SlideShare a Scribd company logo

Wcf Overview

A
Amit Narula

WCF Basics and Security overview WCF Overview. WCF security model. Attacks and countermeasures. (If Time Permits) WCF exposes endpoints for clients and services to exchange messages. WCF uses addresses, bindings and contracts (ABC model). Bindings specify protocols, encodings and security. The security model includes transfer security modes (none, transport, message, mixed, both) and credentials (Windows, username/password, certificates, tokens). Common attacks include information disclosure, elevation of privilege, denial of service, and tampering. Countermeasures include configuration, authorization and message inspection.

TechnologyBusiness
1 of 22
Download to read offline
WCF Basics and Security overview Yaron Hakon Application Security Consultant 2Bsecure yaron@2bsecure.co.il WCFWCF Agenda.Agenda. •• WCF Overview.WCF Overview. • WCF Security model. • Attacks and countermeasures. (If Time Permits)
WCF is.WCF is. • WCF services expose endpoints that clients and services use to exchange messages. Call CenterCall Center Asp.netAsp.net AppApp MOBILE EMPLOYEESMOBILE EMPLOYEES -- JAVAJAVA CUSTOMERSCUSTOMERS -- ApplicationApplication VARIOUS PLATFORMSVARIOUS PLATFORMS The Imperative to ConnectThe Imperative to Connect J2EE APP SERVER J2E APP OTHERS .NET framework ExistingExisting J2EE ApplicationJ2EE ApplicationMOBILEMOBILE EMPLOYEE APPEMPLOYEE APP .NET framework IDM HTTPHTTP HTTPSHTTPSTCPTCPIPIP WSE .. .. .. ..WSE .. .. .. .. Enterprise Services
Windows Communication FoundationWindows Communication Foundation INTEROPERABILITY PRODUCTIVITY SERVICE-ORIENTED DEVELOPMENT • Unifies today’s distributed technologies • Visual Studio 2005 integration • loosely-coupled services • Config-based communication
WSWS--* Protocol Support* Protocol Support XMLXML MessagingMessaging SecuritySecurity TransactionsTransactionsReliableReliable MessagingMessaging MetadataMetadata WCFWCF –– A B CA B C •• A ServiceA Service EndpointEndpoint has anhas an AddressAddress, a, a BindingBinding, and a, and a ContractContract (ABC).(ABC). •• AnAn AddressAddress is a network address indicatesis a network address indicates wherewhere the service isthe service is located.located. •• AA BindingBinding specifiesspecifies howhow a client can communicate with thea client can communicate with the endpoint including transport protocol, encoding, and securityendpoint including transport protocol, encoding, and security requirements.requirements. •• AA ContractContract identifiesidentifies whatwhat operations are available to the clients.operations are available to the clients. ClientClient ServiceService AABBCC AddressAddress Where?Where? ContractContract What?What? BindingBinding How?How? CCBBAA CCBBAA CCBBAA
WCF Run Time WCFWCF –– Architecture & channel stackArchitecture & channel stack Configuration: Bindings: Protocol Encoding Transport Security Dispatcher Send incoming requestChannel Stack Service Interface Method A Method B WCF Service code .Net Assembly contract Data, Message, Service contracts …. Client Code Channel Stack Proxy Class A B Protocol Reliability Security Protocol Reliability Security C B A( address) Understanding Bindings optionUnderstanding Bindings option • Protocols: • Security, Reliable messaging capability, Transaction . • Encoding: • Xml Text, MTOM, Binary. • Transport: • TCP, HTTP/S, Name Pipes , Custom.
Binding Transport Encoding security transaction Interopera- BasicHttpBinding Https text None, Transport, Message, Mixed no WS-I WSHttpBinding Https textMTO M None, Transport, Message, Mixed yes WS-* WSDualHttpBinding Http textMTO M None, Message yes WS-* WSFederationBinding None, Message, Mixed yes WSF NetTcpBinding TCP Binary None, Transport, Message, Mixed no .NET NetPeerTcpBinding P2P Binary None, Message, Transport, Mixed yes Peer NetNamedPipeBinding IPC Binary None, Transport yes .NET NetMsmqBinding MSMQ Binary None, Message, Transport Both yes .NET MsmqIntegrationBinding MSMQ Binary None, Transport yes MSMQ Understanding Standard BindingsUnderstanding Standard Bindings System.ServiceModel namespace includes the fallowing predefined Bindings: 1.Building1.Building WindowsWindows CommunicationCommunication FoundationFoundation ServiceService
WCFWCF -- HostingHosting • User Application - Custom host app. • IIS host (WS). • Window service app. • + IIS version 7.0, - Windows Activation Services - WAS. • Configuration Sharing. • Application pool – Sandboxing • Support for non-HTTP transport protocols • Read more :http://msdn2.microsoft.com/en- us/library/ms733109.aspx Self Host.Self Host. • configure the endpoints… • Add endpoint information for the Web service in App.config . • Address (httphttps…. ) • Binding • Contract • create listener objects for each address. • listening for requests : productsServiceHost.Open(); Close()
IIS HostIIS Host • Project assemblies are built in the bin folder. • Add a service definition file – svc (name of the class that IIS will execute and the name of the assembly holding this class ). • Add endpoint information for the Web service in Web.config . • Address (iis and SVC address ) • Binding • Contract • Deploy the service in iis • Add new site for the service. 2.Building2.Building Self Host For WCFSelf Host For WCF ServiceService
3.Hosting WCF Service3.Hosting WCF Service in IISin IIS Consuming WCF ServiceConsuming WCF Service • Select preferred client. • Service Reference. • Configuration - ABC • Consume.
4.Consuming WCF service4.Consuming WCF service from console applicationfrom console application Good to knowGood to know • Multiple Service Endpoint. • Expose Service in different endPoint for different Clients. • Configuring Service Instance Context Modes: • [ServiceBehavior(InstanceContextMode = InstanceContextMode.PerSession)] • PerSession :open new session for etch client, close the session when client abort. • Default (max-10 connection) , Cant share data between service instance. • PerCall- create new instance etch time the client invokes an operation and the service close after the call finish. • Hard to implement state. • Single – open one instant of the service for all. • Open in the first time service call come. Close by the server. • Sharing Data between +- ? . • Using MSMQ and Transaction.
5.Consuming WCF service in5.Consuming WCF service in self host With 2 endpoint fromself host With 2 endpoint from different clients.different clients. console application &console application & ASP.netASP.net Agenda.Agenda. • WCF Overview. •• WCF Security model.WCF Security model. • Attacks and countermeasures. (If Time Permits)
