Page 30 - StudyBook.pdf
P. 30

14     Chapter 1 • General Security Concepts: Access Control, Authentication, and Auditing

             sections examine a number of methods that provide a better and more reliable
             authentication process.


                Cleartext Authentication
            Notes from the Underground…
                Cleartext (non-encrypted) authentication is still widely used by many
                people who receive their e-mail through POP3. By default, POP3 client
                applications send the username and password unprotected in cleartext
                from the e-mail client to the server. There are several ways of protecting
                e-mail account passwords, including connection encryption.
                     Encrypting connections between e-mail clients and servers is the only
                way of truly protecting your e-mail authentication password. This pre-
                vents anyone from capturing your password or any e-mail you transfer to
                your client. Secure Sockets Layer (SSL) is the general method used to
                encrypt the connection stream from the e-mail client to a server.
                     If you protect a password using Message Digest 5 (MD5) or a similar
                crypto cipher, it is possible for anyone who intercepts your “protected”
                password to identify it through a “brute force attack.” A brute force
                attack is when someone generates every possible combination of charac-
                ters and runs each version through the same algorithm used to encrypt
                the original password until a match is made and a password is cracked.
                     Authentication POP (APOP) is used to provide password-only encryp-
                tion for e-mail authentication. It employs a challenge/response method
                (defined in RFC 1725) that uses a shared time stamp provided by the
                authenticating server. The time stamp is hashed with the username and
                the shared secret key through the MD5 algorithm.
                     There are still some problems with this process. The first is that all
                values are known in advance except the shared secret key. Because of
                this, there is nothing provided to protect against a brute force attack on
                the shared key. Another problem is that this security method attempts to
                protect a password, but does nothing to prevent anyone from viewing e-
                mail as it is downloaded to an e-mail client.
                     Some brute force crackers, including POP, Telnet, File Transfer
                Protocol (FTP), and Hypertext Transfer Protocol (HTTP), can be found at
                http://packetstormsecurity.nl/Crackers/ and can be used as examples for
                this technique. Further discussion of why and how these tools are used
                can be found in Chapter 2.











          www.syngress.com
   25   26   27   28   29   30   31   32   33   34   35