Lotus Domino
Building Rock Solid Security
                     Part - II


                           © Sanjaya Kumar Saxe...
Defining Security Policy
Basic Methodology
                                                                               ...
Know Your Business Needs
 Integrity, Accuracy and Safeguarding the Organization's Information Assets

 Availability of Cri...
Identify and Inventory Assets & Threats
 Assets
      Servers
      Applications
      Data


 DNSBL Queries
      DOS
   ...
Develop Security Policy
                          Risk Analysis helps develop Security Policy

                          E...
Develop Security Policy
                          Essential Processes:




                  Develop Monitoring Process   ...
Domino Security
Infrastructure Perspective




                             © Sanjaya Kumar Saxena
Domino Security Model
                                                                                        Network
    ...
Secure Messaging
E-mails by default travel in clear text over the network
E-mails are normally transported in plain text o...
Secure Mail Transmission
 Network Port Encryption
     Applicable in Domino Environment



 SMTP over SSL

 Transport Laye...
Network Port Encryption
 Admin Client > Configuration > Server > Set Up Port

                              By default the...
SMTP over SSL
Using SMTP over SSL, you can encrypt traffic between non-Domino servers over the
internet using port 465. Ho...
Transport Layer Security
Transport Layer Security (TLS) is similar to SMTP over SSL except that the encrypted session is
i...
Advanced Secure Mail Transmission
 Exchange Encrypted Messages

 Use Custom Solution




                                 ...
Exchange Encrypted Message




                             © Sanjaya Kumar Saxena
Custom Solution

       Partner
                                  Mail Servers                  Users
      Mail Server


...
SMTP Best Practice
       Access Control &
                                  Firewall                            Firewall
...
What is Spam?
 An abuse of Electronic Messaging to send Unsolicited Bulk messages (*wikipedia)

 Various Types:
     E-mai...
E-mail Spam
 Also known as Junk E-mail

 Unsolicited Bulk E-mail

 Comes in fancy wrappers

 Users Say:
     I can't defin...
Some Facts related to Spam
 Approx 200 billion Spam messages are generated per day

 About 80% of all spam is sent by fewe...
Spam-related Trends
 The following tables show the top10 domains Spammers used in 2008




                               ...
Spam-related Trends
 The following tables show the top10 Top Level domains Spammers used in 2008




                     ...
Spam-related Trends
 .CN seems to be on rise
     Applicable in Domino Environment

 More than 97% of Spam URLs are up for...
Spammer Techniques
 E-Mail Harvesting

 Mail Sender Spoofing

 E-Mail Validation

 Directory Attack

 Open Relay

 Friendl...
Avoiding Spam
 Avoiding becoming a target in the first place (best of all)

 Using an outside mail filtering service (Thir...
Preventing Spam
 Avoiding Spam
     User Education through E-mail, Security Policy
     Prevent “Harvesting”
           Cl...
Preventing Spam
 Blocking at Server and User Level
     Is used even after Third Party, to prevent “False Positives”
     ...
Preventing Spam
            Access Control &
                                       Firewall               Firewall
      ...
Preventing Spam
 Server-level Configurations
     Block Open Relays (Domino does it by default)
           Additional Rela...
Preventing Spam
 Server-level Mail Rules
     Computers need much more than..
           “I can’t define it, but I know wh...
Domino Domain Monitoring
Pre-configured monitoring capabilities via Single interface to view multiple servers
across domai...
DDM Security Probes
A probe is a discrete check, or set of checks, configured to run against one or more
servers, database...
DDM Web Probes

     WEB PROBE NAMES                           DESCRIPTION

                        Reviews Web server con...
Workstation Security
 Execution Control List
     Defines various actions allowed in:
           Notes Workstation
       ...
ECL

            has                                              has
 Notes DB         Signature                         ...
Sample ECL