security in every WCF operation callsecurity in every WCF operation call • Service contract • Operation contract- Fault contract • sc behavior- Client credentials, Service credentials.Client credentials, Service credentials. • Operation behavior • Host configuration • Method configuration and code • Proxy configuration • Binding configuration- [ServiceContract (ProtectionLevel = ProtectionLevel.Sign)] public interface IMyContract { [OperationContract] void SignMethod(…); } [OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)] void EncryptAndSignMethod(…); } [ServiceContract (ProtectionLevel = ProtectionLevel.Sign)] public interface IMyContract { [OperationContract] void SignMethod(…); } [OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)] void EncryptAndSignMethod(…); } Transfer security ConceptsTransfer security Concepts • Message integrity. • Tampering. • Message privacy. • Sensitive data. • Confidentiality. • mutual authentication. • Client server Authentication. • Replay attacks. • Denial of service attacks.
Transfer security modesTransfer security modes • None. • No client credentials are provided to the service. • Clear Text Messages over non secure Transport layer. • Transport security - integrity, privacy, and mutual authentication. • Secure transport protocols - https, tcp, ipc ,msmq. point-to-point, • all communication on the channel encrypted. • client's credentials are encrypted along with the rest of the message, • Message security- integrity, privacy, and mutual authentication. • encrypts the message itself. • end-to-end security. • communicate securely over nonsecure transports. • Mixed. • Transport security for message integrity , privacy & service authentication. • Message security for securing the client credentials. • point-to-point security. • Both - integrity, privacy, and mutual authentication. • both Transport security and Message security Explain the Mode scenarioExplain the Mode scenario -- TransportTransport • Encrypts the entire message • Sender must trust all intermediaries • Restricts protocols that can be used SSL SecuritySSL Security SSL SecuritySSL Security
Explain the Mode scenario MessageExplain the Mode scenario Message Security ContextSecurity Context •End to end message security independent of transport •Supports multiple protocols and multiple encryption technologies •Encrypt only parts of the message Transfer Security Mode • Bindings. Programmatically or Administratively. Binding None Transport Message Mixed Both BasicHttpBinding Y (default) Y Y Y N NetTcpBinding Y Y (default) Y Y N NetPeerTcpBinding Y Y (default) Y Y N NetNamedPipeBinding Y Y (default) N N N NetMsmqBinding Y Y (default) Y N Y WSHttpBinding Y Y Y (default) yes N WSFederationBinding Y N Y (default) yes N WSDualHttpBinding Y N Y (default) N N
Programmatically securing the basic binding BasicHttpBinding binding2 = new BasicHttpBinding( ); binding2.Security.Mode = BasicHttpSecurityMode.Message; Administratively securing the basic binding <bindings> <basicHttpBinding> <binding name = "SecuredBasic"> <security mode = "Message"> </security> </binding> </basicHttpBinding> </bindings>
••6. Use of transfer security6. Use of transfer security –– basicHttpBindingbasicHttpBinding -->>>> WSHttpBinding. WCF Trace view with Microsoft serviceWCF Trace view with Microsoft service Trace Viewer.Trace Viewer. Before and afterBefore and after Transport Security and CredentialsTransport Security and Credentials • WCF lets you select from a number of possible client credentials types. • NTLM or Kerberos • classic username and password. • Windows security token. • X509 certificate, • Anonymous.
Transport security client credentialsTransport security client credentials • WCF lets you select from a number of possible client credentials types. Binding None Windows UserName Certificate BasicHttpBinding Y (default) Y Y Y NetTcpBinding Y Y (default) N Y NetPeerTcpBinding N N Y (default) Y NetNamedPipeBinding N Y (default) N N NetMsmqBinding Y Y (default) Y N WSHttpBinding Y Y (default) Y Y WSFederationBinding N/A N/A N/A N/A WSDualHttpBinding N/A N/A N/A N/A Message Security and CredentialsMessage Security and Credentials • The same type of credentials as with Transport security. • + Issued token credential type. • http://msdn2.microsoft.com/en-us/library/ms731161.aspx
Message Security and CredentialsMessage Security and Credentials Binding None Windows UserName Certificate Token BasicHttpBinding N N N Y N NetTcpBinding Y Y (default) Y Y Y NetPeerTcpBinding N/A N/A N/A N/A N/A NetNamedPipeBinding N/A N/A N/A N/A N/A NetMsmqBinding Y Y (default) Y Y Y WSHttpBinding Y Y (default) Y Y Y WSFederationBinding N/A N/A N/A N/A N/A WSDualHttpBinding Y Y (default) Y Y Y AuthenticationAuthentication AuthorizationAuthorization • Authentication: • ASP.NET Membership Provider • Custom Username and Password Validator • Identity and Authentication • Authorization • Restrict Access With the PrincipalPermissionAttribute • ASP.NET Role Provider with a Service • ASP.NET Authorization Manager Role Provider with a Service • Claims and Authorization with the Identity Model • Delegation and Impersonation
••7.Implement Message security7.Implement Message security –– netTcpBinding. 8.Using X509 certificate unable https communication to service.- server authentication ••9.Implement Authorization9.Implement Authorization –– usingusing PrincipalPermission.
WCF Relevant AttacksWCF Relevant Attacks • Information Disclosure • Http Headers. Metadata , logs/exception . Authentication / Authorization • Elevation of Privilege • Check Authorization, Token Caches. • Denial of Service • Memory Consumption, max Secure Session. • Tampering • WS Addressing. • Replay Attacks • WS Addressing , transport security. ??
SummarySummary •• WCF Overview.WCF Overview. •• Unified existing technology .Unified existing technology . •• Standards wide support.Standards wide support. •• WCF Security model.WCF Security model. •• Security by default.Security by default. •• Can be done using configurationCan be done using configurationcode.code. •• CredentialsCredentials –– X509, SAML, Kerberos, Card Spaces, custom.X509, SAML, Kerberos, Card Spaces, custom. •• WCF countermeasures for common attack vectors.WCF countermeasures for common attack vectors. •• MissMiss -- configuration can lead to vulnerability exposureconfiguration can lead to vulnerability exposure .. •• Read more bout WCF Attacks from the references.Read more bout WCF Attacks from the references. ReferencesReferences • Books • Microsoft Windows Communication Foundation Step by StepbyJohn Sharp. • MSDN: • WCF Home - http://msdn2.microsoft.com/en- us/library/ms735119.aspx • Security programming - http://msdn2.microsoft.com/en- us/library/ms731925.aspx • Card space - http://cardspace.netfx3.com/ • Blogs • Message inspector - http://msmvps.com/blogs/paulomorgado/archive/2007/04/27 /wcf-building-an-http-user-agent-message-inspector.aspx • WCF Security - http://blogs.msdn.com/alikl/archive/2007/07/26/wcf-security- in-intranet-scenario-thoughts-on-cons-and-pros.as • User group. • UG Page: http://www.microsoft.com/israel/communities/usergroups/se curedev.mspx • UG Presentation Page: http://www.2bsecure.co.il/NetSecGroup.aspx
Thank you !Thank you ! Yaron Hakon Application Security Consultant 2Bsecure yaron@2bsecure.co.il

