Chia sẻ: Huy Hoang | Ngày: | Loại File: PDF | Số trang:63

0
77
lượt xem
9

Mô tả tài liệu

This module will address password security. Although user names and passwords are a familiar technology, most people are not aware of the inherent weaknesses in many of the different passwordbased authentication schemes in use today. These weaknesses are important to understand since many networks would be compromised if passwords on just a few key machines (such as firewalls, DNS servers, or Windows domain controllers) were known to an attacker.

Chủ đề:

Bình luận(0)

Lưu

## Nội dung Text: Password Assessment and Management

4. How Are Passwords Stored? • User passwords must be protected against: – unauthorized disclosure – unauthorized modification – unauthorized removal • Solution: Store only the encrypted password Password Assessment and Management - SANS ©2001 4 In many companies, passwords are more than the first line of defense -- they are the only line of defense protecting internal information and servers. Since most user IDs consist of the first initial/last name of an employee (or some combination), it is fairly easy to discover valid user IDs for individuals at a company. Then, the only other piece of information needed to gain access is a user password. Therefore passwords need to be protected and very hard to guess. The key things passwords need to be protected against are unauthorized disclosure, unauthorized modification, and unauthorized removal. If users write down their passwords or share them with other people, then it is likely that a malicious party could obtain the password. An attacker able to modify a password is just as problematic, because he could set the password to a particular value without needing to know what the original password was. Note that changing the password is potentially risky for the attacker however, because if the user tries to log in and cannot, foul play may be suspected. In order to protect passwords, operating systems use encryption, which basically hides the original content so if someone gets the encrypted password they will not be able to determine what the original password was. 3-4
5. Encryption 101 • Encryption is the process of converting plaintext into ciphertext. • The goal is to make the original text unreadable. • Three basic methods: – symmetric - single key – asymmetric - two keys (public and private) – hash – one-way algorithm, no key Password Assessment and Management - SANS ©2001 5 This section will cover a brief overview of encryption so that you can understand why and how password cracking works. For additional details, there are two additional modules in this training course that cover encryption in-depth. In its most basic form, cryptography is the process of converting plaintext into ciphertext, with the goal of making the original text unreadable. Basically, plaintext is the original, human-readable message and ciphertext is the unreadable message in its encrypted form. Therefore, since the goal of passwords is to make them unreadable, they are stored in encrypted form. There are three basic types of encryption. Symmetric encryption uses a single key to encrypt and decrypt the message. Symmetric encryption is also known as secret key encryption because a single, secret key is used for encryption and decryption. If two people wanted to communicate, they would both have to have the same key. One person would use the key to encrypt the message, and the other person would use the same key to decrypt it. The security of the scheme relies on the fact that an attacker does not know the secret key. Asymmetric encryption uses two keys, a public and a private key. Asymmetric encryption is also known as public key cryptography because it uses both a private key and a public key to encrypt and decrypt information. The public key is given to everyone while the private key is only known by the owner. These keys form an "encryption-decryption pair" -- anything encrypted with the public key can be decrypted with the private key, and anything encrypted with the private key can be decrypted with the public key. Note that symmetric and asymmetric encryption mechanisms provide both for translating text into ciphertext, and for recovering the original text from the ciphertext. Hash functions are a little bit different. Hash algorithms are considered "one-way" functions because they perform a one-way transformation of information that is irreversible. Basically, given an input string, the hash function produces a fixed-length encrypted output string, and from the output string there is no way to recover the original input string. 3-5
9. Unix Password Cracking - Crack • Name: Crack • Operating System: Unix • Brief Description: Crack is a "password guessing" program that is designed to quickly identify accounts having weak passwords given a Unix password file. Password Assessment and Management - SANS ©2001 9 Crack is a freely available program designed to break Unix encrypted passwords by standard guessing techniques. Crack was originally developed for passwords encrypted using the DES-based crypt() function that is typically included in the Unix standard C libraries. Over time, Crack evolved to support crypt() versions that use non-DES hash algorithms (such as MD5), and to use alternate DES implementations on OS installations where the crypt() function is not available. The Crack program is written to be flexible, configurable and fast, and can make use of several networked hosts via the Berkeley rsh program (or similar), where possible. Note: According to Crack's author Alec Muffet, of all the possible encryption implementations that Crack can use, the program usually runs fastest with Eric Young's "libdes". This fact will become more interesting when we discuss John the Ripper. Note: Each of the password cracking programs we will discuss operates by checking the users' passwords against "guessable" values. The method is illustrated in the previous slide. The program works by encrypting a list of likely passwords and seeing if the result matches any of the encrypted passwords contained in the password file. The tools are surprisingly effective and easy to use. 3-9
10. Crack • Available from ftp://ftp.cerias.purdue.edu/pub/tools/unix/pwdutils/crack • Features – Configurable password cracking – Modular approach with various scripts – Combining and extracting password files – Works with any crypt() implementation Password Assessment and Management - SANS ©2001 10 Crack’s main function is to crack passwords on a Unix machine. There are some versions that have been ported to other operating systems, but the original program works only on Unix. Crack also has a modular approach where Crack is used only to crack user passwords. But what makes Crack so useful is that it comes with various other scripts. For example, one script is used to view the results of running Crack. Another script is used to combine password files. This is very useful because it makes it very flexible and adaptable to be used in various environments. One of the distinguishing strengths of Crack is the huge number of rules (over 2000) it uses to create permutations of password guesses. Each time Crack is run it uses supplementary information from the password file's comment fields to create a new wordlist (in addition to using the standard dictionaries and permutations thereof). Often users will put information about themselves, such as their full name, in the comment field and then use some permutation of this information as their password. Crack takes advantage of the comment information to create a list of password guesses specifically tailored for each user. 3 - 10