             © Sanjaya Kumar Saxena
Access Control Mechanisms
 Notes ID File Management

 ACL and Groups




                            © Sanjaya Kumar Saxena
Notes ID Management
 Define a Naming Convention

 Define Storage and Back-up Mechanism
     Consider Password Recovery


 ...
How is ACL enforced?
 Direct user entry takes precedence over group membership

 Always the highest access level right app...
ACL Best Practices
 Anonymous access to database must be avoided

 ACL must be enforced consistently on all databases

 Ma...
Group Best Practices
 Hierarchical name of the user is always entered in a group

 Purpose should be clearly defined in th...
Recommended Groups
 DenyAccess

 AllowDBCreationOn<server>

 Administrator<server>




                             © Sanj...
Upcoming SlideShare
Loading in …5
×

Lotus Security Part II

1,802 views

Published on

Building Rock Solid Lotus Domino Security
Part II - Security Policy & Infrastructure Security

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,802
On SlideShare
0
From Embeds
0
Number of Embeds
48
Actions
Shares
0
Downloads
0
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Lotus Security Part II

  1. 1. Lotus Domino Building Rock Solid Security Part - II © Sanjaya Kumar Saxena
  2. 2. Defining Security Policy Basic Methodology Know Your Business Needs Identify and inventory assets and threats POLICY Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis eleifend ornare nisi, id pellentesque nunc luctus vitae. Proin erat sem, mattis sit amet dapibus pulvinar, tempus id diam. Morbi non nisl ante, vel euismod tortor. Curabitur rhoncus tellus a felis rutrum vel luctus erat laoreet. Nunc non lobortis Develop a policy for Operations, Monitoring & Upgrade turpis. Nam ultrices, nulla in sodales semper, turpis risus cursus orci, ac posuere mauris sapien quis diam. Phasellus gravida dapibus interdum. Aliquam erat volutpat. Donec eget massa vitae tortor faucibus congue sed sed justo. Curabitur elementum enim quis sem fringilla pulvinar. Proin sit amet augue sed urna euismod congue eget id mi. In elit nisi, of Infrastructure from Security perspective posuere non malesuada a, aliquam eget enim. Aenean scelerisque velit ut nisi consectetur a consequat magna viverra. Quisque vel lorem sit amet eros dignissim lobortis. Maece- nas quis nisl tortor, eu bibendum nunc. Fusce vitae felis ut tortor commodo tempus. Curabitur ligula lorem, blandit nec feugiat in, ultricies in nibh. Morbi iaculis eleifend porttitor. Cras eget purus diam. Quisque posuere accumsan felis vel tristique. Communicate Security Policy to Employees, including necessary training Enforce Policy Learn and Improve © Sanjaya Kumar Saxena
  3. 3. Know Your Business Needs Integrity, Accuracy and Safeguarding the Organization's Information Assets Availability of Critical Assets Lowering the Threats and Risks possible to the Information Assets Necessary confidentiality of the Critical Assets Regulatory Compliance as required by the Law of the Land © Sanjaya Kumar Saxena
  4. 4. Identify and Inventory Assets & Threats Assets Servers Applications Data DNSBL Queries DOS Unauthorized Access Risk Analysis Asset Threat Probability Impact Exposure=pxi © Sanjaya Kumar Saxena
  5. 5. Develop Security Policy Risk Analysis helps develop Security Policy Each policy must have a corresponding process POLICY PROCESS High Quality Passwords to Run dictionary attack once every month be used by every user Train new employees on how to create easy-to- remember quality passwords Configure Domino password policy POLICY Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis eleifend ornare nisi, id pellentesque nunc luctus vitae. Proin erat sem, mattis sit amet dapibus pulvinar, tempus id diam. Morbi non nisl ante, vel euismod tortor. Curabitur rhoncus tellus a felis rutrum vel luctus erat laoreet. Nunc non lobortis turpis. Nam ultrices, nulla in sodales semper, turpis risus cursus orci, ac posuere mauris sapien quis diam. Phasellus gravida dapibus