University of Houston College of Technology Department of Engineering Technology ELET 6313 Network Security
Email Security System Laboratory
Authors:
Anshul Bhambri Richard Franzl Anh Nguyen Kaushik Ramanathan
Last Update:
December 11, 2006
© 2006– University of Houston, College of Technology ELET Labs
Revision History REV A
DESCRIPTION
DATE
Initial Copy
OWNER
12/11/06 Authors
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 2 -
Table of contents 1
Purpose ...................................................................................................................... 4
2
Objectives ................................................................................................................ 4
3
Equipment, Components, and Software ............................................................. 4
4
Pre-Lab ...................................................................................................................... 5
5
4.1
Introduction: The email process................................................................. 5
4.2
Creation of an email system ......................................................................... 7
4.2.1
Orientation Video and PowerPoint ...................................................... 7
4.2.2
System Architecture............................................................................. 7
4.2.3
Email System Software Installation/Configuration....................... 8
4.2.4
Ethereal Software Download and Installation .............................. 20
4.3
Ensure the email system is working ......................................................... 20
4.4
Capture Packets using Ethereal ................................................................ 20
Procedures.............................................................................................................. 21 5.1
Procedure 1 – Perform a Masquerade Attack ........................................ 21
6
Knowledge Evaluation:.......................................................................................... 22
7
References: ............................................................................................................ 23
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 3 -
1 Purpose The purpose of this experiment is to setup a private email system and learn about email security, how it works, how to configure it, how to sniff your network – read emails, and knowledge evaluation on proposed solutions and how to integrate these solutions into your email system to protect the email being sent.
2 Objectives At the end of this experiment you will know: 1. How to construct an email system with 4 personal computers running Windows Server 2003. 2. How to install and configure Microsoft Exchange Software to provide email services for 3 users/clients. 3. How to sniff packets in an email system using Ethereal Software. 4. How to do a masquerade attack on an email system. 5. Knowledge Evaluation on ways to protect an email system.
3 Equipment, Components, and Software For this experiment, the team of students will need the following: •
Four personal computers to act as 1 server and 3 user workstations
•
Hub – four port minimum
•
Microsoft Server 2003 Operating System
•
Microsoft Exchange Software
•
Ethereal Software
•
Lab CD-ROM “Email Security Laboratory”
ELET 6316 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 4 -
4 Pre-Lab 4.1 Introduction: The email process An e-mail message has always been nothing more than a simple text message sent to a recipient. Microsoft Outlook, Outlook Express, Eudora, and Pegasus are stand alone clients, or you can use public services like Yahoo, Hotmail, or Gmail. Machines (PCs) on the Internet can run software applications that act as servers. There are Web servers, File Transfer Protocol (FTP) servers, telnet servers, Simple Mail Transport Protocol (SMTP) servers, and e-mail servers running on millions of machines on the Internet right now. These applications run all the time on the server machine and they listen to specific ports, waiting for people or programs to attach to the port. Whenever you send a piece of e-mail, your e-mail client interacts with the SMTP server to handle the sending. The SMTP server on your host may have conversations with other SMTP servers to actually deliver the e-mail. Example email ID:
[email protected] wants to send email to
[email protected]. Outlook Express connects to the SMTP server at elet6313.uh.edu using port 25. Outlook Express tells the SMTP server the address of the sender and the address of the recipient, as well as the body of the message. The SMTP server takes the "to" address (
[email protected]) and breaks it into two parts:
The recipient name (rfranzl)
The domain name (elet6313.uh.edu) ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 5 -
Since the "to" address is at same domain the SMTP server would simply hand the message to the POP3 server for elet6313.uh.edu. If the recipient is at another domain, SMTP needs to communicate with that domain. Please see figure 1 for the email process flowchart, and figure 2 for the email process overview. Email Server domain: ELET6313.uh.edu SMTP
POP 3 Port 110
Port 25
abhambri
rfranzl
Figure 1 – Email Process Flowchart
Figure 2 – Email Process Overview ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 6 -
4.2 Creation of an email system 4.2.1 Orientation Video and PowerPoint Watch the Email Security System Orientation Video for an overview of how to build your email security system with Ethereal sniffer. Also, take a look at the PowerPoint “Email Security”. Both of these files are located on the CD-ROM that is used with this laboratory. 4.2.2 System Architecture Connect the four personal computers to the hub with Ethernet cable. See figure 3 for the system architecture for reference as well as the orientation video. Hub
MS Server2003
Figure 3 – Email System Architecture
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 7 -
4.2.3 Email System Software Installation/Configuration Please ensure that all 4 personal computers do have Microsoft Server 2003 Operating System installed.
