defining the Datacenter Network Security Problem </li></ul><ul><li>Penetration Techniques and Tools </li></ul><ul><li>Network Defence-in-Depth Strategy </li></ul><ul><ul><li>Perimeter and Network Defences </li></ul></ul><ul><ul><li>Operating System and Services Defences </li></ul></ul><ul><ul><li>Application Defences </li></ul></ul><ul><ul><li>Data Defences </li></ul></ul>
  3. 3. The Datacenter Problem We All Face <ul><li>Systems organically grown under “Project” context </li></ul><ul><li>No clear best practice from vendors </li></ul><ul><li>Security often bolted on as an afterthought </li></ul><ul><li>Fear of change – Time to Market </li></ul>Some Core Systems Internet Systems Departments Extranets Branch Offices Project 1…n System
  4. 4. The Big Picture of Security <ul><li>OS hardening is only one component of security strategy AND Firewalls are not a Panacea </li></ul><ul><li>Entering the Bank Branch doesn’t get you into the vault </li></ul><ul><li>Security relies on multiple things </li></ul><ul><ul><li>People and skills </li></ul></ul><ul><ul><li>Process and incident management </li></ul></ul><ul><ul><li>Internal Technologies – E.G. OS, Management Tools, switches, IDS, ISA </li></ul></ul><ul><ul><li>Edge Technologies – Firewalls, ISA, IDS </li></ul></ul>
  5. 5. Threat Modelling <ul><li>Internal Users are usually far more dangerous </li></ul><ul><li>Normal employees have tools, experience, and know your systems – after all they use them </li></ul><ul><li>Customers usually take little internal protection precautions – preferring to focus on external Firewalls, and DMZ scenarios for security </li></ul><ul><li>Data is now being hacked – not just systems </li></ul>
  6. 6. The First Phase of Hacking <ul><li>Information Gathering and Intelligence </li></ul><ul><ul><li>Port Scanning – Banner Grabbing – TCP/IP Packet Profiling – TTL Packet Manipulating </li></ul></ul><ul><ul><li>Researching network structure – newsgroup posts, outbound emails, these all hold clues to network design </li></ul></ul>.
  7. 7. The Second Phase of Hacking <ul><li>Analysis of Collected Information </li></ul><ul><ul><li>Process relevant bits of data about target network </li></ul></ul><ul><ul><li>Formulate an attack plan </li></ul></ul><ul><ul><li>For Example: Attacker wont use SUN specific attacks on W2K Boxes, won’t use NT Attacks on .NET etc.. </li></ul></ul><ul><ul><li>Hacker Forums, websites, exploit catalogues </li></ul></ul>
  8. 8. The Third Phase of Hacking <ul><li>The Compromise </li></ul><ul><ul><li>OS Specific Attacks </li></ul></ul><ul><ul><li>Denial of Service Attacks </li></ul></ul><ul><ul><li>Application Attacks </li></ul></ul><ul><ul><ul><li>Buffer Overflows </li></ul></ul></ul><ul><ul><ul><li>URL String Attacks </li></ul></ul></ul><ul><ul><ul><li>Injection </li></ul></ul></ul><ul><ul><ul><li>Cross-site Scripting Attacks </li></ul></ul></ul><ul><li>Compromised system jumps into another </li></ul>
  9. 9. Networking and Security <ul><li>The network component is the single most important aspect to security </li></ul><ul><li>Wireless is based on Radio transmission and reception – not bounded by wires </li></ul><ul><li>Some sort of encryption is thus required to protect open medium </li></ul><ul><li>Ethernet is also just about as insecure </li></ul>
  10. 10. Network Problems ctd <ul><li>Use encryption and authentication to control access to network </li></ul><ul><ul><li>WEP – Wired Equivalent Privacy </li></ul></ul><ul><ul><li>802.1X - using Public Key Cryptography </li></ul></ul><ul><ul><li>Mutually authenticating client and network </li></ul></ul>
  11. 11. Securing a Wireless Connection <ul><li>Three major strategies </li></ul><ul><ul><li>WEP – basic low security simple solution </li></ul></ul><ul><ul><li>VPN – use an encrypted tunnel assuming network is untrusted </li></ul></ul><ul><ul><li>802.1X family – Use PKI to encrypt seamlessly from client to access point </li></ul></ul><ul><ul><ul><li>Usually complex to implement but then seamless to user </li></ul></ul></ul><ul><ul><ul><li>Substantial investment in PKI </li></ul></ul></ul><ul><ul><li>Also vendor specific like Leap </li></ul></ul>
  12. 12. What about the wired network ? <ul><li>This is where the hackers kill you </li></ul><ul><li>Currently a “total trust” model </li></ul><ul><ul><li>You can ping HR database, or chairman's PC, or accounting system in Tokyo </li></ul></ul><ul><li>We assume anyone who can get in to our internal network is trusted – and well intentioned </li></ul><ul><li>Ethernet and TCP/IP is fundamentally insecure </li></ul>
  13. 13. VPN <ul><li>Extend the “internal” network space to clients in internet </li></ul><ul><li>Extends the security perimeter to the client </li></ul><ul><li>Main systems are PPTP – L2TP/IPSEC </li></ul>Internet Corporate Net in Reading Router C Router D Corporate Net or Client IP Tunnel Host A Host B
  14. 14. How the Architecture Can Prevent Attack Internet Redundant Routers Redundant Firewalls VLAN VLAN VLAN VLAN Redundant Internal Firewalls DNS & SMTP Client and Site VPN Infrastructure Network – Internal Active Directory INTERNAL Per imeter INTERNET BORDER VLAN VLAN Messaging Network – Exchange VLAN Management Network – MOM, deployment VLAN Client Network VLAN VLAN VLAN RADIUS Network Intranet Network - Web Servers Proxy Data Network – SQL Server Clusters Remote data center Infrastructure Network – Perimeter Active Directory VLAN NIC teams/2 switches NIC teams/2 switches Intrusion Detection .
  15. 15. How do I do it ? <ul><ul><li>A Flat DMZ Design to push intelligent inspection outwards </li></ul></ul><ul><ul><li>ISA layer 7 filtration – RPC – SMTP – HTTP - </li></ul></ul><ul><ul><li>Switches that act like firewalls </li></ul></ul><ul><ul><li>IPSec where required between servers </li></ul></ul><ul><ul><li>Group Policy to Manage Security </li></ul></ul><ul><ul><li>802.1X or VPN into ISA servers treating Wireless as Hostile </li></ul></ul><ul><ul><li>Internal IDS installed </li></ul></ul>Exchange Server TCP 443: HTTPS Stateful Packet Filtering Firewall Application Filtering Firewall (ISA Server) TCP 80: HTTP Internet TCP 443: HTTPS Or Wireless
  16. 16. Call To Action <ul><li>Take Action – your network transport is insecure </li></ul><ul><li>Read and use security operations guides for each technology you use </li></ul><ul><li>Mail me with questions – [email_address] </li></ul><ul><ul><li>If I didn’t want to talk to you I would put a fake address </li></ul></ul><ul><li>Use the free MS tools to establish a baseline and stay on it </li></ul><ul><li>Attack yourself – you will learn </li></ul>
  17. 17. ____________________________________________________________ Wherever you go – go securely !
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×