interdum. Aliquam erat volutpat. Donec eget massa vitae tortor faucibus congue sed sed justo. Curabitur elementum enim quis sem fringilla pulvinar. Proin sit amet augue sed urna euismod congue eget id mi. In elit nisi, posuere non malesuada a, aliquam eget enim. Aenean scelerisque velit ut nisi consectetur a consequat magna viverra. Quisque vel lorem sit amet eros dignissim lobortis. Maece- nas quis nisl tortor, eu bibendum nunc. Fusce vitae felis ut tortor commodo tempus. Curabitur ligula lorem, blandit nec feugiat in, ultricies in nibh. Morbi iaculis eleifend porttitor. Cras eget purus diam. Quisque posuere accumsan felis vel tristique. © Sanjaya Kumar Saxena
  6. 6. Develop Security Policy Essential Processes: Develop Monitoring Process Develop Incident Develop Configuration Management Process Management Process POLICY Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis eleifend ornare nisi, id pellentesque nunc luctus vitae. Proin erat sem, mattis sit amet dapibus pulvinar, tempus id diam. Morbi non nisl ante, vel euismod tortor. Curabitur rhoncus tellus a felis rutrum vel luctus erat laoreet. Nunc non lobortis turpis. Nam ultrices, nulla in sodales semper, turpis risus cursus orci, ac posuere mauris sapien quis diam. Phasellus gravida dapibus interdum. Aliquam erat volutpat. Donec eget massa vitae tortor faucibus congue sed sed justo. Curabitur elementum enim quis sem fringilla pulvinar. Proin sit amet augue sed urna euismod congue eget id mi. In elit nisi, posuere non malesuada a, aliquam eget enim. Aenean scelerisque velit ut nisi consectetur a consequat magna viverra. Quisque vel lorem sit amet eros dignissim lobortis. Maece- nas quis nisl tortor, eu bibendum nunc. Fusce vitae felis ut tortor commodo tempus. Curabitur ligula lorem, blandit nec feugiat in, ultricies in nibh. Morbi iaculis eleifend porttitor. Cras eget purus diam. Quisque posuere accumsan felis vel tristique. © Sanjaya Kumar Saxena
  7. 7. Domino Security Infrastructure Perspective © Sanjaya Kumar Saxena
  8. 8. Domino Security Model Network Firewalls IPs SSL Work Station Server ECL Work Station Ports Java Applet OS Domino Server Servers Java Script Handling Patches ACL Services Access Privilege ACL Design Elements Documents Forms Encryption Key Views Reader/Author Field Folders Who can read this Fields Doc. © Sanjaya Kumar Saxena
  9. 9. Secure Messaging E-mails by default travel in clear text over the network E-mails are normally transported in plain text over the network including the internet. This makes e- mails vulnerable to packet sniffing. The simple way to protect e-mails being read on over the wire is to encrypt the mail traffic. Any standard sniffer can intercept mail contents By default, contents are also stored in clear text To prevent unauthorized access to e-mails from unauthorized access, it is a good idea to store encrypted e-mails rather then in clear text. © Sanjaya Kumar Saxena
  10. 10. Secure Mail Transmission Network Port Encryption Applicable in Domino Environment SMTP over SSL Transport Layer Security © Sanjaya Kumar Saxena
  11. 11. Network Port Encryption Admin Client > Configuration > Server > Set Up Port By default the communication between domino servers or between the notes client and domino server is in clear and therefore can be easily sniffed. Domino port encryption allows the network traffic to be encrypted. This is the best way to secure all in communication between Domino Servers & Notes Clients. © Sanjaya Kumar Saxena
  12. 12. SMTP over SSL Using SMTP over SSL, you can encrypt traffic between non-Domino servers over the internet using port 465. However, this is not the popular mechanism in use. © Sanjaya Kumar Saxena
  13. 13. Transport Layer Security Transport Layer Security (TLS) is similar to SMTP over SSL except that the encrypted session is initiated over the normal SMTP port i.e. 25. Most mailing server prefer to use TLS. Use ‘Enable’, TLS will be used when other server supports Enable SMTP over SSL © Sanjaya Kumar Saxena
