Hacking the SAN
Hacking the SAN translates to unauthorized access to an entity or data in a storage area network. In the next three chapters, we discuss the following items.
- Session hijacking
- Man-in-the-Middle attacks
- Name server pollution
- WWN spoofing
- LUN masking attacks
- Zone hopping
- Switch attacks
Table 2.2 is summary of the weaknesses that are discussed in the next three chapters and their correlating attacks.
Table 2.2 SAN Security Weaknesses and Correlation SAN Attacks
|SAN weaknesses||SAN attacks|
|Sequence weaknesses||Session hijacking|
|Fabric address weaknesses||Man-in-the-Middle attacks|
|FLOGI/PLOGI weaknesses||Name server pollution|
|HBA weaknesses||LUN masking attacks/WWN spoofing|
|FC switch weaknesses||Zone hopping|
A key idea to introduce at this time before we begin our discussion on SAN attacks is the difference between a valid attack and a valid risk. In a given network, there are several hundred attacks that are fully possible to execute, but only a handful of them may actually pose a valid risk due to the nature of the network or the business. Hence, for each attack described in this section, a chart is used to describe how easy or difficult the execution of the attack will be, and its risk level also will be discussed. See Figure 2.4 for the example chart.
Figure 2.4 Security and business risk chart.
The primary purpose of the SBR chart is to place each threat described in some type of security risk context. This chapter covers many risks and threats in Fibre Channel SANs; many of the threats are easy to perform, but many are very difficult to execute due to the need for physical access to the network or a hardware analyzer for sniffing. It would not be in the best interest of the book to simply skip the threats that are hard to actually perform, but use the SBR chart to appropriately show the risk level of each attack after it has been described.
In Figure 2.4, notice that each area of the chart represents a different security and business risk value. Items in the upper-left corner are high security risk, but low business risk. Risks in this area should be technically mitigated from a security perspective only since the business risk is low. Items in the upper-right corner are high security risk and high business risk. Risks in this area should be resolved immediately since they present a high business and security risk. Conversely, items in the lower-left corner are low security risk and low business risk. Risks in this area can often be accepted (bearable) since the impact is relatively low. Finally, items in the lower-right corner are low security risk and high business risk. Risks in this often need a process solution rather than a technical solution. The type of summary in the Security and Business Risk (SBR) chart will help readers understand what valid attacks are and the risks associated with them.
Now that we understand the architecture of Fibre Channel frames and the problems associated with clear-text communication, we will now discuss the security weaknesses with Fibre Channel frames. The following list describes each weakness that we will discuss:
- Sequence weaknesses
- Address weaknesses
- Fabric, port, and node login weaknesses
- FLOGI, PLOGI, and address spoofing
Use the following table of contents to navigate to chapter excerpts or click here to view SANs: Fibre Channel Security in its entirety.
Securing Storage: A Practical Guide to SAN and NAS Security
Home: SANs: Fibre Channel Security: Introduction
1: SAN risks
2:Fibre Channel risks
5:Fibre Channel frame weaknesses
6:Session hijacking: assessment exercise
7:Fibre Channel address weaknesses
8: Fibre Channel man-in-the-middle attacks
9: Fibre Channel address weaknesses: assessment exercise
|About the book:|
|Securing Storage: A Practical Guide to SAN and NAS Security is an indispensable resource for every storage and security professional, and for anyone responsible for IT infrastructure, from architects and network designers to administrators. You've invested heavily in securing your applications, operating systems, and network infrastructure. But you may have left one crucial set of systems unprotected: your SAN, NAS, and iSCSI storage systems. Securing Storage reveals why these systems aren't nearly as secure as you think they are, and presents proven best practices for hardening them against more than 25 different attacks. Purchase Securing Storage: A Practical Guide to SAN and NAS Security the book from Addison-Wesley Publishing|
|About the author:|
|Himanshu Dwivedi is a founding partner of iSEC Partners, a digital security services and products organization. Before forming iSEC Partners, Himanshu was the Technical Director for @stake s San Francisco security practice, a leader in application and network security. His professional experience includes application programming, infrastructure security, and secure product design with an emphasis on storage risk assessment.|