If they do not, please install the
software. Use the following reference for installation guidelines: Installing Windows Server 2003 R2: http://technet2.microsoft.com/WindowsServer/en/library/c68efa05c31e-42c9-aed6-0391130ceac21033.mspx?mfr=true Project Server 2003 Application Configuration Guide: http://www.microsoft.com/downloads/details.aspx?FamilyId=DD7C1BAD -6217-4568-BE01-C3C3C907A526&displaylang=en Now that all four computers have Server 2003 OS installed on them, you are ready to setup an email system using Microsoft Exchange Server 2003 software on the computer you choose to act as the server.
Note that
sections 4.2.3.1 – 4.2.3.4 should be performed on the server computer. Assumptions:
We have 01 Computer running Window Server 2003 We have to build up a new domain for elet6313.uh.edu There is no DNS, no DHCP in our network.
4.2.3.1
Install Active Directory
Active Directory is a database of information about resources on the network, such as computers, users, shared folders, and printers. It is also a service that makes this information available to users and applications. An email address consists of two parts, they are: username and domain name. Therefore, to establish an email system we have to build up a domain for that system. Active Directory will help us to plan, construct and maintain network resources of a domain easily. And because Exchange ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 8 -
utilizes Active Directory, this part should be completed first. Note: This part does not require any CD and has to be completed first. 1. Start/ Run/ Type: dcpromo. The "Active Directory Installation Wizard" window will show up
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 9 -
2. Click Next 4 times. Put the name for the domain. In this case, it is: elet6313.uh.edu
3. Click Next 4 times Choose the radio button to install a DNS Server for our own system
4. Click Next 2 times Set a password for Directory Services Restore Mode. The password can be whatever you want as long as it meets the requirements for a strong password; Ex: tech@uh#1 5. Click Next 2 times The installation process will take several minutes, go through many phases. The phase may look like this
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 10 -
6. Click Finish. The system will require to be restarted
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 11 -
4.2.3.2
Install and Configure DHCP Server
Install 1. Start/ Settings/ Control Panel/ Add or Remove Programs/ Add/Remove Windows Components/ 2. Tick Networking Services --> Click Details
3. Tick Dynamic Host Configuration Protocol (DHCP) 4. Click OK and then Next to install DHCP Configure 1. Start/ Programs/ Administrative Tools/DHCP
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 12 -
2. Right click on the server --> Choose New Scope... 3. Click Next Set the name for your scope, you can choose whatever name that you want; Ex.: Name: ELET6313, Description: Email Client 4. Click Next. Set the range of IP address for your PC Clients
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 13 -
5. Click Next. You can skip configuring Exclusions and Lease Duration by click Next two times and click 6. Choose the radio button: Next Put the IP address of the Default Gateway in the box and then click Add 7. Click Next to put the IP address of the DNS Server. In our case, DNS Server run in the same physical Computer with DHCP so we put 10.10.10.10
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 14 -
8. Click Add, and then Next You can skip configuring WINS Server by clicking Next 9. Choose the radio button: to finish
ELET 6313 – Network Security Rev. A
and click Next
© 2006 – University of Houston, College of Technology ELET Labs
- 15 -
4.2.3.3
Install and Configure MS Exchange 2003
Install 1. Put Exchange CD into the CD-ROM
2. Choose the hyperlink "Exchange Deployment Tools", and then 3. Choose the hyperlink "Deploy the first Exchange 2003 server", and then 4. Choose the hyperlink "New Exchange 2003 Installation"
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 16 -
5. Go through Step 1 to Step 8. Follow and finish all the instructions appeared to prevent errors
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 17 -
4.2.3.4
Configure SMTP and POP3 Virtual Server
1. Go to Start/ Programs/ Microsoft Exchange/ System Manager 2. Expand Administrative Groups/ First Administrative Group/ Servers/ MAIL-SERVER/ Protocols Note: MAIL-SERVER is the name of the physical Computer that we installed Exchange on. It may be a different name in your case
3. Choose POP3 --> Right click on Default POP3 Virtual Server --> Click Properties 4. Choose 10.10.10.10 from the pop up menu as the IP address for this POP3 Server and then Click OK
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 18 -
5. Choose SMTP --> Right click on Default SMTP Virtual Server --> Click Properties 6. Choose 10.10.10.10 from the pop up menu as the IP address for this SMTP Server and then Click OK
For Managing Email Account, please reference the orientation video.