  14. 14. Advanced Secure Mail Transmission Exchange Encrypted Messages Use Custom Solution © Sanjaya Kumar Saxena
  15. 15. Exchange Encrypted Message © Sanjaya Kumar Saxena
  16. 16. Custom Solution Partner Mail Servers Users Mail Server Hosts Partners’ Mailboxes Uses Directory Assistance Separate Domain Uses Partner ID hosted on Partner Mail Server Runs https Leverages New Mail Agent © Sanjaya Kumar Saxena
  17. 17. SMTP Best Practice Access Control & Firewall Firewall Firewall Dedicated SMTP/LPAP Mail Servers Anti-Spam Servers SMTP NRPC INTERNET Enable only SMTP Port SECURE Run only SMTP & NETWORK essential tasks Modify SMTP Server Greeting Use Different Domain Use Extended Directory © Sanjaya Kumar Saxena
  18. 18. What is Spam? An abuse of Electronic Messaging to send Unsolicited Bulk messages (*wikipedia) Various Types: E-mail Spam: Most Popular Search Engine Spam IM Spam Online Ads Forums, Blogs, Wiki, etc. © Sanjaya Kumar Saxena
  19. 19. E-mail Spam Also known as Junk E-mail Unsolicited Bulk E-mail Comes in fancy wrappers Users Say: I can't define it, but I know it when I see it We don’t want it, Users don’t want it … but we still get it … © Sanjaya Kumar Saxena
  20. 20. Some Facts related to Spam Approx 200 billion Spam messages are generated per day About 80% of all spam is sent by fewer than 200 spammers 2008 was one of the Lucky years, One ISP (McColo) shutdown brought the SPAM e-mail down by around 50% Only that this was short lived ! © Sanjaya Kumar Saxena
  21. 21. Spam-related Trends The following tables show the top10 domains Spammers used in 2008 © Sanjaya Kumar Saxena
  22. 22. Spam-related Trends The following tables show the top10 Top Level domains Spammers used in 2008 © Sanjaya Kumar Saxena
  23. 23. Spam-related Trends .CN seems to be on rise Applicable in Domino Environment More than 97% of Spam URLs are up for a week or less Random.com © Sanjaya Kumar Saxena
  24. 24. Spammer Techniques E-Mail Harvesting Mail Sender Spoofing E-Mail Validation Directory Attack Open Relay Friendly ISPs (Remember McColo case) Fake Received Header Phishing © Sanjaya Kumar Saxena
  25. 25. Avoiding Spam Avoiding becoming a target in the first place (best of all) Using an outside mail filtering service (Third Party) Dealing with spam internally at the server and/or user level © Sanjaya Kumar Saxena
  26. 26. Preventing Spam Avoiding Spam User Education through E-mail, Security Policy Prevent “Harvesting” Clear distinction while using Official / Personal e-mail ID Avoid your web pages being indexed by search engines Create Free / Temp e-mail addresses and discard after usage Third Party As Software (Trend Micro, Symantec …) As Hardware (Ironport, Baracuda …) As Service (Postini, Yahoo …) Most appealing but Possible issues Availability, TCO and Control © Sanjaya Kumar Saxena
  27. 27. Preventing Spam Blocking at Server and User Level Is used even after Third Party, to prevent “False Positives” Prevents Mail Clutter Primarily achieved through Better Architecture Server Configurations Mail Rules Need to understand Load patterns © Sanjaya Kumar Saxena
  28. 28. Preventing Spam Access Control & Firewall Firewall Firewall THE ENTERPRISE Dedicated SMTP/LPAP INTERNET Mail Servers Anti-Spam Servers Users Spam Mail Percentage Reduction © Sanjaya Kumar Saxena
  29. 29. Preventing Spam Server-level Configurations Block Open Relays (Domino does it by default) Additional Relay Controls in Server Configuration Document Use in-bound intended recipients Verify that Local Domain recipient exists in the Domino directory Address Look-up: Full Name only Whitelist and Blacklist Control Inbound Connection Controls (Reverse DNS Look-up), Server Controls Mailbox Configuration - Held/Dead Messages Logging Level Use Extended SMTP Commands SSL is a good option © Sanjaya Kumar Saxena
  30. 30. Preventing Spam Server-level Mail Rules Computers need much more than.. “I can’t define it, but I know when I see it.” You need to define it Identify Patterns Mail and User Behavior Check logs regularly Keep abreast with latest trends © Sanjaya Kumar Saxena
