1 / 22

Security in the NT Environment at SLAC

Security in the NT Environment at SLAC. HEPNT at CERN December 4, 1998 Bob Cowles, SLAC. Background. Over 3000 hosts respond to ping 1200 over NT machines 800 over Unix machines Business Services Division PeopleSoft Financials & Human Resources WinNT workstations; Oracle DB on Unix

vcrabtree
Download Presentation

Security in the NT Environment at SLAC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in the NT Environment at SLAC HEPNT at CERN December 4, 1998 Bob Cowles, SLAC

  2. Background • Over 3000 hosts respond to ping • 1200 over NT machines • 800 over Unix machines • Business Services Division • PeopleSoft Financials & Human Resources • WinNT workstations; Oracle DB on Unix • 150 W/S in central offices • 50 W/S in departments distributed around Lab Bob Cowles - SLAC

  3. Crisis -> Response • Serious intrusion in June 1998 • Over 20 Unix hosts compromised (root) • Over 40 user accounts used • Response • Cut off from Internet for a week • Changed all passwords • Applied deferred security patches • Increased packet filtering Bob Cowles - SLAC

  4. Challenge - Priorities • Prevent unauthorized access to business systems and confidential data • Protect accelerator control systems • Protect physics data and programs Bob Cowles - SLAC

  5. Challenge - Constraints • Implement security measures consistent with the research mission • Open • Collaborative • Credible response to vulnerabilities • Password compromise • Local admin & PC mode of thinking Bob Cowles - SLAC

  6. Threat Analysis • Attack on Oracle DB • Alter data • Read personal or confidential data • Denial of Service • External Attack • Internal (authenticated user) Attack • Adapt to new threats over next 2 years Back Oriface Netbus Bob Cowles - SLAC

  7. Countermeasures I • External • Filter out NT networking protocols • Strengthen passwords (passfilt) • Internal • Emphasize SP3 + Hotfixes • Promote SMS and central mgmt tools • Proposed significant tightening of all NT W/S Bob Cowles - SLAC

  8. Problems I • General revolt at proposal • “Personal Computer” • Inadequate support • Non-standard configurations • Inventive requirements • One size does not fit all Bob Cowles - SLAC

  9. Countermeasures II • Use Business Services Division as a pilot • Significantly increase restrictions on NT • Use latest technology to provide: • safety • functionality • Examined many alternatives • Filtering routers, firewalls, VPNs, IDS, etc. Bob Cowles - SLAC

  10. Problems II • Latest technology is very immature (!) and vendors don’t understand it • Required features in the next release (RSN) • Solutions require • Lots of inter-group cooperation & coordination • Very easy to have 3-4 inadequate solutions for the same problem • BSD users are all over the Lab Bob Cowles - SLAC

  11. Strawman I • Use VLANs to put all users “together” • Very heavy filtering on internal router • Many users have two workstations • Communicate externally & with rest of Lab • No tight controls on configuration • Communicate with PeopleSoft applications • Centrally maintained • Standard configuration Bob Cowles - SLAC

  12. Data Warehouse BSD Domain Cntlr Strawman I Prod PeopleSoft Test PeopleSoft BSDnet BIS Web Server User01 UserYY UserXX Rest of SLAC FDDI Bob Cowles - SLAC

  13. Strawman I :-( • Cost of additional W/S and network equip. • Fear of “yellow cables” • Loss of desktop space - user reaction • Confusing relationship between domains • Concerns about “piped” cross authentication (e.g. new web browsers) Bob Cowles - SLAC

  14. Data Warehouse BSD Domain Cntlr Strawman II Prod PeopleSoft Test PeopleSoft BSDnet BIS Web Server User01 UserYY UserXX Rest of SLAC FDDI Bob Cowles - SLAC

  15. Strawman II :-( • Very difficult to packet filter properly (SQL*Net uses ephemeral ports) • Possible performance issues with Two-tier PeopleSoft client • Questionable protection in time of intrusion Bob Cowles - SLAC

  16. Data Warehouse BSD Domain Cntlr Strawman III Prod PeopleSoft Test PeopleSoft WTS Server BSDnet BIS Web Server User01 UserYY UserXX Rest of SLAC FDDI Bob Cowles - SLAC

  17. Strawman III :-( • Still problems during/immediately after intrusion • Mission critical functions • Access to BIS web server required • WTS is new technology • What if it fails? • What if it can’t handle the load? Bob Cowles - SLAC

  18. Data Warehouse BSD Domain Cntlr Plan A Prod PeopleSoft Test PeopleSoft WTS +Citrix Farm UserMC Secure BSDnet BIS Web Server User01 UserYY UserXX BSDnet Rest of SLAC FDDI Bob Cowles - SLAC

  19. BSD Domain Cntlr Data Warehouse Plan A - Intrusion Prod PeopleSoft Test PeopleSoft WTS +Citrix Farm UserMC Secure BSDnet “Air Gap” BIS Web Server User01 UserYY UserXX “Air Gap” BSDnet Rest of SLAC FDDI Bob Cowles - SLAC

  20. Plan A :-) • Mission critical work can be done using what works now • WTS+Citrix provides add’l flexibility and security options • Token cards will provide two-factor authentication • IDS will watch for what gets past filters Patrick Bob Cowles - SLAC

  21. Current Status • Testing WTS farm with live users • Developing specifications for configration on user machines (apps, registry, etc.) • Network hardware being installed • Estimated completion - April 1 Bob Cowles - SLAC

  22. Comments? • What have we overlooked? • What are YOU doing in this area? • How do you handle user administrated W/S? • Feedback is appreciated! rdc@slac.stanford.edu Bob Cowles - SLAC

More Related