Recommended

Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
SSL247®
 
Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...
Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...
Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...
WSO2
 
Apache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatApache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and Tomcat
Jean-Frederic Clere
 
Introduction to EMQ
Introduction to EMQIntroduction to EMQ
Introduction to EMQ
EMQ
 
ops300 Week9 feedback
ops300 Week9 feedbackops300 Week9 feedback
ops300 Week9 feedback
trayyoo
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Michael Man
 
Grizzly Comet Aquarium Paris
Grizzly Comet Aquarium ParisGrizzly Comet Aquarium Paris
Grizzly Comet Aquarium Paris
Alexis Moussine-Pouchkine
 
Kubernetes networking - basics
Kubernetes networking - basicsKubernetes networking - basics
Kubernetes networking - basics
Juraj Hantak
 

Recommended

Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
SSL247®
 
Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...
Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...
Taking Your Enterprise to the Next Level with WSO2 Message Broker and WSO2 En...
WSO2
 
Apache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and TomcatApache httpd reverse proxy and Tomcat
Apache httpd reverse proxy and Tomcat
Jean-Frederic Clere
 
Introduction to EMQ
Introduction to EMQIntroduction to EMQ
Introduction to EMQ
EMQ
 
ops300 Week9 feedback
ops300 Week9 feedbackops300 Week9 feedback
ops300 Week9 feedback
trayyoo
 
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...
Michael Man
 
Grizzly Comet Aquarium Paris
Grizzly Comet Aquarium ParisGrizzly Comet Aquarium Paris
Grizzly Comet Aquarium Paris
Alexis Moussine-Pouchkine
 
Kubernetes networking - basics
Kubernetes networking - basicsKubernetes networking - basics
Kubernetes networking - basics
Juraj Hantak
 
Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5
Digicomp Academy AG
 
Advanced Tools and Techniques for Troubleshooting NetScaler Appliances
Advanced Tools and Techniques for Troubleshooting NetScaler AppliancesAdvanced Tools and Techniques for Troubleshooting NetScaler Appliances
Advanced Tools and Techniques for Troubleshooting NetScaler Appliances
David McGeough
 
Docker and Fargate
Docker and FargateDocker and Fargate
Docker and Fargate
Shinji Miyazato
 
Pub/Sub Messaging
Pub/Sub MessagingPub/Sub Messaging
Pub/Sub Messaging
Peter Hanzlik
 
Introduction to EMQ X Enterprise
Introduction to EMQ X EnterpriseIntroduction to EMQ X Enterprise
Introduction to EMQ X Enterprise
EMQ
 