This concludes setup of the email system. Use the following reference for further help with installation and configuration: Microsoft Exchange Server 2003 Deployment Guide: http://www.microsoft.com/downloads/details.aspx?familyid=77B6D819C7B3-42D1-8FBB-FE6339FFA1ED&displaylang=en Administration
Guide
for
Microsoft
Exchange
Server
2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=98E454811458-4809-97D6-50D8AEEBD8A1&displaylang=en ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 19 -
4.2.4 Ethereal Software Download and Installation Choose one of the remaining three user/client computers as a sniffer computer.
Download the Ethereal Software from the following link:
http://www.ethereal.com/download.html and install the software. For help with installation and configuration, use the following reference: Ethereal User’s Guide, V2.00 for Ethereal 0.10.5 http://www.rootsecure.net/content/downloads/pdf/ethereal_guide.pdf
4.3 Ensure the email system is working Now that you have all of the software components installed and configured, try sending an email to other users/clients in your email system. Include snapshots of successful email sending for proof in the laboratory report you will submit for grading.
4.4 Capture Packets using Ethereal Try and capture packets of the emails being sent throughout your system. Capture the email text in a file, and include the captured email text in the laboratory report you will submit for grading. For references, use the Ethereal User’s Guide and the orientation video.
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 20 -
5 Procedures 5.1 Procedure 1 – Perform a Masquerade Attack Now that you have verified that the email system works, and that you can successfully sniff the email packets, it is time to try and perform an attack on the email system. On a user/client computer that is in your system, Go to Start/ Run/ Type telnet In Telnet's cmd, type: open elet6313.uh.edu 25 helo mail from:rfranzl rcpt to:kramanathan data we're through! .
*** Note: Choose usernames of members in your team in the mail from: section and the rcpt to: section. Also, under the data section, this is the area where you can choose what text to send in the forged email. In this example, the text that will be sent is “we’re through!”.
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 21 -
Example Result: Kaushik at
[email protected] will receive a forged email from Richard at
[email protected]. Once you have performed the masquerade attack and the forged email was successfully sent, check the receiver’s inbox and take snapshots of all screens related and include these snapshots in the laboratory report that will be submitted for grading.
6 Knowledge Evaluation: Answer the following questions and include the answers in the laboratory report that will be submitted for grading: 1. What tools can be used to provide security from the client-server local domain link?
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 22 -
2. What tools can be used to provide security from the server-server public link? 3. What security requirements need to be implemented to ensure that an email system is totally secure? Give a short description of what each requirement is, and any tools that can be used to fulfill the security requirements.
7 References: If you want to learn more about the topics related to this lab, see the following references: [1]
Stallings, W., Cryptography and Network Security Principles and Practice, Fourth Edition, 2006 Pearson Education, Inc.
[2]
Installing Windows Server 2003 R2: http://technet2.microsoft.com/WindowsServer/en/library/c68 efa05-c31e-42c9-aed6-0391130ceac21033.mspx?mfr=true
[3]
Project Server 2003 Application Configuration Guide: http://www.microsoft.com/downloads/details.aspx?FamilyId=D D7C1BAD-6217-4568-BE01-C3C3C907A526&displaylang=en
[4]
Microsoft Exchange Server 2003 Deployment Guide: http://www.microsoft.com/downloads/details.aspx?familyid=77 B6D819-C7B3-42D1-8FBB-FE6339FFA1ED&displaylang=en
[5]
Administration Guide for Microsoft Exchange Server 2003: http://www.microsoft.com/downloads/details.aspx?FamilyId=98 E45481-1458-4809-97D6-50D8AEEBD8A1&displaylang=en
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 23 -
[6]
Ethereal User’s Guide, V2.00 for Ethereal 0.10.5 http://www.rootsecure.net/content/downloads/pdf/ethereal_g uide.pdf
ELET 6313 – Network Security Rev. A
© 2006 – University of Houston, College of Technology ELET Labs
- 24 -