STEP Security (RFC4012012)

Grant Ridder shortdudey123 at gmail.com
Sun Apr 1 11:42:25 CDT 2012


April 1 2012 RFC's

Service Undiscovery Using Hide-and-Go-Seek for the Domain Pseudonym System
(DPS)
http://www.rfc-editor.org/rfc/rfc6593.txt

The Null Packet
http://www.rfc-editor.org/rfc/rfc6592.txt

-Grant

On Sun, Apr 1, 2012 at 10:04 AM, J. Oquendo <sil at infiltrated.net> wrote:

> Interweb Re-Engineering Task Force                           J. Oquendo
> Request for Comments 4012012              E-Fensive Security Strategies
> Category: Informational
> Expires: 2020
>
>
>                           STEP by STEP Security
>
>
> Status of this Memo
>
>   This Internet-Draft is submitted in full nonconformance with
>   provisions of BCP 78 and BCP 79. This document may not be modified,
>   and derivative works of it may not be created, except to publish it
>   as an RFC and to translate it into languages other than English.
>   Internet-Drafts are working documents of the Internet Engineering
>   Task Force (IETF), its areas, and its working groups.   Note that
>   other groups may also distribute working documents as Internet-
>   Drafts.
>
>   Internet-Drafts are draft documents valid for a maximum of six
>   months and may be updated, replaced, or obsoleted by other documents
>   at any time.   It is inappropriate to use Internet-Drafts as
>   reference material or to cite them other than as "work in progress."
>
>   The list of current Internet-Drafts can be accessed at
>   http://www.ietf.org/ietf/1id-abstracts.txt
>
>   The list of Internet-Draft Shadow Directories can be accessed at
>   http://www.ietf.org/shadow.html
>
>   This Internet-Draft will expire on April 01, 2020.
>
> Copyright Notice
>
>   Copyright (c) 2012 IETF Trust and the persons identified as the
>   document authors. All rights reserved.
>
>   This document is subject to BCP 78 and the IETF Trust's Legal
>   Provisions Relating to IETF Documents
>   (http://trustee.ietf.org/license-info) in effect on the date of
>   publication of this document. Please review these documents
>   carefully, as they describe your rights and restrictions with
>   respect to this document. Code Components extracted from this
>   document must include Simplified BSD License text as described in
>
>
>
>
> Oquendo                  Expires Apr 01, 2020                  [Page 1]
>
>
> Internet-Draft          Security Step by STEP               RFC 4012012
>
>
>   Section 4.e of the Trust Legal Provisions and are provided without
>   warranty as described in the Simplified BSD License.
>
> Abstract
>
>   This framework describes a practical methodology for ensuring
>   security in otherwise insecure environments. The goal is to provide
>   a rapid response mechanism to defend against the advanced persistent
>   threats in the wild.
>
> Table of Contents
>
>
>   1.  Introduction..................................................2
>   2.  Conventions used in this document.............................4
>   3.  Threats Explained.............................................4
>       3.1. Possible Actors..........................................4
>   4.  STEP Explained................................................5
>   5.  STEP in Action................................................6
>   6.  Security Considerations.......................................7
>   7.  IANA Considerations...........................................7
>   8.  Conclusions...................................................8
>       8.1. Informative References...................................8
>   9.  Acknowledgments...............................................8
>   Appendix A.  Copyright............................................9
>
>
> 1. Introduction
>   In the network and computing industry, malicious actions,
>   applications and actors have become more pervasive. Response times
>   to anomalous events are burdening today's infrastructures and often
>   strain resources. As networks under attack are often saturated with
>   malicious traffic and advanced persistent threat actors engage in
>   downloading terabytes of data, resources to combat these threats
>   have diminished.
>
>   Additionally, the threats are no longer just anonymized actors
>   engaging in juvenile behavior, there are many instances of State
>   Actors, disgruntled employees, contractors, third party vendors and
>   criminal organizations. Each with separate agendas, each
>   consistently targeting devices on the Internet.
>
>
>
>
> Oquendo                     Informational                      [Page 2]
> Internet-Draft             Security Step by STEP                   RFC
> 4012012
>
>
>   The intent behind this document is to define a methodology for rapid
>   response to these threats. In this document, security will be
>   achieved using a new methodology and protocol henceforth named
>   Scissor To Ethernet Protocol (STEP).
>
>
>
>   Initially designed as a last approach for security, STEP ensures
>   that no attacker can disaffect any of the Confidentiality,
>   Integrity, Availability of data as a whole.
>
>
>
>   Many variables are involved in security, but the STEP methodology
>   focuses on the following:
>
>
>   o FUD (Fear Uncertainty and Doubt)
>   o SCAM (Security Compliance and Management)
>   o APT (Another Possible Threat)
>
>
>
>   This methodology proposes STEP that SHOULD be performed at the onset
>   of a cyber attack before more terabytes of data are exfiltrated from
>   a network.
>
>   1. Industry Standard IP connection
>
>
>          +-----------+           +-----------+           +-----------+