New Tools and Interfaces for Managing IBM MQ
New Tools and Interfaces for Managing IBM MQNew Tools and Interfaces for Managing IBM MQ
New Tools and Interfaces for Managing IBM MQ
Matt Leming
 
Bridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack NetworkingBridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack Networking
markmcclain
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
Javan Rasokat
 
Scaling MQTT - Webinar with Elastic Beam
Scaling MQTT - Webinar with Elastic BeamScaling MQTT - Webinar with Elastic Beam
Scaling MQTT - Webinar with Elastic Beam
Dominik Obermaier
 
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
markmcclain
 
Apache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyApache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse Proxy
Jim Jagielski
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
Jerome Smith
 
Introduction to MQTT
Introduction to MQTTIntroduction to MQTT
Introduction to MQTT
EMQ
 
javanetworking
javanetworkingjavanetworking
javanetworking
Arjun Shanka
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
Dominik Obermaier
 
EMQ Company Deck
EMQ Company DeckEMQ Company Deck
EMQ Company Deck
EMQ
 
Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies
Kuniyasu Suzaki
 
Neutron VEB Plugin
Neutron VEB PluginNeutron VEB Plugin
Neutron VEB Plugin
BIM
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0
Philippe Bogaerts
 
Advanced Netscaler Customizations-BriForum 2011
Advanced Netscaler Customizations-BriForum 2011Advanced Netscaler Customizations-BriForum 2011
Advanced Netscaler Customizations-BriForum 2011
shoesing
 
IST 561 Introduction
IST 561 IntroductionIST 561 Introduction
IST 561 Introduction
D.A. Garofalo
 
Summer 2010 Newsletter
Summer 2010 NewsletterSummer 2010 Newsletter
Summer 2010 Newsletter
rsumrell
 

More Related Content

What's hot

Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5
Digicomp Academy AG
 
Advanced Tools and Techniques for Troubleshooting NetScaler Appliances
Advanced Tools and Techniques for Troubleshooting NetScaler AppliancesAdvanced Tools and Techniques for Troubleshooting NetScaler Appliances
Advanced Tools and Techniques for Troubleshooting NetScaler Appliances
David McGeough
 
Docker and Fargate
Docker and FargateDocker and Fargate
Docker and Fargate
Shinji Miyazato
 
Pub/Sub Messaging
Pub/Sub MessagingPub/Sub Messaging
Pub/Sub Messaging
Peter Hanzlik
 
Introduction to EMQ X Enterprise
Introduction to EMQ X EnterpriseIntroduction to EMQ X Enterprise
Introduction to EMQ X Enterprise
EMQ
 
New Tools and Interfaces for Managing IBM MQ
New Tools and Interfaces for Managing IBM MQNew Tools and Interfaces for Managing IBM MQ
New Tools and Interfaces for Managing IBM MQ
Matt Leming
 
Bridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack NetworkingBridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack Networking
markmcclain
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
Javan Rasokat
 
Scaling MQTT - Webinar with Elastic Beam
Scaling MQTT - Webinar with Elastic BeamScaling MQTT - Webinar with Elastic Beam
Scaling MQTT - Webinar with Elastic Beam
Dominik Obermaier
 
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
markmcclain
 
Apache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyApache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse Proxy
Jim Jagielski
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
Jerome Smith
 
Introduction to MQTT
Introduction to MQTTIntroduction to MQTT
Introduction to MQTT
EMQ
 
javanetworking
javanetworkingjavanetworking
javanetworking
Arjun Shanka
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
Dominik Obermaier
 
EMQ Company Deck
EMQ Company DeckEMQ Company Deck
EMQ Company Deck
EMQ
 
Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies
Kuniyasu Suzaki
 
Neutron VEB Plugin
Neutron VEB PluginNeutron VEB Plugin
Neutron VEB Plugin
BIM
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0
Philippe Bogaerts
 
Advanced Netscaler Customizations-BriForum 2011
Advanced Netscaler Customizations-BriForum 2011Advanced Netscaler Customizations-BriForum 2011
Advanced Netscaler Customizations-BriForum 2011
shoesing
 

What's hot (20)

Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5
 
Advanced Tools and Techniques for Troubleshooting NetScaler Appliances
Advanced Tools and Techniques for Troubleshooting NetScaler AppliancesAdvanced Tools and Techniques for Troubleshooting NetScaler Appliances
Advanced Tools and Techniques for Troubleshooting NetScaler Appliances
 
Docker and Fargate
Docker and FargateDocker and Fargate
Docker and Fargate
 
Pub/Sub Messaging
Pub/Sub MessagingPub/Sub Messaging
Pub/Sub Messaging
 
Introduction to EMQ X Enterprise
Introduction to EMQ X EnterpriseIntroduction to EMQ X Enterprise
Introduction to EMQ X Enterprise
 
New Tools and Interfaces for Managing IBM MQ
New Tools and Interfaces for Managing IBM MQNew Tools and Interfaces for Managing IBM MQ
New Tools and Interfaces for Managing IBM MQ
 
Bridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack NetworkingBridges and Tunnels a Drive Through OpenStack Networking
Bridges and Tunnels a Drive Through OpenStack Networking
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
 
Scaling MQTT - Webinar with Elastic Beam
Scaling MQTT - Webinar with Elastic BeamScaling MQTT - Webinar with Elastic Beam
Scaling MQTT - Webinar with Elastic Beam
 
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
OpenStack Paris Summit: Bridges and Tunnels: A Drive Through OpenStack Networ...
 
