TLS und SMTP - Strotmann.de
Transcription
TLS und SMTP - Strotmann.de
DNSSEC und Dane TLS Transportverschlüsselung mit DNSSEC Unterstützung Jörg Zimmermann, Patrick Kötter, Carsten Strotmann © Men & Mice http://menandmice.com Thursday 30 October 14 About me © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS DHCP © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS DHCP IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS DHCP DNSSEC IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS DHCP DNSSEC Unix IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS Windows DHCP DNSSEC Unix IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS Windows DHCP DNSSEC Men & Mice, Iceland Unix IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS Windows DHCP DNSSEC Men & Mice, Iceland Sys4 Unix IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 About me DNS Windows DHCP DNSSEC Men & Mice, Iceland Sys4 LinuxHotel Unix IPv6 © Men & Mice http://menandmice,com Thursday 30 October 14 DA(e)NEn lügen nicht Thursday 30 October 14 TLS und SMTP 4 Thursday 30 October 14 TLS und SMTP 4 Thursday 30 October 14 TLS und SMTP 4 Thursday 30 October 14 TLS und SMTP 4 Thursday 30 October 14 TLS und SMTP 5 Thursday 30 October 14 TLS und SMTP 5 Thursday 30 October 14 TLS und SMTP 5 Thursday 30 October 14 TLS und SMTP STARTTLS? 5 Thursday 30 October 14 TLS und SMTP STARTTLS? 6 Thursday 30 October 14 TLS und SMTP STARTTLS! 6 Thursday 30 October 14 STARTTLS? TLS und SMTP STARTTLS! 6 Thursday 30 October 14 STARTTLS? TLS und SMTP STARTTLS! 6 Thursday 30 October 14 STARTTLS? TLS und SMTP STARTTLS! 6 Thursday 30 October 14 STARTTLS? TLS und SMTP Fälschung 7 Thursday 30 October 14 TLS und SMTP Fälschung 7 Thursday 30 October 14 TLS und SMTP STARTTLS? Fälschung 7 Thursday 30 October 14 TLS und SMTP STARTTLS? Fälschung 7 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS! Fälschung 7 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS! Fälschung 7 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS! Fälschung 7 Thursday 30 October 14 TLS und SMTP Men in the Middle 8 Thursday 30 October 14 TLS und SMTP Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS? STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS? STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS? STARTTLS! STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS? STARTTLS! STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS? STARTTLS! STARTTLS! Men in the Middle 8 Thursday 30 October 14 TLS und SMTP Men in the Middle 9 Thursday 30 October 14 TLS und SMTP Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? NEIN! Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? NEIN! Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? STARTTLS? NEIN! Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? NEIN! STARTTLS? NEIN! Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? NEIN! STARTTLS? NEIN! Men in the Middle 9 Thursday 30 October 14 TLS und SMTP STARTTLS? NEIN! STARTTLS? NEIN! Men in the Middle 9 Thursday 30 October 14 TLS != PGP TLS 10 Thursday 30 October 14 TLS != PGP TLS PGP 10 Thursday 30 October 14 TLSA/SMTP • Absicherung von TLS Zertifikaten über DNS(SEC) • Hash des Zertifikates (oder das ganze Zertifikat) werden im DNS gespeichert • Annahme: der Besitzer der DNS-Domain ist auch Besitzer des Zertifikates 11 Thursday 30 October 14 TLSA/SMTP • Sicherheitslevel ist vergleichbar mit Domain-(E-Mail) validierten Zertifikaten • TLSA kann self-signed Zertifikate absichern • TLSA kann X509 Zertifikate von Certification Authorities (Symantec, Comodo, StartSSL, CACert …) absichern 12 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? STARTTLS! SMTP MTA TLS Zertifikat 13 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS STARTTLS? STARTTLS! SMTP MTA TLS Zertifikat 13 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS TLSA? STARTTLS? STARTTLS! SMTP MTA TLS Zertifikat 13 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS TLSA? STARTTLS? STARTTLS! SMTP MTA TLS Zertifikat 13 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS SMTP MTA SMTP MTA 14 Thursday 30 October 14 TLS und SMTP DNS DNS SMTP MTA SMTP MTA 14 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? SMTP MTA SMTP MTA 14 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? STARTTLS! SMTP MTA SMTP MTA 14 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? STARTTLS! SMTP MTA SMTP MTA 14 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? STARTTLS! SMTP MTA TLS Zertifikat 14 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS STARTTLS? STARTTLS! SMTP MTA SMTP MTA 15 Thursday 30 October 14 TLS und SMTP DNS DNS TLSA! STARTTLS? STARTTLS! SMTP MTA SMTP MTA 15 Thursday 30 October 14 TLS und SMTP DNS DNS TLSA! STARTTLS? STARTTLS! SMTP MTA SMTP MTA 15 Thursday 30 October 14 DNSSEC check TLS und SMTP DNS DNS TLSA! STARTTLS? STARTTLS! SMTP MTA SMTP MTA 15 Thursday 30 October 14 DNSSEC check TLS und SMTP DNS DNS STARTTLS! STARTTLS! SMTP MTA SMTP MTA 16 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS! STARTTLS! SMTP MTA SMTP MTA 16 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS! STARTTLS! SMTP MTA SMTP MTA 16 Thursday 30 October 14 TLS und SMTP DNS DNS SMTP MTA SMTP MTA Men in the Middle 17 Thursday 30 October 14 TLS und SMTP DNS DNS SMTP MTA SMTP MTA Men in the Middle 17 Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? SMTP MTA Men in the Middle 17 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS STARTTLS? NEIN! SMTP MTA Men in the Middle 17 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS STARTTLS? NEIN! SMTP MTA Men in the Middle 17 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS TLSA? STARTTLS? NEIN! SMTP MTA Men in the Middle 17 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS STARTTLS? NEIN! SMTP MTA Men in the Middle 18 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS TLSA! STARTTLS? NEIN! SMTP MTA Men in the Middle 18 Thursday 30 October 14 SMTP MTA TLS und SMTP DNS DNS TLSA! STARTTLS? NEIN! SMTP MTA Men in the Middle 18 Thursday 30 October 14 SMTP MTA DNSSEC check TLS und SMTP DNS DNS TLSA! STARTTLS? NEIN! SMTP MTA Men in the Middle 18 Thursday 30 October 14 SMTP MTA DNSSEC check TLS und SMTP DNSSEC check DNS DNS TLSA! STARTTLS? NEIN! SMTP MTA Men in the Middle 18 Thursday 30 October 14 SMTP MTA ALARM! MITM Angriff TLS und SMTP DNS DNS SMTP MTA SMTP MTA Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS SMTP MTA SMTP MTA Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? SMTP MTA SMTP MTA Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS TLSA? STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS TLSA! STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 TLS und SMTP DNS DNS TLSA! STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 DNSSEC check TLS und SMTP DNS DNS TLSA! STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 DNSSEC check TLS und SMTP DNSSEC check DNS DNS TLSA! STARTTLS? SMTP MTA SMTP MTA STARTTLS! Fälschung Thursday 30 October 14 ALARM! Falscher Server! Infrastruktur DNS • DNSSEC Validierung (Caching DNS Resolver) • • BIND 9, Unbound, dnsmasq, Windows 2012 DNSSEC signierte Zonen (Authoritativer DNS Server) • BIND 9, NSD, Knots, Y.A.D.I.F.A., PowerDNS, Bundy-DNS, Windows 2012* 21 Thursday 30 October 14 * Windows 2012(R2) unterstützt derzeit nicht den TLSA Record Typ Infrastruktur Mail • MTA mit TLSA Unterstützung • • Postfix 2.11, Exim (in Vorbereitung) TLS Zertifikate • EV-Zertifikat (Extended Validation) • DV-Zertifikat (Domain Validation) • Self-signed Zertifikat 22 Thursday 30 October 14 BIND 9.9.x DNSSEC • DNSSEC Validierung einschalten: options { … dnssec-validation auto; dnssec-lookaside auto; }; 23 Thursday 30 October 14 TLSA-Record • TLSA hash manuell erstellen: $ openssl x509 -in mail.example.de.crt -outform DER | openssl sha256 (stdin)= 8cb0fc6c527506a053f4f14c8464bebbd6dede2738d11468dd953d7d6a3021f1 • TLSA Record: _25._tcp.mail.example.de. 3600 IN TLSA 3 0 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede 2738d11468dd953d7d6a3021f1 ) 24 Thursday 30 October 14 TLSA-Record • TLSA Record mit ldns-dane erstellen: $ ldns-dane create www.bund.de 443 _443._tcp.www.bund.de. 3600IN TLSA3 0 1 8f28b062eaa9f917042a63d35d99e017c68d89eaa314c49a3ef94b6e770b0a49 • TLSA Record mit ldns-dane prüfen: $ ldns-dane verify www.bund.de 443 77.87.229.48 dane-validated successfully 25 Thursday 30 October 14 TLSA-Record testen shell> dig _25._tcp.mail.example.de. +dnssec +m ; <<>> DiG 9.9.5 <<>> _25._tcp.mail.example.de TLSA +dnssec +m ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13973 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;_25._tcp.mail.example.de. IN TLSA ;; ANSWER SECTION: _25._tcp.mail.example.de. _25._tcp.mail.example.de. ;; ;; ;; ;; 3588 IN TLSA 3 1 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede 2738d11468dd953d7d6a3021f1 ) 3588 IN RRSIG TLSA 8 5 3600 ( 20140324063111 20140317121843 4390 example.de. RBgAAzQx3gks0KKJHuJ7qKd61jpY8E6dwDM6inPPa6Ee xV8OBnAzhF4RMKSabHF0LNwRzWqE5xNfPibMQFDoDRKJ /QiNgux/IXti3JqtH4BkT0w7Ooi+8DZsil9BTjg6WkaX 1FuJ4rJ2r3hXS7eIOFWtOF7pPVPdIIaRB6xp+1A= ) Query time: 9 msec SERVER: 127.0.0.1#53(127.0.0.1) WHEN: Mon Mar 17 19:29:45 CET 2014 MSG SIZE rcvd: 142 26 Thursday 30 October 14 TLSA-Record testen DNSSEC shell> dig _25._tcp.mail.example.de. +dnssec +m check OK ; <<>> DiG 9.9.5 <<>> _25._tcp.mail.example.de ;; ;; ;; ;; TLSA +dnssec +m global options: +cmd Got answer: ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13973 flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;_25._tcp.mail.example.de. IN TLSA ;; ANSWER SECTION: _25._tcp.mail.example.de. _25._tcp.mail.example.de. ;; ;; ;; ;; 3588 IN TLSA 3 1 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede 2738d11468dd953d7d6a3021f1 ) 3588 IN RRSIG TLSA 8 5 3600 ( 20140324063111 20140317121843 4390 example.de. RBgAAzQx3gks0KKJHuJ7qKd61jpY8E6dwDM6inPPa6Ee xV8OBnAzhF4RMKSabHF0LNwRzWqE5xNfPibMQFDoDRKJ /QiNgux/IXti3JqtH4BkT0w7Ooi+8DZsil9BTjg6WkaX 1FuJ4rJ2r3hXS7eIOFWtOF7pPVPdIIaRB6xp+1A= ) Query time: 9 msec SERVER: 127.0.0.1#53(127.0.0.1) WHEN: Mon Mar 17 19:29:45 CET 2014 MSG SIZE rcvd: 142 26 Thursday 30 October 14 TLSA-Record testen DNSSEC shell> dig _25._tcp.mail.example.de. +dnssec +m check OK ; <<>> DiG 9.9.5 <<>> _25._tcp.mail.example.de ;; ;; ;; ;; TLSA +dnssec +m global options: +cmd Got answer: ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13973 flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 TLSA Record ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;_25._tcp.mail.example.de. IN TLSA ;; ANSWER SECTION: _25._tcp.mail.example.de. _25._tcp.mail.example.de. ;; ;; ;; ;; 3588 IN TLSA 3 1 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede 2738d11468dd953d7d6a3021f1 ) 3588 IN RRSIG TLSA 8 5 3600 ( 20140324063111 20140317121843 4390 example.de. RBgAAzQx3gks0KKJHuJ7qKd61jpY8E6dwDM6inPPa6Ee xV8OBnAzhF4RMKSabHF0LNwRzWqE5xNfPibMQFDoDRKJ /QiNgux/IXti3JqtH4BkT0w7Ooi+8DZsil9BTjg6WkaX 1FuJ4rJ2r3hXS7eIOFWtOF7pPVPdIIaRB6xp+1A= ) Query time: 9 msec SERVER: 127.0.0.1#53(127.0.0.1) WHEN: Mon Mar 17 19:29:45 CET 2014 MSG SIZE rcvd: 142 26 Thursday 30 October 14 TLSA-Record testen DNSSEC shell> dig _25._tcp.mail.example.de. +dnssec +m check OK ; <<>> DiG 9.9.5 <<>> _25._tcp.mail.example.de ;; ;; ;; ;; TLSA +dnssec +m global options: +cmd Got answer: ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13973 flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 TLSA Record ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;_25._tcp.mail.example.de. IN TLSA ;; ANSWER SECTION: _25._tcp.mail.example.de. _25._tcp.mail.example.de. ;; ;; ;; ;; 3588 IN TLSA 3 1 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede 2738d11468dd953d7d6a3021f1 ) 3588 IN RRSIG TLSA 8 5 3600 ( 20140324063111 20140317121843 4390 example.de. RBgAAzQx3gks0KKJHuJ7qKd61jpY8E6dwDM6inPPa6Ee xV8OBnAzhF4RMKSabHF0LNwRzWqE5xNfPibMQFDoDRKJ /QiNgux/IXti3JqtH4BkT0w7Ooi+8DZsil9BTjg6WkaX 1FuJ4rJ2r3hXS7eIOFWtOF7pPVPdIIaRB6xp+1A= ) Query time: 9 msec SERVER: 127.0.0.1#53(127.0.0.1) WHEN: Mon Mar 17 19:29:45 CET 2014 MSG SIZE rcvd: 142 26 Thursday 30 October 14 DNSSEC Signatur Postfix Konfiguration • TLSA Prüfung in der Postfix Konfiguration: shell> postconf -e "smtpd_use_tls = yes" shell> postconf -e "smtp_dns_support_level = dnssec" shell> postconf -e "smtp_tls_security_level = dane" 27 Thursday 30 October 14 STARTTLS testen • Test einer STARTTLS-Verbindung zum Mailserver: shell> openssl s_client -connect mail1.example.de:25 -starttls smtp CONNECTED(00000003) --Certificate chain 0 s:/C=DE/ST=State/L=City/O=Company/OU=Mailserver/CN=mail1.example.de i:/C=DE/ST=State/L=City/O=Company/OU=Mailserver/CN=mail1.example.de --Server certificate -----BEGIN CERTIFICATE----[..] Start Time: 1394991261 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --221 2.0.0 Bye closed shell> 28 Thursday 30 October 14 Postfix log (ungesichertes TLS) • Postfix log TLS ohne DNSSEC TLSA Prüfung (DANE): Mar 16 19:10:55 m3 postfix/qmgr[25923]: 2B1A680337: from=<[email protected]>, size=291, nrcpt=1 (queue active) Mar 16 19:11:03 m3 postfix/smtp[25929]: Untrusted TLS connection established to mail1.example.de[2001:db8:100::25]:25: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) Mar 16 19:11:05 m3 postfix/smtp[25929]: 2B1A680337: to=<[email protected]>, relay=mail1.example.de[2001:db8:100::25]:25, delay=16, delays=6.2/0.01/7.9/2.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3fn80C2DP5zTT) Mar 16 19:11:05 m3 postfix/qmgr[25923]: 2B1A680337: removed 29 Thursday 30 October 14 Postfix log (DNSSEC gesichertes TLS) • Postfix log TLS mit DNSSEC TLSA Prüfung (DANE): Mar 16 19:20:01 m3 postfix/qmgr[26122]: 8FBEE80337: from=<[email protected]>, size=285, nrcpt=1 (queue active) Mar 16 19:20:01 m3 postfix/smtp[26131]: Verified TLS connection established to mail.example.de[2001:db8:100::25]:25: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) Mar 16 19:20:03 m3 postfix/smtp[26131]: 8FBEE80337: to=<[email protected]>, relay=mail.example.de[2001:db8:100::25]:25, delay=149, delays=147/0.03/0.13/1.8, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3fn8BY3ltPzTT) Mar 16 19:20:03 m3 postfix/qmgr[26122]: 8FBEE80337: removed 30 Thursday 30 October 14 posttls-finger (DNSSEC gesichertes TLS) • Posttls-finger TLSA Prüfung (ab Postfix 2.11): $ posttls-finger mail.bund.de posttls-finger: using DANE RR: _25._tcp.mx2.bund.de IN TLSA 3 0 1 59:E3:CF:5F:A1:51:55:3F:45:76:C9:4C: 25:00:D7:05:EF:DD:D8:55:B6:A5:9D:88:D2:8D:03:28:87:6A:04:CB posttls-finger: Connected to mx2.bund.de[77.87.228.110]:25 posttls-finger: < 220 mx2.bund.de ESMTP posttls-finger: > EHLO m3.myinfrastructure.org posttls-finger: < 250-bn4-node11.sc.bund.de posttls-finger: < 250-PIPELINING posttls-finger: < 250-SIZE 20961280 posttls-finger: < 250-ETRN posttls-finger: < 250-STARTTLS posttls-finger: < 250-ENHANCEDSTATUSCODES posttls-finger: < 250 8BITMIME posttls-finger: > STARTTLS posttls-finger: < 220 2.0.0 Ready to start TLS posttls-finger: mx2.bund.de[77.87.228.110]:25: depth=0 matched end entity certificate sha256 digest 59:E3:CF:5F:A1:51:55:3F: 45:76:C9:4C:25:00:D7:05:EF:DD:D8:55:B6:A5:9D:88:D2:8D:03:28:87:6A:04:CB posttls-finger: mx2.bund.de[77.87.228.110]:25: Matched subjectAltName: mx2.bund.de posttls-finger: mx2.bund.de[77.87.228.110]:25 CommonName mx2.bund.de posttls-finger: mx2.bund.de[77.87.228.110]:25: subject_CN=mx2.bund.de, issuer_CN=CA IVBB Deutsche Telekom AG 11, fingerprint=72:78:BE:C8:3E:61:A0:12:BE:BF:3B:79:F0:CE:9A:A2:8C:26:24:FF, pkey_fingerprint=3A:3E:5F:A4:50:F8:DD:FC:56:35:FF: 08:2A:F9:ED:82:B9:AB:7B:82 posttls-finger: Verified TLS connection established to mx2.bund.de[77.87.228.110]:25: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) posttls-finger: > EHLO m3.myinfrastructure.org posttls-finger: < 250-bn4-node11.sc.bund.de posttls-finger: < 250-PIPELINING posttls-finger: < 250-SIZE 20961280 posttls-finger: < 250-ETRN posttls-finger: < 250-ENHANCEDSTATUSCODES posttls-finger: < 250 8BITMIME posttls-finger: > QUIT posttls-finger: < 221 2.0.0 Bye 31 Thursday 30 October 14 TLSA-Info Webseite http://tlsa.info Thursday 30 October 14 DANE TLSA Vorteile • Verschlüsselte Verbindung zwischen Server wird authentisiert • STARTTLS "downgrade" Angriffe werden verhindert • TLS/SSL Zertifikate sind gegen Fälschung abgesichert • CRL/OCSP wird nicht benötigt, um TLS/SSL Zertifikate auszutauschen Thursday 30 October 14 Mehr als nur SMTP • TLSA für HTTPS • OPENPGPKEY — PGP Schlüssel im DNS • IPSECKEY — IPSEC Schlüssel im DNS • SSHFP — SSH Server Fingerprints • Prosody Jabber Server http://bridge.grumpy-troll.org/2014/05/xmpp-dane-with-prosody/ • Gajim Jabber Client https://github.com/irl/gajim • S/MIME • SRV — DNS Service Discovery Thursday 30 October 14 www.dnssec-validator.cz Thursday 30 October 14 www.dnssec-validator.cz Thursday 30 October 14 Internet “in der Box” Authoritative DNS “.”, “org”, “dnslab.org” recursive DNS .252 .251 192.168.53/24 student workstations 192.168.53.128-148 (DHCP) 10.0.0.0/24 (WLAN “dns-training”) virtual servers 192.168.53.101, 102, 103 ... © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Sicherheitsprobleme © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Cache ISP resolving DNS Server evil resolver “alternic.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A Cache ISP resolving DNS Server evil resolver “alternic.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver “alternic.net” authoritative DNS Server Cache ISP resolving DNS Server Interative query for www.alternic.net/A unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver Cache ISP resolving DNS Server Interative query for www.alternic.net/A response including bogus www.internic.net/A RR “alternic.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver Cache ISP resolving DNS Server Interative query for www.alternic.net/A response including bogus www.internic.net/A RR “alternic.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver Cache ISP resolving DNS Server Interative query for www.alternic.net/A response including bogus www.internic.net/A RR “alternic.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver ISP resolving DNS Server Interative query for www.alternic.net/A response including bogus www.internic.net/A RR “alternic.net” authoritative DNS Server Cache Recursive query for www.internic.net/A unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver ISP resolving DNS Server Interative query for www.alternic.net/A response including bogus www.internic.net/A RR “alternic.net” authoritative DNS Server Cache Recursive query for www.internic.net/A unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Triggered” Cache Poisioning Recursive query for www.alternic.net/A evil resolver ISP resolving DNS Server Interative query for www.alternic.net/A response including bogus www.internic.net/A RR “alternic.net” authoritative DNS Server Cache Recursive query for www.internic.net/A bogus response unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Die Query-IDs in DNS Anfragen sind nicht immer zufällig gewählt Cache ISP resolving DNS Server evil resolver “mybank.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Die Query-IDs in DNS Anfragen sind nicht immer zufällig gewählt Recursive query for www.mybank.net/A Cache ISP resolving DNS Server evil resolver “mybank.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Die Query-IDs in DNS Anfragen sind nicht immer zufällig gewählt Recursive query for www.mybank.net/A evil resolver “mybank.net” authoritative DNS Server Cache ISP resolving DNS Server Interative query for www.mybank.net/A unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden Cache ISP resolving DNS Server evil resolver “mybank.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden flood of responses for www.mybank.net with pre-calculated IDs Cache ISP resolving DNS Server evil resolver response for www.mybank.net/A RR “mybank.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden flood of responses for www.mybank.net with pre-calculated IDs Cache ISP resolving DNS Server evil resolver response for www.mybank.net/A RR “mybank.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden flood of responses for www.mybank.net with pre-calculated IDs Cache ISP resolving DNS Server evil resolver response for www.mybank.net/A RR “mybank.net” authoritative DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden flood of responses for www.mybank.net with pre-calculated IDs Cache ISP resolving DNS Server evil resolver response for www.mybank.net/A RR “mybank.net” authoritative DNS Server Recursive query for www.mybank.net/A unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden flood of responses for www.mybank.net with pre-calculated IDs Cache ISP resolving DNS Server evil resolver response for www.mybank.net/A RR “mybank.net” authoritative DNS Server Recursive query for www.mybank.net/A unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Probleme mit den Zufallszahlen • Dies kann von Angreifern ausgenutzt werden flood of responses for www.mybank.net with pre-calculated IDs Cache ISP resolving DNS Server evil resolver response for www.mybank.net/A RR “mybank.net” authoritative DNS Server Recursive query for www.mybank.net/A bogus response unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server HTTP request evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server HTTP request evil resolver Webpage with thousands of fake image links <img <img <img <img .... Cache src=”aaaaa.mybank.com”.. src=”aaaab.mybank.com”.. src=”aaaac.mybank.com”.. src=”aaaad.mybank.com”.. “mybank.com” authoritative DNS Servers resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server Each Image Tag will trigger one DNS lookup unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server Each Image Tag will trigger one DNS lookup unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server DNS lookups will be send to the authoritative DNS Servers evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server Each Image Tag will trigger one DNS lookup unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server Attacker will swamp caching DNS Server with fake responses evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server Attacker will swamp caching DNS Server with fake responses evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server