Tag Archive for IPsec

| May 26, 2015
Comments Off on Another Hole in Internet Armor

Another Hole in Internet Armor

Another Hole in Internet ArmorAnother hole in our Internet armor has been discovered. The hole is in the Diffie-Hellman key exchange, a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.

Diffie-Hellman key exchangeResearchers from the University of Michigan, Inria, Microsoft Research, Johns Hopkins University, and the University of Pennsylvania have uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed. In what they are calling the Logjam attack the DF flaw allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and change any data passed over the connection.

The problem, according to the researchers, is that millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve—the most efficient algorithm for breaking a Diffie-Hellman connection—is dependent only on this prime. After this first step, an attacker can quickly break individual connections.

prime numberTo prove this hypothesis, the researchers carried out this computation against the most common 512-bit prime number used for TLS and demonstrated that the Logjam attack can be used to downgrade connections to 80% of TLS servers supporting DHEEXPORT.

They also estimated that an academic team can break a 768-bit prime and that a nation-state can break a 1024-bit prime. Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers.

VPN attackThere is speculation that this “flaw” was being exploited by nation-state bad actors. A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having created, exploited, harnessed the Logjam vulnerability.

What should you do?

1 – Go to the researcher’s website https://weakdh.org/ to see if your browser is secure from the Logjam flaw. (It reported that Google Chrome Version 43.0.2357.81 (64-bit) on OSX 10.10.3 was not secure}

2 – Microsoft (MSFT) patched the Logjam flaw on May 12 with security bulletin MS15-055. A Microsoft spokesperson told eWEEK;

Customers who apply the update, or have automatic updates enabled, will be protected. We encourage all customers to apply the update to help stay protected.

3 – Google (GOOG) fixed the issue with the Chrome 42 update, which debuted on April 15. Google engineer Adam Langley wrote;

We disabled TLS False-Start with Diffie-Hellman (DHE) in Chrome 42, which has been the stable version for many weeks now.

patch for Firefox4 – Mozilla’s patch for Firefox isn’t out yet, but “we expect it to be published in the next few days,” Richard Barnes, cryptographic engineering manager at Mozilla, told eWEEK.

5 – DarkReading reports that on the server-side, organizations such as Apache, Oracle (ORCL), IBM (IBM), Cisco (CSCO), and various hosting providers have been informed of the issue. There has been no response from these tech titans.

The researchers have also provided guidance:

  1. If you have a web or mail server, they recommend  – disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. They have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions.
  2. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers the Elliptic-Curve Diffie-Hellman Key Exchange.
  3. If you’re a sysadmin or developer, make sure any TLS libraries you use are up-to-date, that servers you support use 2048-bit or larger primes, and that clients you maintain reject Diffie-Hellman primes smaller than 1024-bit.

rb-

Finally, get involved. Write someone, your representative, senator, your favorite bureaucrat, the president, your candidate, and tell them to get out of the way. 

Ars Technica notes that Logjam is partly caused by export restrictions put in place by the US government in the 1990s, to allow government agencies the ability to break the encryption used in other countries. “Logjam shows us once again why it’s a terrible idea to deliberately weaken cryptography, as the FBI and some in law enforcement are now calling for,” said Michigan’s J. Alex Halderman to the report. “Today that backdoor is wide open.”

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , ,
| September 17, 2013
Comments Off on Did NSA Subvert IPv6 Security?

Did NSA Subvert IPv6 Security?

Did NSA Subvert IPv6 Security?Cryptographer and Electronic Frontier Foundation (EFF) board member Bruce Schneier has given advice on how to be as secure as possible. “Trust the math,he says. “Encryption is your friend. Use it well, and do your best to ensure that nothing can compromise it. That’s how you can remain secure even in the face of the NSA.

subverting the implementations of encryption

All UR emails R mine

Mr. Schneier confirms to Infosecurity that the growing consensus is that Bullrun‘s greatest success is in subverting the implementations of encryption and not in the ability to crack the encryption algorithms themselves. The general belief is that the NSA has persuaded, forced or possibly even tricked companies into building weaknesses or backdoors into their products that can be exploited later.

Infosecurity says the bottom line, however, is that the fabric of the internet can no longer be trusted. Meanwhile, John Gilmore, co-founder of EFF and a proponent of free open source software, has raised a tricky question: has NSA involvement in IPv6 and IPSEC discussions effectively downgraded its security? IPSEC is the technology that would make IP communications secure.

EFF.orgMr. Gilmore told the author that he was involved in trying to make IPSEC “so usable that it would be used by default throughout the internet.” But “NSA employees participated throughout, and occupied leadership roles in the committee and among the editors of the documents.

The result was “so complex that every real cryptographer who tried to analyze it threw up their hands and said, ‘We can’t even begin to evaluate its security unless you simplify it radically‘” – something that never happened EFF’s Gilmore observed.