11. Crack Requirements • Requirements – Unix-like operating system – C compiler – Moderate amount of disk space – Lots of CPU time – PERMISSION FROM SYSADMIN – Root-privileges, quite possibly – "gzip" is extremely desirable Password Assessment and Management - SANS ©2001 11 In order to run Crack, you need to be running a Unix operating system and using an encryption algorithm that Crack supports. The traditional Unix standard is DES encryption, and this is what Crack is best at handling. However, in recent years several operating systems have moved to alternate encryption algorithms such as MD5 or Blowfish. Primary reasons for the change include: Avoiding problems with US export restrictions concerning encryption products, allowing for passwords longer than the 8 characters permitted by DES, foiling cracking programs by forcing them to spend more effort on each encryption performed (MD5 and Blowfish are stronger algorithms than DES). You can discover what encryption type your system is using by examining the encrypted password values found in the password or shadow file. MD5 encrypted passwords are significantly longer than their DES- encrypted cousins and always begin with a "$1". Similarly, Blowfish encrypted passwords always begin with a "$2". If your system uses one of these alternate algorithms you would be better off using "John the Ripper" (discussed later). Some background information can be found at these URLs: http://www.linux.com/howto/User-Authentication-HOWTO/x57.html http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/crypt.html http://www.usenix.org/events/usenix99/provos/provos.html/node10.html Crack is not compiled when you download it, so you must have a C compiler running on your system. It is recommended that you use GNU C or gcc, since this has been tested with Crack already and it will make it much easier to compile. Crack is "self-compiling" and builds the components it needs when executed. Crack is fairly large and computationally intensive, just by nature of what the program does. So before you install and run Crack, make sure you have enough resources to compile and run it. If other people are using the Unix machine, please check with them prior to running Crack because it could cause some issues if they are running critical applications. If you do not own the machine, always make sure you check with the appropriate people prior to running it. Also, depending on how your system is configured, you might need root access to configure, run, and get the encrypted passwords. Since Crack is compressed, make sure you have gzip on your system so that you can uncompress the Crack source code. 3 - 11
12. Configuring Crack • Download Crack file • Unzip the file using gzip – gunzip -r crack5.0.tar.Z • Untar the file – tar -xvf crack5.0.tar • Read manual.txt • Edit the script file • Compile program – crack -makeonly – crack -makedict Password Assessment and Management - SANS ©2001 12 Once you download Crack, there are several steps that must be performed prior to running it. This is because you do not download an executable like you do with Windows; you download the source files which need to be compiled and configured in order to run the program. After you successfully download Crack, unzip and untar the file crack5.0.tar.gz with the command tar -xzvf crack5.0.tar.gz. A directory called c50a is generated with subdirectories holding configuration files, documents, scripts, source codes, etc. Text files like Makefile, Reporter, and Crack are also generated. A manual.txt file is there too (which is the same as the README file). Next, READ the manual.txt file. This is just to give you an overview and more detailed information of how to use the program. These slides will give you enough information to get Crack up and running on supported systems. Then, edit the Crack script file and reconfigure the values of CRACK_PATH, C5FLAGS, CC, CFLAGS, and LIBS to suit the operating system. If you are running a supported operating system like Solaris, you do not need to make any changes to the script files. You would only need to do that if you are running it on a version of Unix that has not been tested or are using a different encryption algorithm. It is recommended that you look at these files, but you could also just try compiling with the standard scripts to see what happens. Finally, issue the commands Crack -makeonly and then Crack -makedict. After these two steps, a binary executable Crack file is generated. You should view the output of these commands to make sure no errors were generated. If errors were generated, you will have to go back and configure the Crack script files for your specific environment. If no errors are generated, you are ready to start using Crack. 3 - 12
20. Enforce a Strong Password Policy (continued) • Password should not contain: – birthdays, names, sports teams, etc. • Tips for picking good passwords – pick a phrase and use the first letter of each word – example - When I stub my toe I say !@#$% 5 times – password - WIsmtIs!@#$%5t Password Assessment and Management - SANS ©2001 20 Choose a hard to guess password (the "do's"): Use a mixture of upper and lower case letters as well as digits or punctuation. When choosing a new password, make sure that it is unrelated to any previous password. Use long passwords (e.g. at least 8 characters long). Examples: A word pair with punctuation inserted, a passphrase (an understandable sequence of words), or the first letter of each word in a passphrase. In order to prevent easily guessable passwords, a password should never contain birthdays, names, sport teams, or special interests. Anything that can be viewed while sitting at your desk should also never be used as a password. Attackers can easily target an individual. Anything that stands out as a potential password, should never be used because it is to easy for someone to guess. What I suggest is instead of picking words as passwords, users should be trained to pick a phrase. If I told you that your new password was WIsmtIs!@#$%5t, you would probably think I was crazy. Your response might be, “How in the world am I going to remember that password?” On the other hand if I told you to remember the phrase, “When I stub my toe I say !@#$% 5 times,” you would probably agree that it is fairly reasonable. The main emphasis of a password policy should not only be to tell the user what is expected of them, but help them generate strong passwords that are fairly easy to remember. 3 - 20