Apache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse ProxyApache httpd 2.4 Reverse Proxy
Apache httpd 2.4 Reverse Proxy
 
SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)SSL Checklist for Pentesters (BSides MCR 2014)
SSL Checklist for Pentesters (BSides MCR 2014)
 
Introduction to MQTT
Introduction to MQTTIntroduction to MQTT
Introduction to MQTT
 
javanetworking
javanetworkingjavanetworking
javanetworking
 
Securing MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slidesSecuring MQTT - BuildingIoT 2016 slides
Securing MQTT - BuildingIoT 2016 slides
 
EMQ Company Deck
EMQ Company DeckEMQ Company Deck
EMQ Company Deck
 
Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies
 
Neutron VEB Plugin
Neutron VEB PluginNeutron VEB Plugin
Neutron VEB Plugin
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0
 
Advanced Netscaler Customizations-BriForum 2011
Advanced Netscaler Customizations-BriForum 2011Advanced Netscaler Customizations-BriForum 2011
Advanced Netscaler Customizations-BriForum 2011
 

Viewers also liked

IST 561 Introduction
IST 561 IntroductionIST 561 Introduction
IST 561 Introduction
D.A. Garofalo
 
Summer 2010 Newsletter
Summer 2010 NewsletterSummer 2010 Newsletter
Summer 2010 Newsletter
rsumrell
 
IST 561, Spring 2009--Session11, Libraries, the future, and the final
IST 561, Spring 2009--Session11, Libraries, the future, and the finalIST 561, Spring 2009--Session11, Libraries, the future, and the final
IST 561, Spring 2009--Session11, Libraries, the future, and the final
D.A. Garofalo
 
IST 561 Spring 2009--Session6, Information Literacy and Web Site Evaluation
IST 561 Spring 2009--Session6, Information Literacy and Web Site EvaluationIST 561 Spring 2009--Session6, Information Literacy and Web Site Evaluation
IST 561 Spring 2009--Session6, Information Literacy and Web Site Evaluation
D.A. Garofalo
 
IST561 Spring 2009--Session8, Java and JavaScript: the bare basics
IST561 Spring 2009--Session8, Java and JavaScript: the bare basicsIST561 Spring 2009--Session8, Java and JavaScript: the bare basics
IST561 Spring 2009--Session8, Java and JavaScript: the bare basics
D.A. Garofalo
 
IST 561 Spring 2007--Session7, Sources of Information
IST 561 Spring 2007--Session7, Sources of InformationIST 561 Spring 2007--Session7, Sources of Information
IST 561 Spring 2007--Session7, Sources of Information
D.A. Garofalo
 
IST 561 Session10, Spring 2009--Student Projects and Presentations
IST 561 Session10, Spring 2009--Student Projects and PresentationsIST 561 Session10, Spring 2009--Student Projects and Presentations
IST 561 Session10, Spring 2009--Student Projects and Presentations
D.A. Garofalo
 

Viewers also liked (7)

IST 561 Introduction
IST 561 IntroductionIST 561 Introduction
IST 561 Introduction
 
Summer 2010 Newsletter
Summer 2010 NewsletterSummer 2010 Newsletter
Summer 2010 Newsletter
 
IST 561, Spring 2009--Session11, Libraries, the future, and the final
IST 561, Spring 2009--Session11, Libraries, the future, and the finalIST 561, Spring 2009--Session11, Libraries, the future, and the final
IST 561, Spring 2009--Session11, Libraries, the future, and the final
 
IST 561 Spring 2009--Session6, Information Literacy and Web Site Evaluation
IST 561 Spring 2009--Session6, Information Literacy and Web Site EvaluationIST 561 Spring 2009--Session6, Information Literacy and Web Site Evaluation
IST 561 Spring 2009--Session6, Information Literacy and Web Site Evaluation
 
IST561 Spring 2009--Session8, Java and JavaScript: the bare basics
IST561 Spring 2009--Session8, Java and JavaScript: the bare basicsIST561 Spring 2009--Session8, Java and JavaScript: the bare basics
IST561 Spring 2009--Session8, Java and JavaScript: the bare basics
 
IST 561 Spring 2007--Session7, Sources of Information
IST 561 Spring 2007--Session7, Sources of InformationIST 561 Spring 2007--Session7, Sources of Information
IST 561 Spring 2007--Session7, Sources of Information
 
IST 561 Session10, Spring 2009--Student Projects and Presentations
IST 561 Session10, Spring 2009--Student Projects and PresentationsIST 561 Session10, Spring 2009--Student Projects and Presentations
IST 561 Session10, Spring 2009--Student Projects and Presentations
 

Similar to Wcf Overview

07 advanced topics
07 advanced topics07 advanced topics
07 advanced topics
Bat Programmer
 
Windows Communication Foundation (WCF)
Windows Communication Foundation (WCF)Windows Communication Foundation (WCF)
Windows Communication Foundation (WCF)
Betclic Everest Group Tech Team
 
WCF Security, FSec
WCF Security, FSecWCF Security, FSec
WCF Security, FSec
Ante Gulam
 
WCF tutorial
WCF tutorialWCF tutorial
WCF tutorial
Abhi Arya
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
VMworld
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
VMworld
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
Priti Desai
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
SDN Hub
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
SDN Hub
 
Wcf
WcfWcf
Wcf
Anand Kumar Rajana
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
CodeOps Technologies LLP
 
