From: rhett <rhett@lineo.com> Subject: Lineo technical bulletin -- NETtel enhancements Date: Tue, 16 Jan 2001 16:53:00 To: lwn@lwn.net Tech Bulletin Lineo enhances NETtel family VPN Router technology Lineo software engineers have completed a major enhancement to the NETtel family of Internet security appliance OEM platforms by adding strong VPN support based upon the IPSec standard. Many appliance style products currently claim to have IPSec support but most lack the full IPSec feature set and instead only support "pass through" mode - effectively only permitting IPSec information to pass through the device but not adding any additional value or security. Simple Steps to Success The FreeS/WAN IPsec implementation (http://www.freeswan.org) was chosen as the basis for the enhancement as it was already open source while being technically complete and mature. The NETtel devices are also under GPL so there was no concerns with tainting of code, and both FreeS/WAN and the NETtel kernel - uClinux (http://www.lineo.com/products/embedix_uclinux) are freely available. The port took place in a matter of days, one of the advantages of using a Linux operating system. Compatibility issues were minimal, primarily because of the standardization of Linux library interfaces. This implementation provides support for both auto and manual keying, and typically uses 3DES for the tunnel encryption. Although encryption is software based, there are hooks for the addition of hardware encryption support such as for the Hi/fn 7901. The overall uClinux kernel size increase was around 150kb for the full IPSec stack: text data bss Dec hex filename 403820 72080 74019 549919 8641f std/linux 491144 127588 82733 701465 ab419 with-ipsec/linux In addition, an application binary called Pluto was implemented to handle the key management. This was also an opportunity to test the enhanced malloc that was described in a previous Lineo Technical Bulletin. IPSec with the original uClinux malloc: PID PORT STAT SIZE SHARED %CPU COMMAND 21 S0 R 74K OK 0.0 /bin/sh 17 S 520K OK 0.0 pluto 22 S 39K OK 0.0 /bin/inetd 23 S 39K OK 0.0 /bin/flatfsd 24 S 137K OK 0.0 /bin/boa Total Used Free Shared Buffers Cached Memory 2052096 1351680 700416 0 303104 24576 Free pages 684kB (%0 frag, %27 slack) Memory Total 2004 kB Memory Free 684 kB Buffers 296 kB Cached 24 kB IPSec with the new malloc: PID PORT STAT SIZE SHARED %CPU COMMAND 21 SO R 54K OK 0.2 /bin/sh 17 S 416K OK 0.2 pluto 22 S 27K OK 0.0 /bin/inetd 23 S 27K OK 0.0 /bin/flatfsd 24 S 77K OK 0.0 /bin/boa Total Used Free Shared Buffers Cached Memory 2052096 1122304 929792 0 307200 20480 Free pages 227 (908kB), %0 frag, %2 slack Free Blks 2 min=1 max=226 avg=113 Used Blks 2 min=3 max=793 avg=398 Memory Total 2004 kB Memory Free 908 kB Buffers 300 kB Cached 20 kB Thus, with Pluto key management overheads use just over another 400K over the kernel increase. However, some customers prefer to use their own key distribution scheme as an alternative to Pluto, thus regaining the space. On a NETtel 2520 raw loopback encryption yields IPSec throughput of 48Mb/second. In end-to-end tests via the NETtel results were measured as: raw TCP/IP ----------------------? 8320 kb/s IPsec (software 3DES encryp) -----------? 816 kb/s IPsec (Hifn hardware 3DES encrypt) ---? 3208 kb/s Compatibility By virtue of choosing the FreeS/WAN implementation the NETtel appliances gain instant compatibility advantages with Cisco and Nortel equipment as well as common software such as Raptor Firewall, PGP on Macintosh, Windows IPSEC clients, and Native Solaris IPSec software to name a few. What is a VPN? A VPN, or Virtual Private Network, is a group of two or more computer systems, typically connected to a private LAN, that communicate "securely" over the Internet. VPNs can replace a private WAN. Typically uses of a VPN are to connect branch offices and telecommuters into an enterprise-wide corporate network via the Internet, and can eliminate all long distance charges. A VPN should include encryption for privacy of data, strong authentication to prevent third parties from "spoofing" data, and mechanisms for preventing any tampering of messages that must pass through the Internet. The end points of a VPN should not reveal information about the private network topology from potential attackers on the public network. An often overlooked security issue is that although a given VPN may be inherently secure there are other ways of subverting the security such as by attacking the supporting framework of hosts, firewalls, and routers. What is IPSec? IPSEC is a set of extensions to the IP protocol family providing cryptographic security services. These services include privacy (encryption), authentication, and message integrity. Replay protection is also provided by merit of the combination of authentication and message integrity. One of the practical features of IPSec is that it provides similar services as SSL but operates at the network layer completely transparently to your applications, and is much more powerful. We can say this because your applications do not have to have any knowledge of IPSec to be able to use it. You can use any IP protocol over IPSec. You can create encrypted tunnels (VPNs), or just do encryption between computers. So the three ways that IPSec would be setup are: a) Host-to-Host (or, for example, Workstation-to-Workstation) b) Host-to-Network (e.g. between a host and router) c) Network-to-Network (e.g. router to router) The last option, in combination with a secure firewalling router, let's you bridge remotely entire facilities seamlessly. What are the protocols behind IPSec? The term IPSec actually covers a series of protocols used to send authenticated and/or encrypted data over IP networks. Roughly speaking, the protocols fall into three categories: encapsulating security payload (ESP) and authentication header (AH), which define encryption and authentication methods for IP payloads; and the IP security association key management protocol (ISAKMP), which manages the exchange of secret keys between senders