1. AIMS AND OBJECTIVE
The primary motive of the project is to make a file server which acts as a centralised server for the client’s machines. There will be two virtual or real time machines which will be used as clients and one machine will be used as the main server or centralised server. Clients should be allowed to use file server as per the permission provided to them. Authentication will be performed using LDAP and Metasploit framework will be used to analyse how secure the complete network is. Security analysis would be performed on the protocols and cipher.
The above diagram shows that the clients(1,2) requests for the data and receives the same by the file server which is computer attached to a network that provides a location for shared disk ac-cess, i.e. shared storage of computer files. It can be accessed by the workstations (Client 1,2,3) to reach the computer that shares the access through a computer network, internet and protocols (e.g.: LDAP). It is designed primarily to enable the storage and retrieval of data while the com-putation is carried out by the workstations. A dedicated server is designed specifically for use as a file server, with workstations attached for reading and writing files and databases.
The authentication of the File server will be maintained for the server security using LDAP. In order to access the information stored within LDAP database, the user must authenticate their entity. LDAP user authentication is the process of validating a username and password combina-tion with a directory server. Authentication helps the network to identify the entity so that no fake user can use the services on the network. UserId and password will be required to connect to the server and access files which can be a single layer security or multiple layer. The credentials provided will be verified against the Windows login database and then the access to the server will be approved only when the valid credentials are provided. It is important to keep the data-base or information safe as hackers can easily manipulates the data if the security perimeters are not designed properly. File servers generally offer some form of system security to limit access to files to specific users or groups. The security of the server and its database depends upon the pro-tocol we use.
After the server is secured, the security will be enabled at the file level. When the successful server connection is established, access to the files is secured using the file credentials in the home directory. The user should be able to access the same files in the home directory from dif-ferent system using the valid credentials. There should be no alteration or the deletion of the da-ta/ files.
Security Analysis is done to check how secure the connectivity and the server is. Higher the secu-rity measures, more secure is the data. Penetration testing is a method of evaluating the security of a system or network by simulating an attack from the malicious source. It also determines the feasibility and impact of a successful attack. Metasploit Framework will be used in this project to analyse the security of the network. Metasploit framework is a collection of tools to test the secu-rity and find the vulnerabilities of a website or the entire network. Testing will be done to test the security of the network. We can also do bunch of other things with this tools like gathering in-formation about the target, scanning for vulnerability, we can also create our own exploit.
3. LITERATURE SURVEY
LDAP servers are part of the critical infrastructure of most large organisations. They hold personal data subject to legal protection, and often act as the authoritative source of authentication and authorisation for multiple applications. Security depends upon the CIA trait i.e. Confidentiality, availability and integrity. Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes. Integrity is the property of protecting the accuracy and completeness of assets, where asset is given the very broad definition “anything that has value to the organization” – a synonym for ‘data’ in the context of this paper. Availability is the property of “being accessible and usable upon demand by an authorized entity”. This is a property that is often neglected in favour of the others, but is in fact at the core of information security: if we are not protecting the availability of the service then there is little point in having it at all
4. AUTHENTICATION AND FILE SERVER
Authentication server: An authentication server is an application that facilitates authentication of an entity that attempts to access a network. Such an entity may be a human user or another server.
LDAP defines a “Bind” operation that authenticates the LDAP connection and establishes a se-curity context for subsequent operations on that connection.
There are three authentication methods defined: anonymous, simple and SASL.
• A client that sends a LDAP request without doing a “bind” is treated as an anonymous client.
• Simple authentication consists of sending the LDAP server the fully qualified DN of the client (user) and the client’s clear-text password. This mechanism has security problems because the password can be read from the network. To avoid exposing the password in this way, you can use the simple authentication mechanism within an encrypted channel (such as SSL), provided that this is supported by the LDAP server.The simple authentica-tion method has the LDAP client send the username (as a LDAP distinguished name) and password (in clear text) to the LDAP server. The LDAP server looks up the object with that username in the directory, compares the password provided to the password(s) stored with the object, and authenticates the connection if they match. Because the password is provided in clear text, LDAP simple Binds should only be done over a secure TLS con-nection.