5G Core Network - ZTE 5g Cloude ServCore
5G Core Network - ZTE 5g Cloude ServCore5G Core Network - ZTE 5g Cloude ServCore
5G Core Network - ZTE 5g Cloude ServCore
ITU
 
(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...
(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...
(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...
Amazon Web Services
 
WCF
WCFWCF
WCF
Duy Do Phan
 
What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your Microservices
Matt Turner
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
VMUG IT
 
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Jorgen Thelin
 
Windows communication foundation ii
Windows communication foundation iiWindows communication foundation ii
Windows communication foundation ii
Swamy Gowtham
 
Testing the limits of cloud networks
Testing the limits of cloud networksTesting the limits of cloud networks
Testing the limits of cloud networks
PLUMgrid
 
A presentation on WCF & REST
A presentation on WCF & RESTA presentation on WCF & REST
A presentation on WCF & REST
Santhu Rao
 

Similar to Wcf Overview (20)

07 advanced topics
07 advanced topics07 advanced topics
07 advanced topics
 
Windows Communication Foundation (WCF)
Windows Communication Foundation (WCF)Windows Communication Foundation (WCF)
Windows Communication Foundation (WCF)
 
WCF Security, FSec
WCF Security, FSecWCF Security, FSec
WCF Security, FSec
 
WCF tutorial
WCF tutorialWCF tutorial
WCF tutorial
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 
Secure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrailSecure Multi Tenant Cloud with OpenContrail
Secure Multi Tenant Cloud with OpenContrail
 
Understanding network and service virtualization
Understanding network and service virtualizationUnderstanding network and service virtualization
Understanding network and service virtualization
 
Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015Network and Service Virtualization tutorial at ONUG Spring 2015
Network and Service Virtualization tutorial at ONUG Spring 2015
 
Wcf
WcfWcf
Wcf
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
 
5G Core Network - ZTE 5g Cloude ServCore
5G Core Network - ZTE 5g Cloude ServCore5G Core Network - ZTE 5g Cloude ServCore
5G Core Network - ZTE 5g Cloude ServCore
 
(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...
(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...
(SDD302) A Tale of One Thousand Instances - Migrating from Amazon EC2-Classic...
 
WCF
WCFWCF
WCF
 
What is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your MicroservicesWhat is a Service Mesh and what can it do for your Microservices
What is a Service Mesh and what can it do for your Microservices
 
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della SicurezzaNSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
NSX: La Virtualizzazione di Rete e il Futuro della Sicurezza
 
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
Overview of Windows Vista Devices and Windows Communication Foundation (WCF)
 
Windows communication foundation ii
Windows communication foundation iiWindows communication foundation ii
Windows communication foundation ii
 
Testing the limits of cloud networks
Testing the limits of cloud networksTesting the limits of cloud networks
Testing the limits of cloud networks
 
A presentation on WCF & REST
A presentation on WCF & RESTA presentation on WCF & REST
A presentation on WCF & REST
 

Recently uploaded

How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
Pixlogix Infotech
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Zilliz
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 

Recently uploaded (20)