and recipients of ESP or AH packets. AH provides authentication, integrity, and replay protection but not encryption and, unlike ESP, also secures parts of the IP header of the packet (such as the source/destination addresses). However, ESP provides privacy of the data by securing everything in the packet that follows the header. Encryption can be used orthogonally to authentication/integrity, and vice versa. What about PPTP? PPTP is an open documented standard published by the Internet Engineering Task Force (IETF) as RFC 2637 ftp://ftp.ietf.org/rfc/rfc2637.txt. The operation of PPTP as a VPN is performed by encapsulating the Point to Point Protocol (PPP) in IP and tunneling through an IP network. All communication, authentication and encryption is handled almost exclusively by PPP. The connection mechanism to the IP network is transparent to PPTP. PPTP takes advantage of PPP for its authentication and encryption. PPP can support PAP, CHAP, MSCHAP and MSCHAPv2 authentication. PPP encryption is performed through compressor modules and under uClinux allow PPP to support RC4 compatible 40-128 bit encryption. PPTP is widely deployed in both client and server forms due its default existence in Microsoft Windows platforms. PPTP vs. IPSec PPTP relies on the PPP daemon to provide the authentication and encryption mechanisms. Microsoft's version of PPTP was recently upgraded to include MSCHAPv2 and MPPE enhanced (and more secure) security protocols. Patches are available for the Linux PPP daemon that allow PPTP solutions such as PoPToP to take advantage of Microsoft's enhanced VPN security. Bruce Schneier, Chief Technical Officer of Counterpane Internet Security Inc (http://www.counterpane.com), recently analyzed Microsoft's MSCHAPv2 and MPPE security protocols and found that Microsoft have addressed the major security weaknesses found in MSCHAP. Schneier states that the fundamental weakness of the current authentication and encryption protocols (MSCHAPv2 and MPPE) is that it is only as secure as the password chosen by the user. MSCHAPv2 relies on password based keys in its authentication and encryption mechanisms. Because most uses select poor passwords this can leave the VPN open to dictionary style password attacks. IPSec was also analyzed and found to be superior (security-wise) to PPTP. PPTP VPN (with MSCHAPv2 and 40-128 bit RC4 encryption) is available now. With the countless Windows machines already out there supporting PPTP VPN the cost effective solution is obvious. Windows 98 has VPN client software as an install option. Windows NT 4.0 comes with PPTP (server and client) by default. Patches (Microsoft Dial up Networking patch) exist for upgrading windows 95 machines to include a PPTP client. Windows 2000 has PPTP and IPsec by default. Again, the only problem is that your VPN is only as secure as the supporting infrastructure. PoPToP - Lineo's PPTP Answer PoPToP (http://poptop.lineo.com) is the PPTP VPN server for Linux (known ports exist for Solaris, OpenBSD, FreeBSD and others). PoPToP allows Linux servers to function seamlessly in PPTP VPN environments thus enabling administrators to leverage the considerable benefits of both Microsoft and Linux. The current release version of PoPToP supports Windows 95, 98, NT and Windows 2000 PPTP clients as well as the Linux PPTP client. PoPToP is a PPTP Access Concentrator (PAC) that employs an enhanced GRE (Generic Routing Encapsulation - protocol 47) mechanism for carrying PPP packets and a Control channel (port 1723) for PPTP control messages. The basic operation of PoPToP is to wrap PPP packets up in IP on a NETtel and send them across the public Internet infrastructure. At the other end of the connection the PPP packets are stripped from the IP packet and handed to the PPP daemon. The operation is almost identical to a dial-in session, except for the fact that the PPP packets are wrapped in IP and sent over an IP network as opposed to a generic phone line and modem configuration. PoPToP has been setup to support MSCHAPv2 authentication and RC4 compatible 40-128 bit encryption. A NETtel box running PoPToP can effectively replace a Windows NT PPTP VPN server. However, PoPToP does not support PNS operation. PoPToP was released under the GNU GPL in April '99 and has since found widespread acceptance on standard Linux servers and firewalls in large production sites and small business and home networks. A Total VPN solution for OEMs and Systems Integrators The NETtel family of appliances support both IPSec and PPTP while providing a Linux firewall shield and additional gateway and server features such as Layer 3 routing, DHCP client/server, and numerous other standard Linux services. With a range of connectivity options including ADSL, cable modem, T1, ISDN, and V.90 the NETtel family is the first choice for OEMs wishing to bypass costly and risky development cycles to produce an end product in unprecedented times (as little as four to six weeks). Similarly, Systems Integrators are finding the units to be affordable and able to solve many edge problems as part of a total branded service offering. NETtel units are comparable to Cisco, Nortel, 3COM and other hardware systems as well as commercial software firewalling systems running on Linux, Unix, and Windows NT servers. More information may be found at http://www.lineo.com/products/nettel/ About Lineo, Inc. Lineo, Inc. provides Linux-based embedded systems, real-time and high availability solutions that include software, hardware designs and professional services. Lineo's solutions allow OEMs to create devices and systems that interact with the Internet while helping OEMs to reduce system requirement s, per-unit costs and time-to-market. The company's key product lines include: Embedixä (embedded Linux system software), uClinuxä (embedded Linux for MMU-less processors), NETtel (Linux-based Internet appliances for secure networking) and Availixä (mission-critical high availability Linux cluster solutions). Contact Lineo at www.lineo.com, via e-mail to info@lineo.com or by calling (801) 426-5001.