• SASL Bind is more involved and allows the client and server to negotiate a particular au-thentication mechanism, which they then use to authenticate the LDAP connection. It specifies a challenge-response protocol in which data is exchanged between the client and the server for the purposes of authentication and establishment of a security layer on which to carry out subsequent communication
• By using SASL, LDAP can support any type of authentication agreed upon by the LDAP client and server.
Following authentication, a user must gain authorization for doing certain tasks. After logging into a system, for instance, the user may try to issue commands. The authorization process determines whether the user has the authority to issue such commands. Simply put, authorization is the process of enforcing policies: determining what types or qualities of activities, resources, or services a user is permitted. Usually, authorization occurs within the context of authentication. Once you have authenticated a user, they may be authorized for different types of access or activity.
measures the resources a user consumes during access. This can include the amount of system time or the amount of data a user has sent and/or received during a session. Accounting is carried out by logging of session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities.
d. Password Policy
Most LDAP systems store and validate passwords – indeed for many it is their primary function. Following the X.500 ‘get back exactly what you put in’ principle, servers normally default to storing passwords in clear text or in a form that can be converted back to clear text. Wherever possible, passwords should be stored using a non-reversible cryptographic hash including a significant amount of salt. This provides the best possible protection against the recovery of passwords from stolen disks or backup tapes. SSHA-1 is the best commonly-implemented hash at present, but server administrators should consider moving to better hashes such as the SSHA-2 series when they become available. Note that passwords protected using AES and other symmetric algorithms are likely to be recoverable from stolen media with very little effort as the encryption keys are almost certain to be present on the same media.
e. Access control Policy
An access control policy is set of rules which is used for defining the protection of resources. Certain access control factors are used to process the request made on server. The factors may include source IP Address, encryption strength, the type of operation being requested, time etc.
f. SSL and TLS
Most data carried by LDAP is likely to be sensitive, so sessions should be encrypted as a matter of course. LDAP server products are required to support Transport Layer Security (TLS) if they support authentication, so this should be universally available. Most also support the older SSL encryption using a separate TCP port, thought his usage has never been defined in a standard. Some organisations use SSL in the mistaken belief that port 636 is in some way more secure than port 389. This should be resisted: SSL has been deprecated for several years and there are known attacks against it that will not be fixed. The correct and standard approach is to start LDAP without encryption and then negotiate the TLS security layer. If necessary, the server can be configured to refuse all operations other than ‘Start TLS’ until TLS is in place. It would still be wise to permit at least the root DSE to be read without TLS protection, as many LDAP clients need to read that to detect the server’s ability to do TLS at all
g. Linux File Server
Linux file server is also known as terminal server. It is an open source so creating and file server and using it is completely free. According to the survey, Linux file server requires less maintenance and it is very easy to update new software and applications. Many of the organizations uses file server for their central storage. It cost approximately $1400 including software and configuration. Linux is a very secure OS and fast too. Linux systems are well known for their stability. Linux also handles large number of process running at once much better than windows. There is no need of rebooting after installation of the application or software wherein windows always require reboot after installation of heavy software.
Kerberos:- Kerberos is an authentication protocol that can provide secure network login or SSO for various services over a non-secure network. Kerberos works with the concept of tickets which are encrypted and can help reduce the amount of times passwords need to be sent over the network. These tickets are issued throughout the Kerberos realm by a centralised key distribution centre (KDC). Kerberos is used to manage credentials securely (authentication) while LDAP is used for holding authoritative information about the accounts, such as what they’re allowed to access (authorization), the user’s full name and uid. Kerberos and LDAP can used together for Single-sign-on (SSO).
6. SECURITY ANALYSIS OF AUTHENTICATION AND FILE SERVER
LDAP Security Fundamentals
There are three components for LDAP security:
• LDAP security objects
• The LDAP Tree Structure
• The Distinguished Name
a. LDAP Security Objects
The LDAP objects used for authentication are as follows:
• Organizational Unit (OU): objectClass organizationalUnit (OU)
An Organizational Unit object is similar to a Window directory. For LDAP, it typically holds either Group objects or User objects.