Attacker will swamp caching DNS Server with fake responses Some good answers will loose the race evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server Attacker will swamp caching DNS Server with fake responses Some good answers will loose the race evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server Attacker will swamp caching DNS Server with fake responses Some good answers will loose the race “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server Fake response will be cached unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache request for www.mybank.com./A RR resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache request for www.mybank.com./A RR resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server request for www.mybank.com./A RR false answer from poisoned cache unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server HTTP request “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server request for www.mybank.com./A RR false answer from poisoned cache unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski evil web-server Client is connecting to a “pharming” website “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server HTTP request request for www.mybank.com./A RR false answer from poisoned cache unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski • Angreifer plazieren falsche Delegationsinformationen in einen DNS Cache ;; ANSWER SECTION: aaaa.mybank.com. 120 IN A 1.2.3.4 ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski • Angreifer plazieren falsche Delegationsinformationen in einen DNS Cache ;; ANSWER SECTION: aaaa.mybank.com. 120 IN A 1.2.3.4 ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 hohe TTL © Men & Mice http://menandmice.com Thursday 30 October 14 Sommer 2008: Dan Kaminski • Angreifer plazieren falsche Delegationsinformationen in einen DNS Cache ;; ANSWER SECTION: aaaa.mybank.com. 120 IN A 1.2.3.4 ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 hohe TTL falsche IP Adressen der DNS Server © Men & Mice http://menandmice.com Thursday 30 October 14 DNS poisoning durch IP Fragmente • Ein neuer Angriff, vorgestellt auf der IETF 87 in Berlin August 2013 • benötigt große DNS-Antwort-Pakete, welche auf dem Transportweg fragmentiert werden (z. B. große TXT-Record-Sets - SPF etc) • dieser Angriff wirkt speziell bei DNSSEC signierten Zonen (große Antworten), wenn der DNS Resolver die Daten nicht validiert! • DNSSEC Resolver validieren und antworten mit “SERVFAIL”, aber die Client-Maschine hat auch einen DNS-Server in der Konfiguration, welcher nicht DNSSEC validiert, und die gefälschte Antwort kommt durch • laut Forschungen von Geoff Huston (APNIC) sind diese Situationen häufig © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (1) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (1) evil web-server HTTP request evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (1) evil web-server HTTP request evil resolver Webpage with that triggers DNS requests with large DNS answers “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (2) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (2) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (2) evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server DNS lookup for the domain name unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (2) evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server DNS lookup for the domain name unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (2) evil web-server DNS lookups will be send to the authoritative DNS Servers evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server DNS lookup for the domain name unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (3) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (3) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (3) evil web-server Answer with Fragment part 1 evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (4) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (4) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (4) Attacker will swamp caching DNS Server with fake fragment 2 packets evil resolver evil web-server “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (4) Attacker will swamp caching DNS Server with fake fragment 2 packets evil web-server Answer with Fragment part 2 evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (4) Attacker will swamp caching DNS Server with fake fragment 2 packets evil web-server Answer with Fragment part 2 evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (4) Attacker will swamp caching DNS Server with fake fragment 2 packets evil web-server Answer with Fragment part 2 “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server Fake response will be cached unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (5) evil web-server evil resolver “mybank.com” authoritative DNS Servers Cache resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (5) evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache request for www.mybank.com./A RR resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (5) evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache request for www.mybank.com./A RR resolving DNS Server unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (5) evil web-server “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server request for www.mybank.com./A RR false answer from poisoned cache unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (5) evil web-server HTTP request “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server request for www.mybank.com./A RR false answer from poisoned cache unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff (5) evil web-server Client is connecting to a “pharming” website “mybank.com” authoritative DNS Servers evil resolver Cache resolving DNS Server HTTP request request for www.mybank.com./A RR false answer from poisoned cache unsuspecting resolver © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff • Angreifer versuchen falsche Delegations-NS-Records in den Cache zu bringen ;; ANSWER SECTION: mybank.com. 120 IN SPF "v=spf1, a: 192.0.2.10, 192.0.2.22 ..." ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 Fragment 1 Fragment 2 © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff • Angreifer versuchen falsche Delegations-NS-Records in den Cache zu bringen ;; ANSWER SECTION: mybank.com. 120 IN SPF "v=spf1, a: 192.0.2.10, 192.0.2.22 ..." ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 grosse Antwort erzwingt Fragmentierung Fragment 1 Fragment 2 © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff • Angreifer versuchen falsche Delegations-NS-Records in den Cache zu bringen ;; ANSWER SECTION: mybank.com. 120 IN SPF "v=spf1, a: 192.0.2.10, 192.0.2.22 ..." ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 hohe TTL grosse Antwort erzwingt Fragmentierung Fragment 1 Fragment 2 © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff • Angreifer versuchen falsche Delegations-NS-Records in den Cache zu bringen ;; ANSWER SECTION: mybank.com. 120 IN SPF "v=spf1, a: 192.0.2.10, 192.0.2.22 ..." ;; AUTHORITY SECTION: mybank.com. 86400 mybank.com. 86400 IN IN NS NS ns1.mybank.com. ns2.mybank.com. ;; ADDITIONAL SECTION: ns1.mybank.com. 604800 ns2.mybank.com. 604800 IN IN A A 192.0.2.20 192.0.2.30 hohe TTL falsche IP Adressen grosse Antwort erzwingt Fragmentierung Fragment 1 Fragment 2 © Men & Mice http://menandmice.com Thursday 30 October 14 IP-Fragment-Angriff • einige Betriebssysteme (Windows, FreeBSD) benutzen eine sequentielle Fragment-ID • die nächste Fragment-ID kann vom Angreifer erraten werden © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC to the rescue ... © Men & Mice http://menandmice.com Thursday 30 October 14 “Men in the middle” Angriffe • ein Angrifer kann DNS-Daten auf dem Weg ändern www.example.com. A 192.0.2.10 ISP resolving DNS Server www.example.com. A 192.0.2.10 authoritative DNS Server attacker query for www.example.com. www.example.com. A 10.1.2.3 Cache query for www.example.com. client resolver © Men & Mice http://menandmice.com Thursday 30 October 14 “Verrat” des lokalen DNS Resolvers • der Betreiber des DNS Resolvers (öffentliches WLAN) hat volle Kontrolle über die DNS Namensauflösung www.example.com. A 192.0.2.10 insecure/compromised resolving DNS Server attacker authoritative DNS Server query for www.example.com. www.example.com. A 10.1.2.3 Cache query for www.example.com. client resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Angreifer kann lokale DNS Resolver Einstellungen ändern • wie z.B. beim “Ghostclick-Network” geschehen attackers resolving DNS Server attacker has control over this resolving DNS Server authoritative DNS Server attacker changes DNS resolver configuration on the client attacker www.example.com. A 10.1.2.3 ISP/company resolving DNS Server query for www.example.com. client resolver © Men & Mice http://menandmice.com Thursday 30 October 14 Angriffe auf den authoritativen DNS Server • Der Angreifer kann die Daten auf dem authoritativen DNS Server ändern www.example.com. A 10.1.2.3 resolving DNS Server authoritative DNS Server query for www.example.com. www.example.com. A 10.1.2.3 Cache attacker query for www.example.com. client resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC 1983 1988 1990 1995 1999 2001 2005 2008 2010 DNSSEC © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC 1983 1988 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC 1983 1988 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented DNS being used in the Internet © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented DNS being used in the Internet © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet RFC2535 DNSSEC v1 is ready © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 work on DNSSECbis started 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet RFC2535 DNSSEC v1 is ready © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 work on DNSSECbis started 1990 1995 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet RFC2535 DNSSEC v1 is ready March 2005: RFC4033-4035 are published: DNSSEC v2 © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 work on DNSSECbis started 1990 1995 October 2005: .SE signed 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet RFC2535 DNSSEC v1 is ready March 2005: RFC4033-4035 are published: DNSSEC v2 © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 work on DNSSECbis started 1990 1995 October 2005: .SE signed 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet RFC2535 DNSSEC v1 is ready March 2005: RFC4033-4035 are published: DNSSEC v2 RFC 5155: NSEC3 © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 work on DNSSECbis started 1990 1995 October 2005: .SE signed 1999 2001 2005 2008 2010 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet root zone is signed RFC2535 DNSSEC v1 is ready March 2005: RFC4033-4035 are published: DNSSEC v2 RFC 5155: NSEC3 © Men & Mice http://menandmice.com Thursday 30 October 14 History of DNSSEC Steve Bellovin discovers flaw in DNS 1983 1988 work on DNSSECbis started 1990 1995 October 2005: .SE signed 1999 2001 2005 2008 2010 2012 DNSSEC DNS invented work on DNSSEC started in the IETF DNS being used in the Internet root zone is signed Windows 2012 DNSSEC DANE RFC RFC2535 DNSSEC v1 is ready March 2005: RFC4033-4035 are published: DNSSEC v2 RFC 5155: NSEC3 © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Security Extensions • DNSSEC deployment (http://www.internetsociety.org/deploy360/dnssec/maps) http://en.wikipedia.org/wiki/List_of_Internet_top-level_domains © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Security Extensions • DNSSEC growth http://secspider.cs.ucla.edu/pix/growth.png © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Security Extensions • DNSSEC delegations in NL: https://xs.powerdns.com/dnssec-nl-graph/ © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie k1 k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text k1 k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text encrypt k1 k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text cipher text encrypt k1 k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text cipher text encrypt k1 k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text cipher text encrypt k1 cipher text k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text cipher text encrypt k1 cipher text decrypt k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Public-Key Kryptographie plain text cipher text encrypt k1 cipher text plain text decrypt k2 © Men & Mice http://menandmice.com Thursday 30 October 14 Öffentlicher und Privater Schlüssel • Der private Schlüssel wird sicher gespeichert (nicht auf einem Server mit direktem Kontakt zum Internet!) • Der öffentliche Schlüssel wird als DNSKEY Record in der DNS Zone veröffentlicht © Men & Mice http://menandmice.com Thursday 30 October 14 Öffentlicher und Privater Schlüssel • Der private Schlüssel wird sicher gespeichert (nicht auf einem Server mit direktem Kontakt zum Internet!) • Der öffentliche Schlüssel wird als DNSKEY Record in der DNS Zone veröffentlicht © Men & Mice http://menandmice.com Thursday 30 October 14 Öffentlicher und Privater Schlüssel • Der private Schlüssel wird sicher gespeichert (nicht auf einem Server mit direktem Kontakt zum Internet!) • Der öffentliche Schlüssel wird als DNSKEY Record in der DNS Zone veröffentlicht © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server DNS Resolver / Cache © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server DNS Resolver / Cache plain DNS data © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server DNS Resolver / Cache plain DNS data hash fingerprint © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server DNS Resolver / Cache plain DNS data hash fingerprint Verschlüsselung mit privatem Schlüssel k RRsig © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data DNS Resolver / Cache Zonefile hash fingerprint Verschlüsselung mit privatem Schlüssel k RRsig © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data Zonefile hash DNS Daten fingerprint Verschlüsselung mit privatem Schlüssel DNS Resolver / Cache RRsig k RRsig © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data Zonefile hash DNS Daten fingerprint Verschlüsselung mit privatem Schlüssel DNS Resolver / Cache RRsig k öff. Schlüssel RRsig © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data Zonefile hash fingerprint Verschlüsselung mit privatem Schlüssel DNS Resolver / Cache k DNS Daten plain DNS data RRsig RRsig öff. Schlüssel RRsig © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data Zonefile hash fingerprint Verschlüsselung mit privatem Schlüssel RRsig DNS Resolver / Cache k DNS Daten plain DNS data RRsig RRsig öff. Schlüssel entschlüsseln mit öff. Schlüssel k fingerprint © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data Zonefile hash fingerprint Verschlüsselung mit privatem Schlüssel RRsig DNS Resolver / Cache k DNS Daten plain DNS data RRsig RRsig öff. Schlüssel entschlüsseln mit öff. Schlüssel fingerprint k hash fingerprint © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC in einem Bild authoritativer DNS Server plain DNS data Zonefile hash fingerprint Verschlüsselung mit privatem Schlüssel RRsig DNS Resolver / Cache k DNS Daten plain DNS data RRsig RRsig öff. Schlüssel entschlüsseln mit öff. Schlüssel fingerprint k vergleichen hash fingerprint © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone .DE zone privater Schlüssel © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone de. de. .DE zone privater Schlüssel IN SOA (soa param) IN RRSIG (SOA->DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone .DE zone privater Schlüssel de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone .DE zone privater Schlüssel de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) DNSKEY Record der .de Zone © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone .DE zone privater Schlüssel de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) sub.de.. sub.de. sub.de. IN NS ns.example.de. DNSKEY Record der .de Zone IN DS (hash->sub.DE-Key) IN RRSIG (DS->DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone .DE zone privater Schlüssel © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone .DE zone privater Schlüssel .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette Signatures de. Zone .DE zone privater Schlüssel .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette Signatures de. Zone .DE zone privater Schlüssel .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette Signatures de. Zone .DE zone privater Schlüssel .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) .de Zone nicht-authoritative Daten werden nicht signiert (Delegation von sub.de) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette Signatures de. Zone de. de. .DE zone privater Schlüssel IN SOA (soa param) IN RRSIG (SOA->DE-Key) .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) .de Zone nicht-authoritative Daten werden nicht signiert (Delegation von sub.de) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette Signatures de. Zone .DE zone privater Schlüssel de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) .de Zone nicht-authoritative Daten werden nicht signiert (Delegation von sub.de) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette Signatures de. Zone .DE zone privater Schlüssel de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) sub.de.. sub.de. sub.de. IN NS ns.example.de. IN DS (hash->sub.DE-Key) IN RRSIG (DS->DE-Key) .de zone Signaturen werden vom privaten Schlüssel erzeugt (“DE”-Zone-Key) .de Zone nicht-authoritative Daten werden nicht signiert (Delegation von sub.de) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone der DS-Record in der DE-Zone validiert den öffentlichen Schlüssel sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) der DS-Record in der DE-Zone validiert den öffentlichen Schlüssel sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) der DS-Record in der DE-Zone validiert den öffentlichen Schlüssel sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Vertrauenskette de. Zone de. de. IN SOA (soa param) IN RRSIG (SOA->DE-Key) de. de. IN DNSKEY de-Key IN RRSIG (DNSKEY->DE-Key) sub.de.. sub.de. sub.de. IN NS ns.example.de. IN DS (hash->sub.DE-Key) IN RRSIG (DS->DE-Key) der DS-Record in der DE-Zone validiert den öffentlichen Schlüssel sub.de. Zone sub.de privater DNSSEC Schlüssel signiert die Zonen-Daten sub.de. sub.de. IN SOA (soa param) IN RRSIG (SOA->SUB.DE-Key) sub.de. sub.de. IN DNSKEY SUB.DE-Key IN RRSIG (DNSKEY->SUB.DE-Key) sub.de. sub.de. IN NS ns.example.de. IN RRSIG (NS->SUB.DE-Key) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC inline signing (aka BIND 9.9 Style) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing • BIND 9.9.0+ kann DNS Zonen während des Ladevorgangs signieren • beim Laden der Zonendaten aus einer Datei • beim Laden der Zonendaten per Zonentransfer von einem DNS Master Server © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) Zonendatei (unsigniert) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) rndc reconfig Zonendatei (unsigniert) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) unsignierte Zone rndc reconfig Zonendatei (unsigniert) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) unsignierte Zone rndc sign rndc reconfig Zonendatei (unsigniert) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) unsignierte Zone rndc sign DNSSEC signierte Zone rndc reconfig Zonendatei (unsigniert) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) unsignierte Zone rndc sign DNSSEC signierte Zone rndc sync rndc reconfig Zonendatei (unsigniert) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) unsignierte Zone rndc sign DNSSEC signierte Zone rndc sync rndc reconfig Zonendatei (unsigniert) Zonendatei signiert (RAW-Format) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (master) DNSSERVER (slave) unsignierte Zone © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (slave) DNSSERVER (master) unsignierte Zone axfr/ixfr Zonetransfer © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (slave) DNSSERVER (master) unsignierte Zone axfr/ixfr Zonetransfer unsignierte Zone © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (slave) DNSSERVER (master) unsignierte Zone axfr/ixfr Zonetransfer unsignierte Zone rndc sign © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (slave) DNSSERVER (master) unsignierte Zone axfr/ixfr Zonetransfer unsignierte Zone rndc sign DNSSEC signierte Zone © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (slave) DNSSERVER (master) unsignierte Zone axfr/ixfr Zonetransfer unsignierte Zone rndc sign DNSSEC signierte Zone rndc sync © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing DNSSERVER (slave) DNSSERVER (master) unsignierte Zone axfr/ixfr Zonetransfer unsignierte Zone rndc sign DNSSEC signierte Zone rndc sync Zonendatei signiert (RAW-Format) © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing // enable inline signing on a zone zone "dnssec.dnslab.org" IN { type master; auto-dnssec maintain; inline-signing yes; file "dnssec.dnslab.org"; }; © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing // enable inline signing on a zone zone "dnssec.dnslab.org" IN { type master; auto-dnssec maintain; inline-signing yes; file "dnssec.dnslab.org"; Inline-Signing anschalten }; © Men & Mice http://menandmice.com Thursday 30 October 14 Inline Signing // enable inline signing on a zone zone "dnssec.dnslab.org" IN { automatische type master; Signierung und Auffrischung der auto-dnssec maintain; Signaturen inline-signing yes; file "dnssec.dnslab.org"; Inline-Signing anschalten }; © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel Zone signing key (ZSK) # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel Zone signing key (ZSK) # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de Zone signing key (ZSK) © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel Pfad zum Verzeichnis der DNSSEC Schlüssel Zone signing key (ZSK) # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de Zone signing key (ZSK) © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel Pfad zum Verzeichnis der DNSSEC Schlüssel Zone signing key (ZSK) # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de Algorithmus Zone signing key (ZSK) © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel Pfad zum Verzeichnis der DNSSEC Schlüssel Zone signing key (ZSK) Schlüssel-Stärke # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de Algorithmus Zone signing key (ZSK) © Men & Mice http://menandmice.com Thursday 30 October 14 Erzeugen der DNSSEC Schlüssel Pfad zum Verzeichnis der DNSSEC Schlüssel Zone signing key (ZSK) Schlüssel-Stärke Name der Zone # dnssec-keygen -K ./keys -a rsasha256 -b 2048 -n ZONE dnssec.example.de # dnssec-keygen -K ./keys -a rsasha256 -b 2560 -f KSK -n ZONE dnssec.example.de Algorithmus Zone signing key (ZSK) © Men & Mice http://menandmice.com Thursday 30 October 14 Die Zone signieren # rndc sign dnssec.example.de # tail -n2 /var/log/named.log 14-Nov-2011 21:58:37.945 zone dnssec.example.de/IN (unsigned): loaded serial 2 14-Nov-2011 21:58:37.946 zone dnssec.example.de/IN (signed): loaded serial 3 (DNSSEC signed) © Men & Mice http://menandmice.com Thursday 30 October 14 Die Zone signieren # rndc sign dnssec.example.de unsignierte Zone wird geladen # tail -n2 /var/log/named.log 14-Nov-2011 21:58:37.945 zone dnssec.example.de/IN (unsigned): loaded serial 2 14-Nov-2011 21:58:37.946 zone dnssec.example.de/IN (signed): loaded serial 3 (DNSSEC signed) © Men & Mice http://menandmice.com Thursday 30 October 14 Die Zone signieren # rndc sign dnssec.example.de unsignierte Zone wird geladen # tail -n2 /var/log/named.log 14-Nov-2011 21:58:37.945 zone dnssec.example.de/IN (unsigned): loaded serial 2 14-Nov-2011 21:58:37.946 zone dnssec.example.de/IN (signed): loaded serial 3 (DNSSEC signed) signierte Zone wird geladen © Men & Mice http://menandmice.com Thursday 30 October 14 Signierte Zonendatei lesbar machen # rndc sync dnssec.example.de # named-compilezone -f RAW \ -o dnssec.example.de.txt \ dnssec.example.de dnssec.example.de.signed © Men & Mice http://menandmice.com Thursday 30 October 14 Signierte Zonendatei lesbar machen letzte Änderungen an der Zonendatei in die Datei schreiben # rndc sync dnssec.example.de # named-compilezone -f RAW \ -o dnssec.example.de.txt \ dnssec.example.de dnssec.example.de.signed © Men & Mice http://menandmice.com Thursday 30 October 14 Signierte Zonendatei lesbar machen letzte Änderungen an der Zonendatei in die Datei schreiben # rndc sync dnssec.example.de # named-compilezone -f RAW \ -o dnssec.example.de.txt \ dnssec.example.de dnssec.example.de.signed Die Zonendatei vom Format RAW in das Text-Format umwandeln © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Validierung (vereinfacht) © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Namensauflösung “” org. example.org. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. What is the address of www.example.org. example.org. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” What is the address of www.example.org. org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is a list of “org.” Name Servers org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” What is the address of www.example.org. org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is a list of “example.org.” Name Servers org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. What is the address of www.example.org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the address of “www.example.org.” plus RRSIG (signatures) org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the address of “www.example.org.” plus RRSIG (signatures) Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. What is the public key of example.org. Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the DNSKEY of “example.org.” plus RRSIG (signatures) org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the DNSKEY of “example.org.” plus RRSIG (signatures) Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” What is the DS of example.org. Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the “delegation signer (DS)” of “example.org.” + RRSIG org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the “delegation signer (DS)” of “example.org.” + RRSIG Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” What is the public key (DNSKEY) of “org.” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the public key (DNSKEY) of “org.” + RRSIG org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Here is the public key (DNSKEY) of “org.” + RRSIG Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung What is the DS of “org.” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung Here is the “delegation signer (DS)” of “org.” + RRSIG “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ Here is the “delegation signer (DS)” of “org.” + RRSIG “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung Record www.example.org.A What is the public key (DNSKEY) of Function “.” IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Here is the public key (DNSKEY) of “.” + RRSIG “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” Record Function www.example.org.A IPv4 Address www.example.org. RRSIG signature ↑ example.org. DNSKEY public key example.org. RRSIG signature ↑ example.org. DS hash of public key org. RRSIG signature ↑ org DNSKEY public key org RRSIG signature ↑ org DS hash of public key . RRSIG signature ↑ . DNSKEY public key . RRSIG signature ↑ Trust Anchor for “.” hash of public key org. example.org. http://www.example.com. http://www.example.org. Trush Anchor for “.” (root zone) from configuration file local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. Here is the address of “www.example.org.” “Authenticated Data” example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNSSEC Namensauflösung “” org. Here is the address of “www.example.org.” “Authenticated Data” example.org. http://www.example.com. http://www.example.org. local caching + validating DNS Server Thursday 30 October 14 © Men & Mice http://menandmice.com DNS Clients und DNS Resolver Kombinationen © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen classic DNS stub resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver classic DNS stub resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver DNSSEC validating resolver classic DNS stub resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver DNSSEC validating resolver classic DNS stub resolver DNSSEC aware non-validating stub-resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver DNSSEC validating resolver classic DNS stub resolver DNSSEC validating resolver DNSSEC aware non-validating stub-resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver DNSSEC validating resolver classic DNS stub resolver DNSSEC validating resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen legacy DNS resolver classic DNS stub resolver DNSSEC validating resolver classic DNS stub resolver DNSSEC validating resolver DNSSEC aware non-validating stub-resolver DNSSEC validating resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) legacy DNS resolver classic DNS stub resolver DNSSEC validating resolver classic DNS stub resolver DNSSEC validating resolver DNSSEC aware non-validating stub-resolver DNSSEC validating resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) DNSSEC validating resolver legacy DNS resolver DNSSEC validating resolver DNSSEC validating resolver RD classic DNS stub resolver classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) DNSSEC validating