Mr. Gilmore doesn’t explicitly say that the NSA sabotaged IPSEC, but the fact remains that in December 2011, IPSEC in IPv6 was downgraded from ‘must include’ to a ‘should include.’ He does, however, make very clear his belief in NSA involvement in other security standards.

Discussing cellphone encryption, the EFF co-founder says “NSA employees explicitly lied to standards committees” leading to “encryption designed by a clueless Motorola employee.

To this day, Mr. Gilmore notes that “no mobile telephone standards committee has considered or adopted any end-to-end (phone-to-phone) privacy protocols.  This is because the big companies involved, huge telcos, are all in bed with NSA to make damn sure that working end-to-end encryption never becomes the default on mobile phones.

 rb-

Following the Snowden leaks revealing Bullrun – the NSA program to crack the world’s encryption – the article states that there is an emerging consensus that users can no longer automatically trust any security.

Other articles say that NSA has compromised SSL so the NSA has access to credit cards and your 4G phones. This is another unnecessary attack on US e-commerce business who is going to buy something online when your account numbers are in the hands of US government hackers.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| October 25, 2011
One comment

Copier Security Best Practices

Copier Security Best PracticesMulti-function printers (MFP) can scan, copy, fax, and print. The lowly office copier can now send emails, host web-based administrative pages, and even tell you when the ink is low. While doing all that, MFPs can store image files on onboard hard drives, which can contain sensitive, personally identifiable information (PII). Compliance with standards/laws such as PCI-DSS, HIPAA, Sarbanes Oxley, state privacy laws, etc., may force MFPs to be secured.

MFP printer SecureState suggests some general questions to ask when trying to understand the criticality of these copier systems and to show some due diligence:

• Are these devices accessible on the network? If so, how is “Administrative” access controlled?
• How long are the image files retained on these systems?
• If the copier is compromised, can the attackers capture sensitive data?
• If a hard drive fails, does the replacement process follow the usual standard for securely destroying the disk?
• What are some of the services enabled on these devices? Is there an administrative website, SNMP client, or SMTP server? How about the accounts and passwords of the administrative websites; are they set to default accounts and passwords?

SecureState says If you answered “No” or “I don’t know” to these questions, some of the issues more than likely need to be addressed.

Just like any network appliance, MFPs and other print devices are small computers connected to the network that have memory, storage, processors, an operating system, and full-fledged web servers. These devices can hold sensitive information. Before that old printer is decommissioned, ensure the copier hard drive is securely wiped. If the existing device does not have advanced security options such as disk encryption or immediately overwriting data, the hard drive should be removed and securely wiped or destroyed separately before being decommissioned.

Recommended best practices

Recommended best practices for multi-function printers and copiers with disk drives:

  • Review vendor security configuration guides
  • Develop a standard configuration and check regularly
  • Enable immediate image to overwrite and schedule regular off-hours overwrite (DoD 3 pass)
  • Enable encryption (minimum 128-bit AES)
  • Use encryption and secure protocols such as IPSec, SSL, and SNMPv3 if network-enabled.
  • Regularly review copier vendor security bulletins.
  • Enable authentication and authorization (if possible, use network credentials)
  • Change admin password regularly
  • Enable audit log and review periodically
  • Treat network-enabled devices like any other computer on the network
  • Purchase a device that has an EAL2 Common Criteria certification

If the copier processes restricted data, it MUST have encryption and image overwrite. For devices that process restricted data but do not have the necessary security features:

  • Data destructionIf possible, buy the required security modules and enable the features.
  • If security features cannot be purchased or enabled, replace the copier as soon as appropriate and have the hard drive removed and destroyed.

By Copier Vendor

XeroxXerox—Newer Xerox (XRX) devices have security features that often need to be turned on. For more information, see the Xerox Information Security Guides.

RicohRicoh—Security options for Ricoh’s (7752) have to be purchased separately. For more information, see the Ricoh Common Security Features Guide (PDF).

CanonCanon—Security options for Canon (CAJ) devices must be purchased separately. For more information, see Canon Security Solutions for iR and iP Devices (PDF).

HP – All HP (HPQ) multi-function printers have hard drives.

  • HPThere is a disk-wipe utility for all MFPs.
  • This utility is not installed by default and must be downloaded from HP.COM. It is protected by an admin account and password.
  • The admin can configure the utility to do a printer disk wipe daily.
  • Some non-MFP HP printers may have hard drives. These printers will have an occupied EIO card (with a resident hard drive) in the slot next to the network card. Viewing the printer’s external case, this EIO card should be physically evident.
  • Third-party disk wipe utility cannot be used against HP MFP hard drives without removing the drive from the card, which is likely to damage the card and, possibly, the hard drive.
  • Non-MFPs with hard drives are rare and may be purchased for particular purposes.
  • Non-MFPs with hard drives and network connections can be remotely disk wiped. Non-MFPs with a hard drive but without a network connection need to be handled by HP.
  • The agreements should include a defective media retention provision for leased HP printers that permits the lessor to keep the hard drive before releasing the printer.
  • The WebJetAdmin tool, downloadable from HP.COM, can scan a network subnet and identify HP printers (and non-HP printers if the tool has an MIB for the non-HP printer).
rb-