• Group (CN): objectClass group (CN) also posixGroup
In the same way an Organizational Unit is similar to a directory, a Group object is similar to a file. The Group object contains a member attribute that is a list of Distinguished Names that define the users in that group.
• User (CN): objectClass user (CN) also organizationalPerson
Also similar to a file, the User object describes a single person within the LDAP structure. Unlike a Group, a User does not contain a list. Instead, its attributes describe a user in as much detail as necessary.
b. LDAP Tree Structure
The structure of LDAP entries match the familiar tree structure for directories and files found in both UNIX and Windows. When you configure the Base Group and Principal during Weblogic server configuration, it will be critical that you use the tree structure to build the object’s Distin-guished Name.
c. LDAP Distinguished Name
The Distinguished Name is a value associated with each LDAP object to distinguish it from all of the other objects. This value is based on the tree structure described above. To build a Distin-guished Name you basically work your way from the object you are naming to the top of the tree, so the Distinguished Name for user John Doe might be:
The object type is normally upper-case in the DN, but lower-case is also valid. For the name of the object, the case needs to exactly match the case of the actual name. In addition, there should be no spaces between the commas and the object types. The only spaces that should exist in a DN are those that exist in the name of the object; therefore the DN for the VSM Admins might be:
There is a restriction in Weblogic concerning valid DNs. Certain characters that can potentially be added to a DN are not allowed by the Weblogic server. These characters are Comma (,), Plus Sign (+), Quotes (“), Backslash (\), Angle Brackets (), and Semicolon (;).
Of these, the most common is the comma, especially if the user name is of the form Smith, John. This usually happens in Active Directory, although any DN can have one of these characters. This is important because one of the users is always set up as the Principal, the user that allows access to the LDAP Server. If your DNs contain any of these characters, then the Principal must be added as a special user with a different corresponding DN
d. Metasploit Framework
e. Protocols and cipher
7. SYSTEM VULNERABILITIES
Basic threats to an LDAP directory service include:
(1) Unauthorized access to data via data-fetching operations,
(2) Unauthorized access to reusable client authentication information by monitoring others’ ac-cess,
(3) Unauthorized access to data by monitoring others’ access,
(4) Unauthorized modification of data,
(5) Unauthorized modification of configuration,
(6) Unauthorized or excessive use of resources (denial of service), and
(7) Spoofing of directory: Tricking a client into believing that information came from the direc-tory when in fact it did not, either by modifying data in transit or misdirecting the client’s con-nection.
Threats (1), (4), (5) and (6) are due to hostile clients. Threats (2), (3) and (7) are due to hostile agents on the path between client and server or posing as a server.
The LDAP protocol suite can be protected with the following security mechanisms:
(1) Client authentication by means of the SASL 2 mechanism set, possibly backed by the TLS credentials exchange mechanism,
(2) Client authorization by means of access control based on the requestor’s authenticated iden-tity,
(3) Data integrity protection by means of the TLS protocol or data-integrity SASL mechanisms,
(4) Protection against snooping by means of the TLS protocol or data-encrypting SASL mech-anisms,
(5) Resource limitation by means of administrative limits on service controls, and
(6) Server authentication by means of the TLS protocol or SASL mechanism.
8. REQUIREMENTS OF MATERIALS AND FACILITIES
a. Hard disk : upto 80 GB
b. Processor: Intel core i3 or upper
c. Oracle virtual box
d. Linux 16.04,18.04 image
e. OS : Linux ubuntu, fedora ,RHEL/Centos
f. RAM: 8 GB
g. Static IP at server side
h. 2-3 Clients machines
For the implementation of the project we have an incremental approach such as: –
• Install Oracle VM virtual box Manager
• Install a disk image of ubuntu 18.04.1 LTS
• Create a new virtual machine to make a server. We must follow two steps for new virtual machine installation.
a) Update network and storage settings of Virtual Machine
We have selected Bridge Adapter in the network settings because Linux is open source and we need to download the packages of LDAP and different protocols and for which internet is required in the machine. it bridges the virtual and physical networks. The Bridged Adapter connects through the host to whatever is your default network device that allocates IP addresses for your physical network
a) Installation of Virtual machine
10. ACTION PLAN