WebApp Sec mailing list archives
RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein
From: "Cyrill Osterwalder" <cyrill.osterwalder () seclutions com>
Date: Tue, 19 Jul 2005 13:46:46 +0200
Hello Amit Thank you for this write-up on problems with authentication schemes bound to TCP connections. I mostly agree with you and I think it's valuable to point the topic out. I'd like to add a few comments that you might want to consider as well:
Note that SSL is not connection-oriented security since each request is encrypted with a secret, shared key, making this protocol implicitly request-oriented.
That is basically correct. But SSL may be vulnerable to the same kind of attack in the following scenario that we have seen in reality: A web application server uses the SSL session ID to implement the session tracking. Some clients connect through a SSL forward proxy that pools outgoing SSL sessions. Of course, that is not the proper way to handle SSL in a forward proxy. However it can happen in this scenario that other clients jump on another SSL (and therefore application) session.
*) Proxy vendors - do not to share TCP connections to the server among several clients. Yes, it improves performance, but it's also insecure and enables/aids 3 different attacks (the one described here, HTTP Request Smuggling and HTTP Response Splitting).
We are developing a secure reverse proxy server with a strong focus on security AND performance. It is indeed possible to handle NTLM authentication in a reverse proxy and pooling server connections WITHOUT being vulnerable to your described attacks. We are able to do this with our reverse proxy (product name is AirLock, technology paper available here: http://www.seclutions.com/en/downloads/AirLock_Whitepaper.pdf ) by binding the NTLM authentication not only to the TCP connection on the client side but also to the secure session management on AirLock. Just for the completeness of your request to proxy server vendors I think you should cover this possibility as well. By using our method of NTLM authentication through a secure reverse proxy you do not make your system vulnerable to this attack, even if back-end connections are pooled for performance. Also the other two attack methods can be prevented using URL protection and filtering techniques. Of course, the NTLM connection based scheme is still vulnerable if a forward proxy (that cannot be controlled by the service provider) is used as you describe in your write-up.
Alternatively, use NTLM over HTTPS (SSL) to avoid this vulnerability, but make sure that the SSL is terminated on the web server, not some SSL accelerator (which may in itself facilitate the attack, e.g. if it shares a TCP connection to the server among several clients).
That is a valid request regarding this specific type of attack. However, terminating SSL on the Web server (instead of a separate device in front of it) introduces many other risks and vulnerabilities. If SSL is terminated on the Web server, it is not possible to recognize any other attack methods (e.g. application or Web server specific attacks) before they get to the Web server. This may be too late! More information on such attack methods and why SSL should always be terminated in front of a Web server is illustrated in our technology whitepaper already mentioned above: (http://www.seclutions.com/en/downloads/AirLock_Whitepaper.pdf). Best regards Cyrill Osterwalder Chief Technology Officer Seclutions AG http://www.seclutions.com
Current thread:
- NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Amit Klein (AKsecurity) (Jul 18)
- <Possible follow-ups>
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Cyrill Osterwalder (Jul 19)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Amit Klein (AKsecurity) (Jul 19)
- Re: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Andrew van der Stock (Jul 19)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Cyrill Osterwalder (Jul 20)
- Re: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Andrew van der Stock (Jul 21)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Cyrill Osterwalder (Jul 20)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Amit Klein (AKsecurity) (Jul 21)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Cyrill Osterwalder (Aug 09)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Amit Klein (AKsecurity) (Aug 09)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Cyrill Osterwalder (Aug 09)
- RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein Cyrill Osterwalder (Aug 10)