How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 

Wcf Overview

  • 1. WCF Basics and Security overview Yaron Hakon Application Security Consultant 2Bsecure yaron@2bsecure.co.il WCFWCF Agenda.Agenda. •• WCF Overview.WCF Overview. • WCF Security model. • Attacks and countermeasures. (If Time Permits)
  • 2. WCF is.WCF is. • WCF services expose endpoints that clients and services use to exchange messages. Call CenterCall Center Asp.netAsp.net AppApp MOBILE EMPLOYEESMOBILE EMPLOYEES -- JAVAJAVA CUSTOMERSCUSTOMERS -- ApplicationApplication VARIOUS PLATFORMSVARIOUS PLATFORMS The Imperative to ConnectThe Imperative to Connect J2EE APP SERVER J2E APP OTHERS .NET framework ExistingExisting J2EE ApplicationJ2EE ApplicationMOBILEMOBILE EMPLOYEE APPEMPLOYEE APP .NET framework IDM HTTPHTTP HTTPSHTTPSTCPTCPIPIP WSE .. .. .. ..WSE .. .. .. .. Enterprise Services
  • 3. Windows Communication FoundationWindows Communication Foundation INTEROPERABILITY PRODUCTIVITY SERVICE-ORIENTED DEVELOPMENT • Unifies today’s distributed technologies • Visual Studio 2005 integration • loosely-coupled services • Config-based communication
  • 4. WSWS--* Protocol Support* Protocol Support XMLXML MessagingMessaging SecuritySecurity TransactionsTransactionsReliableReliable MessagingMessaging MetadataMetadata WCFWCF –– A B CA B C •• A ServiceA Service EndpointEndpoint has anhas an AddressAddress, a, a BindingBinding, and a, and a ContractContract (ABC).(ABC). •• AnAn AddressAddress is a network address indicatesis a network address indicates wherewhere the service isthe service is located.located. •• AA BindingBinding specifiesspecifies howhow a client can communicate with thea client can communicate with the endpoint including transport protocol, encoding, and securityendpoint including transport protocol, encoding, and security requirements.requirements. •• AA ContractContract identifiesidentifies whatwhat operations are available to the clients.operations are available to the clients. ClientClient ServiceService AABBCC AddressAddress Where?Where? ContractContract What?What? BindingBinding How?How? CCBBAA CCBBAA CCBBAA
  • 5. WCF Run Time WCFWCF –– Architecture & channel stackArchitecture & channel stack Configuration: Bindings: Protocol Encoding Transport Security Dispatcher Send incoming requestChannel Stack Service Interface Method A Method B WCF Service code .Net Assembly contract Data, Message, Service contracts …. Client Code Channel Stack Proxy Class A B Protocol Reliability Security Protocol Reliability Security C B A( address) Understanding Bindings optionUnderstanding Bindings option • Protocols: • Security, Reliable messaging capability, Transaction . • Encoding: • Xml Text, MTOM, Binary. • Transport: • TCP, HTTP/S, Name Pipes , Custom.
  • 6. Binding Transport Encoding security transaction Interopera- BasicHttpBinding Https text None, Transport, Message, Mixed no WS-I WSHttpBinding Https textMTO M None, Transport, Message, Mixed yes WS-* WSDualHttpBinding Http textMTO M None, Message yes WS-* WSFederationBinding None, Message, Mixed yes WSF NetTcpBinding TCP Binary None, Transport, Message, Mixed no .NET NetPeerTcpBinding P2P Binary None, Message, Transport, Mixed yes Peer NetNamedPipeBinding IPC Binary None, Transport yes .NET NetMsmqBinding MSMQ Binary None, Message, Transport Both yes .NET MsmqIntegrationBinding MSMQ Binary None, Transport yes MSMQ Understanding Standard BindingsUnderstanding Standard Bindings System.ServiceModel namespace includes the fallowing predefined Bindings: 1.Building1.Building WindowsWindows CommunicationCommunication FoundationFoundation ServiceService
  • 7. WCFWCF -- HostingHosting • User Application - Custom host app. • IIS host (WS). • Window service app. • + IIS version 7.0, - Windows Activation Services - WAS. • Configuration Sharing. • Application pool – Sandboxing • Support for non-HTTP transport protocols • Read more :http://msdn2.microsoft.com/en- us/library/ms733109.aspx Self Host.Self Host. • configure the endpoints… • Add endpoint information for the Web service in App.config . • Address (httphttps…. ) • Binding • Contract • create listener objects for each address. • listening for requests : productsServiceHost.Open(); Close()
  • 8. IIS HostIIS Host • Project assemblies are built in the bin folder. • Add a service definition file – svc (name of the class that IIS will execute and the name of the assembly holding this class ). • Add endpoint information for the Web service in Web.config . • Address (iis and SVC address ) • Binding • Contract • Deploy the service in iis • Add new site for the service. 2.Building2.Building Self Host For WCFSelf Host For WCF ServiceService
  • 9. 3.Hosting WCF Service3.Hosting WCF Service in IISin IIS Consuming WCF ServiceConsuming WCF Service • Select preferred client. • Service Reference. • Configuration - ABC • Consume.
  • 10. 4.Consuming WCF service4.Consuming WCF service from console applicationfrom console application Good to knowGood to know • Multiple Service Endpoint. • Expose Service in different endPoint for different Clients. • Configuring Service Instance Context Modes: • [ServiceBehavior(InstanceContextMode = InstanceContextMode.PerSession)] • PerSession :open new session for etch client, close the session when client abort. • Default (max-10 connection) , Cant share data between service instance. • PerCall- create new instance etch time the client invokes an operation and the service close after the call finish. • Hard to implement state. • Single – open one instant of the service for all. • Open in the first time service call come. Close by the server. • Sharing Data between +- ? . • Using MSMQ and Transaction.
  • 11. 5.Consuming WCF service in5.Consuming WCF service in self host With 2 endpoint fromself host With 2 endpoint from different clients.different clients. console application &console application & ASP.netASP.net Agenda.Agenda. • WCF Overview. •• WCF Security model.WCF Security model. • Attacks and countermeasures. (If Time Permits)
  • 12. security in every WCF operation callsecurity in every WCF operation call • Service contract • Operation contract- Fault contract • sc behavior- Client credentials, Service credentials.Client credentials, Service credentials. • Operation behavior • Host configuration • Method configuration and code • Proxy configuration • Binding configuration- [ServiceContract (ProtectionLevel = ProtectionLevel.Sign)] public interface IMyContract { [OperationContract] void SignMethod(…); } [OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)] void EncryptAndSignMethod(…); } [ServiceContract (ProtectionLevel = ProtectionLevel.Sign)] public interface IMyContract { [OperationContract] void SignMethod(…); } [OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign)] void EncryptAndSignMethod(…); } Transfer security ConceptsTransfer security Concepts • Message integrity. • Tampering. • Message privacy. • Sensitive data. • Confidentiality. • mutual authentication. • Client server Authentication. • Replay attacks. • Denial of service attacks.
