11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES...
-
Upload
jeffery-porter -
Category
Documents
-
view
227 -
download
0
Transcript of 11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES...
11
SECURING INTERNET MESSAGING
Chapter 9
Chapter 9: SECURING INTERNET MESSAGING 2
CHAPTER OBJECTIVES
Explain basic concepts of Internet messaging.
Describe how to secure mail servers.
Describe how to secure mail clients.
Describe how to secure instant messaging (IM).
Chapter 9: SECURING INTERNET MESSAGING 3
UNDERSTANDING INTERNET MESSAGING BASICS
E-mail is a popular communications medium.
E-mail is a common target of attackers and hoaxes.
E-mail security must address servers, clients, and protocols.
IM supports real-time interaction.
Chapter 9: SECURING INTERNET MESSAGING 4
TYPES OF MESSAGING
E-mail Standardized protocols
Delayed communication
IM Few standards
Real-time communication
List of online partners
Chapter 9: SECURING INTERNET MESSAGING 5
E-MAIL PROCESSING
Store and forward mechanism
DNS Mail Exchanger (MX) records
American Standard Code for Information Interchange (ASCII) format
Multipurpose Internet Mail Extensions (MIME) encoding
Chapter 9: SECURING INTERNET MESSAGING 6
STORE AND FORWARD
Chapter 9: SECURING INTERNET MESSAGING 7
E-MAIL HEADER
Sender and receiver addresses
MIME attachments
E-mail client software
E-mail servers
Clear text, unencrypted
Chapter 9: SECURING INTERNET MESSAGING 8
E-MAIL PROTOCOLS
Simple Mail Transfer Protocol (SMTP)
Post Office Protocol (POP)
Internet Message Access Protocol (IMAP)
Chapter 9: SECURING INTERNET MESSAGING 9
HOW E-MAIL SERVERS SEND AND RECEIVE MESSAGES
Chapter 9: SECURING INTERNET MESSAGING 10
NATIVE E-MAIL SECURITY
No encryption
Easily intercepted
No authentication
Easily forged or spoofed
Chapter 9: SECURING INTERNET MESSAGING 11
SPAM
Spam can be either unsolicited commercial e-mail (UCE) or unwanted noncommercial e-mail.
More than half of all e-mail on the Internet is spam.
Spam wastes significant online resources.
Filters and blacklists reduce spam.
Chapter 9: SECURING INTERNET MESSAGING 12
REDUCING SPAM
Never respond to spam.
Don’t post your e-mail address on your Web site.
Use a secondary e-mail address in newsgroups.
Don’t provide your e-mail address online without knowing how it will be used.
Use a spam filter.
Never buy anything advertised in spam.
Chapter 9: SECURING INTERNET MESSAGING 13
SCAMS
The purpose of a scam is to defraud rather than sell a product.
Education is the best defense.
Create a policy to control the release of sensitive information.
Chapter 9: SECURING INTERNET MESSAGING 14
HOAXES
Spread misleading information, often called urban myths
Often spread like chain letters
Often start with malicious intent
Inappropriately use e-mail systems
Can be minimized by educating users about the proper handling of hoaxes
Chapter 9: SECURING INTERNET MESSAGING 15
E-MAIL SERVER VULNERABILITIES
Data theft or tampering
Denial of service (DoS)
Spam, scams, and hoaxes
Spoofing
Mail relay
E-mail viruses
Chapter 9: SECURING INTERNET MESSAGING 16
SECURING E-MAIL SERVERS
Remove unnecessary components.
Block unused protocols.
Disable relaying from unauthenticated connections.
Configure an SMTP bridgehead server.
Install virus filters and antivirus software.
Keep your software updated.
Chapter 9: SECURING INTERNET MESSAGING 17
E-MAIL ACCESS CONTROL
When authenticating client access, consider POP and IMAP
Proprietary protocols
Web-based e-mail
SMTP
Chapter 9: SECURING INTERNET MESSAGING 18
POP AND IMAP
POP is used more often than IMAP.
Both transmit in clear text.
There are several ways to authenticate a POP user, including Secure Password Authentication (SPA)
Authenticated Post Office Protocol (APOP)
Encrypted transport protocols such as Internet Protocol Security (IPSec) can be used.
Chapter 9: SECURING INTERNET MESSAGING 19
PROPRIETARY PROTOCOLS
Nonstandard protocols
Wider range of features
Various levels of authentication security
Different vulnerabilities
Chapter 9: SECURING INTERNET MESSAGING 20
WEB-BASED E-MAIL
Allows browser-based access
Is more versatile for mobile users
Uses strong Web-based authentication
Uses Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
Chapter 9: SECURING INTERNET MESSAGING 21
SMTP ACCESS CONTROL
Allows only authenticated users to send e-mail
Supports password authentication
Limits SMTP access to local POP clients
Chapter 9: SECURING INTERNET MESSAGING 22
SMTP RELAY
SMTP relay forwards incoming messages to another mail server for delivery.
Open relays can be hijacked by spammers.
SMTP relaying should be limited to internal systems.
Limit access to local clients and approved servers to prevent SMTP relay.
Chapter 9: SECURING INTERNET MESSAGING 23
OPEN RELAYING
Chapter 9: SECURING INTERNET MESSAGING 24
MONITORING E-MAIL
Monitoring can be a privacy issue.
Scan for viruses and malicious code.
Scan to prevent disclosure of confidential information.
Chapter 9: SECURING INTERNET MESSAGING 25
E-MAIL CLIENT VULNERABILITIES
Impersonation or spoofing
Eavesdropping
Hypertext Markup Language (HTML) vulnerabilities
Software that has not been updated
Viruses and executable programs spread through e-mail messages
Web-based e-mail
Chapter 9: SECURING INTERNET MESSAGING 26
SECURING MAIL CLIENTS
Keep e-mail clients updated.
Configure security settings on mail servers.
Educate users on safe e-mail practices.
Chapter 9: SECURING INTERNET MESSAGING 27
ENCRYPTION AND SIGNING
Encryption provides confidentiality for e-mail.
There are two ways to secure e-mail: Pretty Good Privacy (PGP)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
PGP and S/MIME are based on public key cryptography.
Clients must have a certificate issued by a certification authority (CA).
Chapter 9: SECURING INTERNET MESSAGING 28
THREATS TO IM
Unencrypted data transfers are prone to eavesdropping.
Transferred files might bypass virus scanners.
IM has vulnerabilities, such as buffer overflows.
Sensitive information might be disclosed.
Chapter 9: SECURING INTERNET MESSAGING 29
HOW IM WORKS
Chapter 9: SECURING INTERNET MESSAGING 30
IM SECURITY
Prohibit the use of IM, if possible.
Block IM traffic on network borders.
Specify and restrict IM software.
Use IM encryption.
Define the acceptable use of IM.
Chapter 9: SECURING INTERNET MESSAGING 31
IM SECURITY (CONT.)
Train users how to safely use IM.
Update virus scanners.
Keep IM software updated and patched.
Use internal IM servers.
Chapter 9: SECURING INTERNET MESSAGING 32
SUMMARY
Secure e-mail servers, e-mail clients, and the communications between them.
Defend your networks against spam and other unwanted e-mail.
Securing e-mail clients includes configuring secure authentication methods. Another important client configuration task is to configure the encryption and signing capabilities of the client software.
Secure IM by preventing its use in your organization or by controlling the types of information that can be exchanged by using IM.