  31. 31. Domino Domain Monitoring Pre-configured monitoring capabilities via Single interface to view multiple servers across domains. © Sanjaya Kumar Saxena
  32. 32. DDM Security Probes A probe is a discrete check, or set of checks, configured to run against one or more servers, databases, and services. The probe returns status and server health information to DDM.NSF SECURITY PROBE DESCRIPTION Compares a set of baseline security configuration settings to the same settings in a domain. This probe is a "Best Practices" security audit of the domain. Best Practices Note To create your own Best Practices probe, modify the security configuration settings on the Specifics tab. Compares settings in a specific Server document to settings in a Configuration specified "good" Server document. Any discrepancy generates an event. Monitors the access control privileges that groups and individuals Database ACL have in specified databases on the server running the probe. You designate the acceptable access levels on the Specifics tab. Reviews the security properties for a specified database and Database Review generates a report on the probe findings. Generates a report on the security settings specified in the Specifics tab of the Probe document. You have the option of Review selecting the "Directory Profile Note" and the "Security settings in my configuration document" options if you want the settings in those documents reviewed by the probe. © Sanjaya Kumar Saxena
  33. 33. DDM Web Probes WEB PROBE NAMES DESCRIPTION Reviews Web server configuration values on specified servers Best Practices against a set of predefined values. Performs a comparison of Web server configuration values on Configuration specified servers against the same values for a known good server or guideline server. © Sanjaya Kumar Saxena
  34. 34. Workstation Security Execution Control List Defines various actions allowed in: Notes Workstation Java Applets Java Script © Sanjaya Kumar Saxena
  35. 35. ECL has has Notes DB Signature User ECL has corresponds to ECL Signature Policy enforces uniform ECL © Sanjaya Kumar Saxena
  36. 36. Sample ECL © Sanjaya Kumar Saxena
  37. 37. Access Control Mechanisms Notes ID File Management ACL and Groups © Sanjaya Kumar Saxena
  38. 38. Notes ID Management Define a Naming Convention Define Storage and Back-up Mechanism Consider Password Recovery Define default password generation method Define ID file distribution mechanism © Sanjaya Kumar Saxena
  39. 39. How is ACL enforced? Direct user entry takes precedence over group membership Always the highest access level right applies All the roles and access flags are added for all matching entries User is listed as author with delete option and listed as editor without delete he will be able to delete all documents © Sanjaya Kumar Saxena
  40. 40. ACL Best Practices Anonymous access to database must be avoided ACL must be enforced consistently on all databases Maximum default rights to address book should be set to author with all other rights and roles removed © Sanjaya Kumar Saxena
  41. 41. Group Best Practices Hierarchical name of the user is always entered in a group Purpose should be clearly defined in the group document Access level code (M-Manager, D-Designer, E-Editor, A-Author, R-Reader, and P-Depositor) must be part of the group name as the first letter of the name While assigning the ACL, the appropriate user type must be selected While creating, moving, or deleting a user, updates in the appropriate groups are always made. Similar care is taken for servers also. Add LocalDomainServers with full access to all databases to ensure correct replication Manager with all roles enabled Add LocalDomainAdmins with full rights and roles for support and troubleshooting © Sanjaya Kumar Saxena
  42. 42. Recommended Groups DenyAccess AllowDBCreationOn<server> Administrator<server> © Sanjaya Kumar Saxena

×