  • 13. Transfer security modesTransfer security modes • None. • No client credentials are provided to the service. • Clear Text Messages over non secure Transport layer. • Transport security - integrity, privacy, and mutual authentication. • Secure transport protocols - https, tcp, ipc ,msmq. point-to-point, • all communication on the channel encrypted. • client's credentials are encrypted along with the rest of the message, • Message security- integrity, privacy, and mutual authentication. • encrypts the message itself. • end-to-end security. • communicate securely over nonsecure transports. • Mixed. • Transport security for message integrity , privacy & service authentication. • Message security for securing the client credentials. • point-to-point security. • Both - integrity, privacy, and mutual authentication. • both Transport security and Message security Explain the Mode scenarioExplain the Mode scenario -- TransportTransport • Encrypts the entire message • Sender must trust all intermediaries • Restricts protocols that can be used SSL SecuritySSL Security SSL SecuritySSL Security
  • 14. Explain the Mode scenario MessageExplain the Mode scenario Message Security ContextSecurity Context •End to end message security independent of transport •Supports multiple protocols and multiple encryption technologies •Encrypt only parts of the message Transfer Security Mode • Bindings. Programmatically or Administratively. Binding None Transport Message Mixed Both BasicHttpBinding Y (default) Y Y Y N NetTcpBinding Y Y (default) Y Y N NetPeerTcpBinding Y Y (default) Y Y N NetNamedPipeBinding Y Y (default) N N N NetMsmqBinding Y Y (default) Y N Y WSHttpBinding Y Y Y (default) yes N WSFederationBinding Y N Y (default) yes N WSDualHttpBinding Y N Y (default) N N
  • 15. Programmatically securing the basic binding BasicHttpBinding binding2 = new BasicHttpBinding( ); binding2.Security.Mode = BasicHttpSecurityMode.Message; Administratively securing the basic binding <bindings> <basicHttpBinding> <binding name = "SecuredBasic"> <security mode = "Message"> </security> </binding> </basicHttpBinding> </bindings>
  • 16. ••6. Use of transfer security6. Use of transfer security –– basicHttpBindingbasicHttpBinding -->>>> WSHttpBinding. WCF Trace view with Microsoft serviceWCF Trace view with Microsoft service Trace Viewer.Trace Viewer. Before and afterBefore and after Transport Security and CredentialsTransport Security and Credentials • WCF lets you select from a number of possible client credentials types. • NTLM or Kerberos • classic username and password. • Windows security token. • X509 certificate, • Anonymous.
  • 17. Transport security client credentialsTransport security client credentials • WCF lets you select from a number of possible client credentials types. Binding None Windows UserName Certificate BasicHttpBinding Y (default) Y Y Y NetTcpBinding Y Y (default) N Y NetPeerTcpBinding N N Y (default) Y NetNamedPipeBinding N Y (default) N N NetMsmqBinding Y Y (default) Y N WSHttpBinding Y Y (default) Y Y WSFederationBinding N/A N/A N/A N/A WSDualHttpBinding N/A N/A N/A N/A Message Security and CredentialsMessage Security and Credentials • The same type of credentials as with Transport security. • + Issued token credential type. • http://msdn2.microsoft.com/en-us/library/ms731161.aspx
  • 18. Message Security and CredentialsMessage Security and Credentials Binding None Windows UserName Certificate Token BasicHttpBinding N N N Y N NetTcpBinding Y Y (default) Y Y Y NetPeerTcpBinding N/A N/A N/A N/A N/A NetNamedPipeBinding N/A N/A N/A N/A N/A NetMsmqBinding Y Y (default) Y Y Y WSHttpBinding Y Y (default) Y Y Y WSFederationBinding N/A N/A N/A N/A N/A WSDualHttpBinding Y Y (default) Y Y Y AuthenticationAuthentication AuthorizationAuthorization • Authentication: • ASP.NET Membership Provider • Custom Username and Password Validator • Identity and Authentication • Authorization • Restrict Access With the PrincipalPermissionAttribute • ASP.NET Role Provider with a Service • ASP.NET Authorization Manager Role Provider with a Service • Claims and Authorization with the Identity Model • Delegation and Impersonation
  • 19. ••7.Implement Message security7.Implement Message security –– netTcpBinding. 8.Using X509 certificate unable https communication to service.- server authentication ••9.Implement Authorization9.Implement Authorization –– usingusing PrincipalPermission.
  • 20. WCF Relevant AttacksWCF Relevant Attacks • Information Disclosure • Http Headers. Metadata , logs/exception . Authentication / Authorization • Elevation of Privilege • Check Authorization, Token Caches. • Denial of Service • Memory Consumption, max Secure Session. • Tampering • WS Addressing. • Replay Attacks • WS Addressing , transport security. ??
  • 21. SummarySummary •• WCF Overview.WCF Overview. •• Unified existing technology .Unified existing technology . •• Standards wide support.Standards wide support. •• WCF Security model.WCF Security model. •• Security by default.Security by default. •• Can be done using configurationCan be done using configurationcode.code. •• CredentialsCredentials –– X509, SAML, Kerberos, Card Spaces, custom.X509, SAML, Kerberos, Card Spaces, custom. •• WCF countermeasures for common attack vectors.WCF countermeasures for common attack vectors. •• MissMiss -- configuration can lead to vulnerability exposureconfiguration can lead to vulnerability exposure .. •• Read more bout WCF Attacks from the references.Read more bout WCF Attacks from the references. ReferencesReferences • Books • Microsoft Windows Communication Foundation Step by StepbyJohn Sharp. • MSDN: • WCF Home - http://msdn2.microsoft.com/en- us/library/ms735119.aspx • Security programming - http://msdn2.microsoft.com/en- us/library/ms731925.aspx • Card space - http://cardspace.netfx3.com/ • Blogs • Message inspector - http://msmvps.com/blogs/paulomorgado/archive/2007/04/27 /wcf-building-an-http-user-agent-message-inspector.aspx • WCF Security - http://blogs.msdn.com/alikl/archive/2007/07/26/wcf-security- in-intranet-scenario-thoughts-on-cons-and-pros.as • User group. • UG Page: http://www.microsoft.com/israel/communities/usergroups/se curedev.mspx • UG Presentation Page: http://www.2bsecure.co.il/NetSecGroup.aspx
  • 22. Thank you !Thank you ! Yaron Hakon Application Security Consultant 2Bsecure yaron@2bsecure.co.il