Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Adventures in Hardening the Security of LINE's ...

Adventures in Hardening the Security of LINE's Infra

ByoungYun Lee
LINE Plus GrayLab Security Engineer
https://linedevday.linecorp.com/jp/2019/sessions/F1-4

Avatar for LINE DevDay 2019

LINE DevDay 2019

November 20, 2019
Tweet

More Decks by LINE DevDay 2019

Other Decks in Technology

Transcript

  1. 2019 DevDay Adventures in Hardening the Security of LINE's Infra

    > ByoungYun Lee > LINE Plus GrayLab Security Engineer
  2. Who Am I Security Risk Assessment @LINE > since 2018

    Offensive Security Research @GrayHash > for 3 years
  3. Source IP Destination IP Destination Port Action 10.0.0.1-10 10.0.0.200 7000

    Allow Other 10.0.0.200 7000 Deny 10.0.0.51-60 10.0.0.200 5000 Allow Other 10.0.0.200 5000 Deny Goal
  4. Source IP Destination IP Destination Port Action 10.0.0.1-10 10.0.0.200 7000

    Allow 10.0.3.1-10 10.0.0.200 7000 Allow 10.0.4.1-10 10.0.0.200 7000 Allow 10.0.5.1-10 10.0.0.200 7000 Allow 10.0.100.50 10.0.0.200 5000 Allow 10.0.200.50 10.0.0.200 5000 Allow 10.0.300.50 10.0.0.200 5000 Allow 10.0.400.50 10.0.0.200 5000 Allow Goal
  5. Source IP Destination IP Destination Port Action 10.0.0.1-10 10.0.0.200 7000

    Allow 10.0.3.1-10 10.0.0.200 7000 Allow 10.0.4.1-10 10.0.0.200 7000 Allow 10.0.5.1-10 10.0.0.200 7000 Allow 10.0.100.50 10.0.0.200 5000 Allow 10.0.200.50 10.0.0.200 5000 Allow 10.0.300.50 10.0.0.200 5000 Allow 10.0.400.50 10.0.0.200 5000 Allow Goal
  6. PROS iptables Easy-to-use Everyone knows how to use No cost

    No physical constraints, cloud-compatible
  7. PROS iptables Easy-to-use Everyone knows how to use No cost

    No physical constraints, cloud-compatible
  8. CONs Network Firewall High cost Physical constraints: component proximity required

    Physical constraint: Incompatible with cloud infrastructure
  9. CONs Network Firewall High cost Physical constraints: component proximity required

    Physical constraint: Incompatible with cloud infrastructure
  10. Service A's Database Servers about 700 hosts, 27 groups, 2,000

    clients Analyze Target Various Database Types • HBase • Redis • etc • Cassandra • MySQL
  11. Service A's Database Servers about 700 hosts, 27 groups, 2,000

    clients Analyze Target Various Database Types • HBase • Redis • etc • Cassandra • MySQL
  12. Service A's Database Servers about 700 hosts, 27 groups, 2,000

    clients Analyze Target Various Database Types • HBase • Redis • etc • Cassandra • MySQL
  13. Service A's Database Servers about 700 hosts, 27 groups, 2,000

    clients Analyze Target Various Database Types • HBase • Redis • etc • Cassandra • MySQL
  14. Service A's Database Servers about 700 hosts, 27 groups, 2,000

    clients Analyze Target Various Database Types • HBase • Redis • etc • Cassandra • MySQL
  15. Design Process Possible Problems > Omitted, misspelled info > Missed

    Infrastructure- related info Install Firewall Apply Rules Make Rules
  16. Design Process Possible Problems > Omitted, misspelled info > Missed

    Infrastructure- related info Install Firewall Apply Rules Make Rules
  17. Design Process Possible Problems > Kernel panic > Device driver

    conflict Install Firewall Apply Rules Make Rules
  18. Design Process Possible Problems > Kernel panic > Device driver

    conflict Install Firewall Apply Rules Make Rules
  19. Design Process Possible Problems > Degraded service performance > Other

    unexpected problems Install Firewall Apply Rules Make Rules
  20. Design Process Possible Problems > Degraded service performance > Other

    unexpected problems Install Firewall Apply Rules Make Rules
  21. Preventing Problems Design Process > ‘Detect only’ mode > Log

    vs. Rule analysis 1. Faulty Rules > Test one server with redundancy • Most services are redundant with High Availability 2. Unpredictable Failure
  22. Preventing Problems Design Process > ‘Detect only’ mode > Log

    vs. Rule analysis 1. Faulty Rules > Test one server with redundancy • Most services are redundant with High Availability 2. Unpredictable Failure
  23. Preventing Problems Design Process > ‘Detect only’ mode > Log

    vs. Rule analysis 1. Faulty Rules > Test one server with redundancy • Most services are redundant with High Availability 2. Unpredictable Failure
  24. Apply By Server Group Set ‘Deny’ mode Apply 1 host,

    
 1/2 hosts, 
 2/2 hosts Install agent Apply 1 host, 
 1/2 hosts, 
 2/2 hosts Update rule based on 
 'Detect' logs Apply rule Apply 1 host, 
 1/2 hosts, 
 2/2 hosts Make rules with
 ‘Detect Only’ Mode
  25. Apply By Server Group Set ‘Deny’ mode Apply 1 host,

    
 1/2 hosts, 
 2/2 hosts Install agent Apply 1 host, 
 1/2 hosts, 
 2/2 hosts Update rule based on 
 'Detect' logs Apply rule Apply 1 host, 
 1/2 hosts, 
 2/2 hosts Make rules with
 ‘Detect Only’ Mode
  26. Root Cause Inconvenience due to Improved Security Emergency deployment/extension requires

    security team’s support Detailed firewall policies are high-maintenance Too Complex for Dev. Team To Understand Rules Difficult To Request a Rule Change
  27. Improvement Plan Build Firewall Control Service Hide Irrelevant Rules Provide

    Simple Rule Change UI Deployment-Group-Aware Auto-Configuration
  28. Improvement Plan Build Firewall Control Service Hide Irrelevant Rules Provide

    Simple Rule Change UI Deployment-Group-Aware Auto-Configuration