>          |           |   IP      |           |   INGRESS |           |
>          |   Rogue   |------->   | Internet |    ------> | Target    |
>          |     A     |           |           |           |     B     |
>          |           |           |           |   EGRESS |            |
>          +-----------+           +-----------+   <------ +-----------+
>
>          Figure 1 Example session between a rogue attacker and target
>   Figure 1 illustrates the connection via the Internet from a rogue
>   attacker, towards a target. Irrespective of the attack used, IP
>   will ALWAYS be used as the attack vector.
>
>
> Oquendo                           Informational
> [Page 3]
>
>
> Internet-Draft          Security Step by STEP                RFC 4012012
>
>
>
>
> 2. Conventions used in this document
>
>
>   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
>   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
>   document are to be interpreted as described in RFC-2119 [RFC2119].
>
>   In this document, these words will appear with that interpretation
>   only when in ALL CAPS. Lower case uses of these words are not to be
>   interpreted as carrying RFC-2119 significance.
>
>
> 3. Threats Explained
>
>   A security threat is a theoretical happening that may not occur but
>   should be considered as part of a proper security architecture and
>   design. For example, the threat always exists that your systems
>   will become the target of a denial of service attack. A threat may
>   or may not have a method to mitigate the possibility of attack.
>
>   Vendors across the security spectrum offer FUD based solutions often
>   promoting SCAM based systems to mitigate against APT. While some of
>   the available solutions may minimize the potential for catastrophic
>   transfers of terabytes of data, these solutions SHOULD NOT be used
>   as an all-inclusive solution for security. Engineers MUST NOT rely
>   on FUD, or SCAMs against the APT.
>
> 3.1. Possible Actors
>
>   Both malicious attacks and unintended (non-malicious) attacks can
>   occur from anywhere in the world including local attacks inside of
>   the infrastructure. In the barest threat explanation above, the
>   threat that someone can commit a typographical error, causing a
>   disruption in service, is as severe as a Distributed Denial of
>   Service attack from the public Internet. Actors can never be easily
>   identified unless one is watching the Academy Awards on television.
>
>
>
>
> Oquendo                     Informational                      [Page 4]
>
>
> Internet-Draft          Security Step by STEP                RFC 4012012
>
>
> 4. STEP Explained
>
>     o S - Scissors
>
>   Scissors as defined by wikipedia are" hand-operated cutting
>   instruments. They consist of a pair of metal blades pivoted so that
>   the sharpened edges slide against each other when the handles (bows)
>   opposite to the pivot are closed. Scissors are used for cutting
>   various thin materials, such as paper, cardboard, metal foil, thin
>   plastic, cloth, rope, and wire. Scissors can also be used to cut
>   hair and food. Scissors and shears are functionally equivalent, but
>   larger implements tend to be called shears. Scissors is a critical
>   component for STEP security and MUST be readily available 99.99999%
>   with redundant scissors within armā..s reach.
>
>
>                           |          |
>                           X          X
>                          / \        O O
>
>                        (Opened)   (Closed)
>
>
>     o T - To
>
>   To: [preposition] (Used for expressing direction or motion or
>   direction toward something) in the direction of; toward: from north
>   to south.
>
>     o E - Ethernet
>
>   Ethernet via Wikiepedia is described as a family of computer
>   networking technologies for local area networks (LANs) commercially
>   introduced in 1980. Standardized in IEEE 802.3, Ethernet has
>   largely replaced competing wired LAN technologies. For clarity in
>   our protocol, Ethernet is defined as the cabling between a device
>   and a network component such as a router or a switch.
>
>
>
>     o P - Protocol
>
>   A communications protocol is a system of digital message formats and
>   rules for exchanging those messages in or between computing systems
>   and in telecommunications. A protocol may have a formal
>   description.
>
>
> Oquendo                     Informational                      [Page 5]
>
>
> Internet-Draft                Security Step by STEP                RFC
> 4012012
>
>
>   Protocols may include signaling, authentication and error detection
>   and correction capabilities.
>
>   A protocol definition defines the syntax, semantics, and
>   synchronization of communication; the specified behavior is
>   typically independent of how it is to be implemented. A protocol
>   can therefore be implemented as hardware or software or both.
>
>   In STEP, Protocol is a rule an engineer MUST follow in order to
>   complete STEP. S MUST be in a closed state.
>
>
>
>           Actor ----->       |       Target (secured from the threat)
>                              X
>                             O O
>
>                          (Closed)
>
>
> 5. STEP in Action
>   The following illustrates a remote APT attack against a webserver
>   located in the demilitarized zone of an infrastucture. In the
>   example, an APT attacker is launching a SQLI, XSS and CSRF against a
>   target over the Internet.
>
>   The attacks are common and according to statistics, are the same