resolver legacy DNS resolver DNSSEC validating resolver DNSSEC validating resolver RD classic DNS stub resolver classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DNSSEC validating resolver legacy DNS resolver DNSSEC validating resolver DNSSEC validating resolver RD classic DNS stub resolver classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver DNSSEC validating resolver RA classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver DNSSEC validating resolver RA classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver DNSSEC validating resolver RD RA classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver DNSSEC validating resolver RD RA classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver AA DNSSEC validating resolver DNSSEC validating resolver RD RA classic DNS stub resolver DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver RD RA classic DNS stub resolver DNSSEC validating resolver RA DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver RD RA classic DNS stub resolver DNSSEC validating resolver RA DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver RD RA classic DNS stub resolver RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver DNSSEC validating resolver RD RA classic DNS stub resolver DO RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (not compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen insecure.com (compromised) AA DO AA DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO AA DO DNSSEC validating resolver RD RA AA RA DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA RA DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen secure.org (not compromised) AA DO AA RRSIG DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO DNSSEC validating resolver RD RA AA RRSIG RA AA RRSIG DO DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD RA AD RA RRSIG DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen secure.org (compromised) AA DO AA RRSIG DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO SRVFAIL AA RRSIG DO DNSSEC validating resolver RD RA AA RRSIG DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD SRVFAIL RA RRSIG DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 DNS Clients und DNS Resolver Kombinationen secure.org (compromised) AA DO AA RRSIG DNSSEC validating resolver legacy DNS resolver RD classic DNS stub resolver classic DNS stub resolver DO SRVFAIL AA RRSIG DO DNSSEC validating resolver RD RA AA RRSIG DNSSEC validating resolver RD DO DNSSEC aware non-validating stub-resolver RD DO CD SRVFAIL RA RRSIG DNSSEC validating Application © Men & Mice http://menandmice.com Thursday 30 October 14 Windows 7 / 8 secure.org (compromised) AA DO IPsec tunnel legacy DNS resolver RD DO DNSSEC aware non-validating stub-resolver RA AD-Flag missing on secure zone = insecure DNS resolver © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Validierung im Internet © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC im Internet • die DNS Root-Zone ist seit Sommer 2010 signiert • die meisten ccTLDs und gTLDs sind DNSSEC signiert • Messungen* zeigen das 10-14% der DNS Anfragen per DNSSEC validiert werden können * http://gronggrong.rand.apnic.net/cgi-bin/worldmap © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC Validierung im Webbrowser • DNSSEC und DANE Erweiterung für Firefox, Google-Chrome, Opera und Internet Explorer (http://www.dnssec-validator.cz/) © Men & Mice http://menandmice.com Thursday 30 October 14 http://dnssec-or-not.org © Men & Mice http://menandmice.com Thursday 30 October 14 http://dnssectest.sidn.nl © Men & Mice http://menandmice.com Thursday 30 October 14 DANE • RFC 6394: Use Cases and Requirements for DNS-Based Authentication of Named Entities (DANE) • RFC 6698: The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA • SSL/TLS Zertifikate durch DNSSEC absichern © Men & Mice http://menandmice.com Thursday 30 October 14 DNSSEC sichert verschiedene Internet-Protokolle ab • Protokolle die über DNSSEC abgesichert werden können : • TLSA – HTTPS Zertifikate • SSHFP – ssh known_hosts Schlüssel-Fingerprints in DNS (RFC 4255 - in OpenSSH implementiert) • IPSECKEY – IPsec öffentliche RSA Schlüssel in DNS • CERT - GnuPG/PGP Schlüssel (RFC 4398) • OPENPGPKEY - GnuPG/PGP Schlüssel (neuer Draft) • S/MIME – S/MIME Schlüssel in DNS • SMTP/TLSA – STARTSSL Zertifikate in DNS • SRV - service discovery © Men & Mice http://menandmice.com Thursday 30 October 14 DANE acronyms • RFC 7218 “Adding Acronyms to Simplify Conversations about DNS-Based Authentication of Named Entities (DANE)” (April 2014) © Men & Mice http://menandmice.com Thursday 30 October 14 der TLSA Record shell> dig _443._tcp.bundy-dns.de tlsa +m +noall +answer ; <<>> DiG 9.9.4-P2 <<>> _443._tcp.bundy-dns.de tlsa +m +noall +answer ;; global options: +cmd _443._tcp.example.com. 3581 IN TLSA 3 0 1 ( DD1B43FFD9672EE612529A1619CA24D27E22E51B1143 7BDBE56068CB57AE957B ) hash algorithm Port transport protocol host certificate usage selector certificate or hash © Men & Mice http://menandmice.com Thursday 30 October 14 TLSA Record - Certificate usage Value Acronym Description 0 PKIX-TA CA constraint 1 PKIX-EE Service certificate constraint 2 DANE-TA Trust anchor assertion 3 DANE-EE Domain-issued certificate 4-254 -- Unassigned 255 PrivCrt Private Use © Men & Mice http://menandmice.com Thursday 30 October 14 TLSA Record - Selectors Value Acronym Description 0 Cert Full certificate 1 SPKI SubjectPublicKeyInfo 2-254 -- Unassigned 255 PrivSel Private Use © Men & Mice http://menandmice.com Thursday 30 October 14 TLSA Record - Matching Types Value Acronym Description 0 Full No hash used 1 SHA2-256 SHA2 256 bit hash 2 SHA2-512 SHA2 512 bit hash 3-254 -- Unassigned 255 PrivMatch Private Use © Men & Mice http://menandmice.com Thursday 30 October 14 TLSA Record mit ldns-dane • einen TLSA-Record mit ldns-dane erzeugen: # ldns-dane create www.example.com 443 _443._tcp.www.example.com. 3600IN TLSA3 0 1 aa0914c30428d804e92e1b68b38afea5b0e5721793f15fea60cf31fe44e275b7 © Men & Mice http://menandmice.com Thursday 30 October 14 TLSA manuell mittels OpenSSL • TLSA tutorial: http://blog.huque.com/2012/10/dnssec-and-certificates.html • TLSA hash manuell erzeugen: $ openssl x509 -in www.example.com.crt -outform DER | openssl sha256 (stdin)= 8cb0fc6c527506a053f4f14c8464bebbd6dede2738d11468dd953d7d6a3021f1 • TLSA Record: _443._tcp.www.example.com. IN TLSA ( 3 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) © Men & Mice http://menandmice.com Thursday 30 October 14 TLSA mittels hash slinger erzeugen • einen TLSA Record mittels hash-slinger erzeugen: $ tlsa --create --output rfc --usage 3 --certificate example.crt www.example.com _443._tcp.www.example.com. IN TLSA 3 0 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede2738d11468dd953d7d6a3021f1 ) • oder: $ tlsa www.example.com _443._tcp.www.example.com. IN TLSA 3 0 1 ( 8cb0fc6c527506a053f4f14c8464bebbd6dede2738d11468dd953d7d6a3021f1 ) © Men & Mice http://menandmice.com Thursday 30 October 14 generate TLSA records • TLSA-Generator: https://www.huque.com/bin/gen_tlsa • ldns-dane aus dem “ldns” Projekt https://www.nlnetlabs.nl/projects/ldns/ • “hash-slinger” von Paul Wouters (Red Hat/Fedora): http://people.redhat.com/pwouters/hash-slinger/ © Men & Mice http://menandmice.com Thursday 30 October 14 Vielen Dank E-Mail: [email protected] [email protected] © Men & Mice http://menandmice.com Thursday 30 October 14