Richard Nixon

All they focused on was the costs; they did not ask any of the due diligence questions pointed out in this post. They had no plans on wiping the HDDs on the 12 networked copy/scan/print Ricohs. It is pretty clear that all the info on the HDDs was bound for South America or else on the secondary market, as I wrote about here.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| September 18, 2010
Comments Off on D-Link Raises Net Security Bar

D-Link Raises Net Security Bar

D-Link Raises Net Security Bar Help Net Security reports that D-Link (TSEC dlink) has upgraded its products to rival some of the “enterprise-level” devices I see at client sites. The vendor has enhanced its router security to a higher level of protection to guard against hacking, worms, viruses, and other malicious Web attacks. by incorporating DNSSEC, IPv6, and CAPTCHA.

DNSSEC is a suite of Internet Engineering Task Force (IETF) specifications (Core DNSSEC RFCs are RFC 4033, RFC 4034, and RFC 4035) that adds security to the DNS to offer assurance that the information received from a Domain Name Server is authentic according to the article. The security extensions are designed to protect the DNS from man-in-the-middle and cache poisoning attacks, which can occur when hackers corrupt DNS data stored on recursive name servers to redirect queries to malicious sites.

DNSSEC applies digital signatures to DNS data to authenticate the data’s origin and verify its integrity as it moves across the Internet and can give users an effective means of verification that their applications, such as Web or email, are using the correct addresses for servers they want to reach.

D-Link is also providing additional security and future-proofing its routers, by migrating to IPv6 certification according to Help Net Security. With the growing number of Internet-capable devices on the market, the pool of IPv4 addresses has dropped to six percent and is expected to run out sometime in 2011. While this is a major motivation for IPv6, other improvements are also realized.

The IPv6 specification now specifies certain security measures that were not defined in IPv4, such as IPSec. IPSec is a method of authenticating and encrypting data transferred between pairs of hosts. Although it was possible to implement IPSec with IPv4, it was not part of the specification. IPSec is now a requirement, not an option, in the IPv6 specification.

CAPTCHAD-Link has previously implemented a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) to improve security. CAPTCHA is a challenge-response test that ensures that a response during a user login is not computer-generated but instead is truly entered by a human hand, by requiring a user to manually enter a small amount of text displayed in an image to help prevent automated registration and fraud.

rb-

I looked at a production switch today that was still running only CatOS 9.0 (EOL 2009), they might be better protected with a new D-Link.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| December 30, 2009
One comment

Wi-Fi on Wheels

ChWi-Fi on Wheelsevrolet has announced that owners of several new models can turn their rides in a mobile hot spot with Chevrolet Wi-Fi by Autonet Mobile. This option enables full Internet access inside the vehicle and up to a 150 feet radius around the vehicle. Chevrolet Wi-Fi is designed for use by passengers, or by the driver when the vehicle is parked. The system requires no special software and achieves speeds up to 1.5 Mbps. The Chevrolet Wi-Fi internet connection can support up to 10  devices at once, enabling multiple passengers to use the connection for their separate devices.

Chevrolet Wi-Fi by Autonet Mobile enhances commuting, family vacations and work,” says Chris Rauser, Chevrolet Accessories Manager. “It benefits active families on the go, as well as professionals who need immediate information at remote job sites. Its uses are almost endless.” San Francisco-based Autonet Mobile is the world’s first Internet service provider designed exclusively for vehicles. As a GM Officially Licensed Product, Chevrolet Wi-Fi by Autonet Mobile is certified to work with the following new Chevrolet models:

  • Equinox
  • Traverse
  • Silverado
  • Tahoe
  • Suburban
  • Avalanche
  • Express

According to Autonet, the system uses 3G EVDO/2.5g 1xRRT wireless from Novatel Wireless for connectivity and its own patent-pending TRU technology to support Internet connections over the 3G network while the vehicle is in motion. TRU technology maintains the persistent link, even when 3G coverage is sparse. IEEE 802.11b-a-g provides data link protocols along with one built-in Ethernet LAN port that provides wired connectivity.

Its transport protocols include  PPTP, L2TP, IPSec, and PPPoE along with SNMP for remote management.  Security and access control are provided via  WEP/WPA/WPA2 encryption. Additional docking stations are available, enabling customers to easily move the Chevrolet Wi-Fi by Autonet Mobile router from vehicle to vehicle.

Through Dec. 31, Chevrolet Wi-Fi is available for $199 ($399 retail price, less $200 mail-in rebate with a two-year service agreement). Go to GMextras.com for more information.

rb-

Now a soccer mom in her mini-van picking up Happy Meals will have more connectivity options than some of my clients.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Cars | Tags: , , , , , , ,
« Older Entries