>   attacks used to leverage access against major Fortune 500 companies
>   in the past decade.
>
>         +-------+            +-----+      +-----+         +--------+
>         |       |  SQLi      |     |      +     + INGRESS |        |
>         |  APT  | ------->   | ISP | ---> + ISP + ------> | Target |
>         |       | XSS/CSRF   |  A  |      +  B  +         |  www   |
>         |       |            |     |      +     +         |        |
>         +-------+            +-----+      +-----+         +--------+
>
>     o Figure 5.1 Attacker launching attacks
>         +-------+            +-----+      +-----+         +--------+
>         |       |  TCP       |     |      +     + Reverse |        |
>         |  APT  | <------    | ISP | <--- + ISP + <------ | Target |
>         |       |            |  A  |      +  B  +  Shell  |  www   |
>         |       |            |     |      +     +         |        |
>         +-------+            +-----+      +-----+         +--------+
>
>     o Figure 5.2 Attacker executing a reverse shell
>
>
> Oquendo                            Informational
> [Page 6]
>
>
> Internet-Draft                Security Step by STEP                RFC
> 4012012
>
>
>
>   In the illustration, an attacker is almost certainly attempting to
>   obtain a reverse shell. This enables an attacker to access a device
>   as if one were physically present at the device itself.
>   Using STEP we can mitigate and deny this attack from various points:
>
>
>          +-------+           +-----+      +-----+         +--------+
>          |       | SQLi      |     |      +     +    |    |        |
>          |  APT  | ------->  | ISP | ---> + ISP + -->|    | Target |
>          |       | XSS/CSRF  |  A  |      +  B  +    x    |  www   |
>          |       |           |     |      +     +   o o   |        |
>          +-------+           +-----+      +-----+         +--------+
>
>     o Figure 5.2 Ingress STEP
>
>          +-------+           +-----+       +-----+        +--------+
>          |       | Attack    |     |   |   +     +        |        |
>          |  APT  | ------>   | ISP | ->|   + ISP +        | Target |
>          |       |           |  A  |   x   +  B  +        |  www   |
>          |       |           |     |  o o  +     +        |        |
>          +-------+           +-----+       +-----+        +--------+
>
>     o Figure 5.4 Provider based STEP
>
>
>   Both instances of STEP successfully demonstrate the power of the
>   STEP protocol. In no case, can an attacker successfully launch any
>   attack against a target as the security posture has now been
>   hardened.
>
> 6. Security Considerations
>
>   Cutting any Ethernet cable could potentially lead to shock and
>   degradation of IP services on your network. Please ensure there are
>   additional Ethernet cables for redundancy. Otherwise there is
>   nothing to consider.
>
>
> 7. IANA Considerations
>
>   There are no alternative considerations.        STEP is the ultimate in
>   security.
>
>
> Oquendo                           Informational
>  [Page 7]
>
>
> Internet-Draft             Security Step by STEP                RFC 4012012
>
>
> 8. Conclusions
>
>   Step defends against APT while minimizing your exposure to SCAMs and
>   FUD.
>
> 8.1. Informative References
>
>   [1]    http://www.amazon.com/b?ie=UTF8&node=689392011
>   [2]    http://ha.ckers.org/xss.html
>   [3]    http://en.wikipedia.org/wiki/Advanced_persistent_threat
>   [4]    http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
>
>
> 9. Acknowledgments
>   Sofia Vergara
>   Kenji, Saki and Coco
>
>
>
>
> Oquendo                        Informational                         [Page
> 8]
>
>
> Internet-Draft           Security Step by STEP                RFC 4012012
>
>
> Appendix A. Copyright
>
>
>
>   Copyright (c) 2012 IETF Trust and the persons identified as authors
>   of the code. All rights reserved.
>
>   Redistribution and use in source and binary forms, with or without
>   modification, are permitted provided that the following conditions
>   are met:
>
>   o   Redistributions of source code must retain the above copyright
>       notice, this list of conditions and the following disclaimer.
>
>   o   Redistributions in binary form must reproduce the above copyright
>       notice, this list of conditions and the following disclaimer in
>       the documentation and/or other materials provided with the
>       distribution.
>   o   Neither the name of Internet Society, IETF or IETF Trust, nor the
>       names of specific contributors, may be used to endorse or promote
>       products derived from this software without specific prior
>       written permission.
>
>   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
>   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
>   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
>   FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
>   COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
>   INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
>   BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
>   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
>   CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
>   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
>   ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
>   POSSIBILITY OF SUCH DAMAGE.
>
>
> Author's Addresses
>
>   Jesus Oquendo
>   E-Fensive Security Strategies
>
>
> Oquendo                      Informational                      [Page 9]
>
>
>
>


More information about the NANOG mailing list