1 / 16

Firewalls and encryption How deep the rabbit hole goes?

Firewalls and encryption How deep the rabbit hole goes?. Introduction. Márton Illés BalaBit Product Manager marton.illes@balabit.com. Agenda. Bridge of Death, or „you have to know these things when you're a king” You have to know these things, when your an Ethical Hacker!

shea-puckett
Download Presentation

Firewalls and encryption How deep the rabbit hole goes?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Firewalls and encryptionHow deep the rabbit hole goes?

  2. Introduction Márton Illés BalaBit Product Manager marton.illes@balabit.com

  3. Agenda... • Bridge of Death, or „you have to know these things when you're a king” • You have to know these things, when your an Ethical Hacker! • Modern net-tale about Alice, Bob, Mallory and Trent where it turns out that Mallory might not be such a bad boy and Trent is not as trustworthy as we have thought before...

  4. A word on firewalls • A firewall is a network-aware access control device, which enforces rules • Different firewall technologies • Packet Filter • Proxy • Intrusion Prevention System

  5. Our problem • We want to encrypt our communications • We want to control all communications on the firewall • If the communication is encrypted the firewall could not look inside → can not control it! • Which shell we throw away? • The firewall or the encryption?

  6. How deep the rabbit hole goes? • Man-in-the-middle „attack” • We stand between client and server • Independent client and server side encryption • In the middle we do what we want! ;)‏ • Is Mallory now the good guy?!

  7. Very deep the rabbit hole goes? • In case of SSL there is no Perfect Forward Secrecy • Having the private key the encrypted traffic can be check transparently • Now Mallory is the good guy!

  8. Firewall vs. server vs. encryption • Against what does a firewall in front of the server protect? - „Az ellen nem véd!” (Bad hungarian humor)‏ • Besides IP/port filtering what can we do with application layet? • We got the private key!

  9. SSL client authentication • It is possible to check and authenticate the certificate of the client • Mutal X.509 authentication • Are we positive that the certificate matches the user?

  10. Virus, p0rn and the trojans • Many „application” uses port 443/tcp • This is an unfiltered full-speed covert channel • Trojans, backdoors, skype • Why p0rn sites not available over https? • It is kind a confidental information... :)‏ • Mallory is here to save us!

  11. Is the man visible in the middle? • Could the client recognize that the server certificate has changed? • No, Joe user does not care about such unimporant details. • Yes, but the certificate is issued by our Trusted Certificate Authority • We generate a new certificate based on the server's and sign it using our – trusted - authority.

  12. Is the man visible in the middle?

  13. One minute on PKI... • It should be rather pkI • How much can you trust CAs? • Who checks and oversees them? • What is the criteria for a CA to be included in a browser pre-defined trusted CA set?

  14. Life beyond SSL • There is life beyond SSL • SSH, IPSec, GPG/PGP etc. • In case of GPG/PGP therea solution called„key escrow”

  15. Lessons learned • Goal: control enctypted communications • Control and inspect all the details of the enctypted communication on the firewall • Rabbit holes are deep... • MITM could be used for nice purposes! • Mallory is our friend, he is our best friend!

  16. Thanks for listening!

More Related