Novell BorderManager

From royhills
Revision as of 18:52, 27 February 2007 by Royhills (talk | contribs) (Removed unfinished tag.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Platform Notes

Novell BorderManager runs on Novell Netware server.

Version History

Version Release Date Notes
BorderManager 3.6
BorderManager 3.7 Runs on NetWare 5.1 or 6.0
BorderManager 3.8 Jul 2003 Runs on NetWare 5.1 SP3, 6.0 SP3, and 6.5
BorderManager 3.9 TBD Expected early 2007

Backoff Patterns

BorderManager has the backoff pattern:

0, 4.5, 7, 10

Below is an example from BorderManager 3.8 on Novell Netware 6.5:

$ ike-scan -M --auth=3 --showbackoff 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=81fccc7427e8ff40)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

IKE Backoff Patterns:

IP Address      No.     Recv time               Delta Time
172.16.3.27     1       1171720863.700050       0.000000
172.16.3.27     2       1171720868.244916       4.544866
172.16.3.27     3       1171720875.149323       6.904407
172.16.3.27     4       1171720885.046563       9.897240
172.16.3.27     Implementation guess: Novell-BorderManager

Vendor IDs

BorderManager returns the following Vendor IDs:

  • draft-ietf-ipsec-nat-t-ike-03 (7d9419a65310ca6f2c179d9215529d56)

Authentication Methods

In the default configuration, BorderManager only accepts RSA Signature authentication.

ISAKMP SA Lifetime

Lifetime in seconds

No lifetime attribute.

$ ike-scan --lifetime=none --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=6d4c783559424abe)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Lifetime of zero seconds.

$ ike-scan --lifetime=0 --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=ab05724070235cb8)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00000000)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Lifetime of one second.

$ ike-scan --lifetime=1 --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=ba29cc0976f4da03)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00000001)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Huge lifetime of 2^32-1.

$ ike-scan --lifetime=0xffffffff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=3333869fd3cd94c3)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0xffffffff)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Lifetimes encoded as variable length attributes with a length other than four bytes are not handled correctly. Below we have examples with lengths of 1, 2, 3 and 5 bytes, each with all bits set.

$ ike-scan --lifetime=0xff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=a1e812432e316439)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0xff8d76b7)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --lifetime=0xffff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=1f0dfd03b7d160b0)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0xffff76b7)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --lifetime=0xffffff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=dd99e8f43913349c)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0xffffffb7)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --lifetime=0xffffffffff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=b6f4f48a6104d195)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Lifetime in kilobytes

Lifetime in kilobytes is not handled correctly. The Bordermanager server will never return a lifetime in kilobytes. If only a lifetime in kilobytes is specified, then the default lifetime in seconds is returned. If both lifetime in seconds and lifetime in kilobytes is specified, then only the lifetime in seconds is returned.

The examples below illustrate this behaviour:

$ ike-scan --lifetime=none --lifesize=0 --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=7288298764ed3958)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --lifetime=none --lifesize=1 --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=3493f57987687399)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --lifetime=none --lifesize=0xffffffff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=26c54ad040d435fc)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --lifetime=0xeeeeeeee --lifesize=0xffffffff --trans=5,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=2eabfa2f4ebef36a)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0xeeeeeeee)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Transform Attribute ordering and re-writing

BorderManager always returns transform attributes in the order Enc, Hash, Auth, Group [,Lifetime in seconds]. In the example below, we specify the four mandatory transform attributes in order Enc, Hash, Auth, Group and then in reverse order Group, Auth, Hash, Enc, and observe that in both cases the target returns the attributes in the same order.

$ ike-scan --trans="(1=5,2=2,3=3,4=2)" -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=14ee80b592adad8d)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan --trans="(4=2,3=3,2=2,1=5)" -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=f0d3242b8bbbf757)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

In this example, we add a lifetime in seconds as the first attribute, and the attributes are again returned in the expected order with the lifetime attribute last.

$ ike-scan --trans="(11=1,12=123,4=2,3=3,2=2,1=5)" -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=55ee626ca1ba3cc0)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration=123)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Aggressive Mode

BorderManager supports aggressive mode, and does not require a valid ID in order to respond.

Below is an example aggressive mode response from BorderManager 3.8 on Novell Netware 6.5:

$ ike-scan -M -A --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Aggressive Mode Handshake returned
        HDR=(CKY-R=a84d5ddc66e2638b)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        KeyExchange(128 bytes)
        Nonce(20 bytes)
        ID(Type=ID_IPV4_ADDR, Value=172.16.3.27)
        Certificate(Type=X.509 Certificate - Signature, Length=1376 bytes)
        Signature(256 bytes)

Response to Noncompliant and Malformed Packets

No acceptable transforms

$ ike-scan 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Notify message 14 (NO-PROPOSAL-CHOSEN)
        HDR=(CKY-R=4441f4cd611a8bcb, msgid=846b370d)

Bad IKE version

$ ike-scan -M --headerver=0x30 --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=bb4ba8aba5cb23f4)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)
$ ike-scan -M --headerver=0x11 --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=92f17de09c9110d1)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Invalid DOI

No response from BorderManager 3.8.

Invalid Situation

No response from BorderManager 3.8.

Invalid Initiator Cookie

No response from BorderManager 3.8.

Invalid Flags

$ ike-scan -M --hdrflags=255 --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=e711646057ed520e)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

Invalid Protocol

$ ike-scan -M --protocol=2 --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Notify message 10 (INVALID-PROTOCOL-ID)
        HDR=(CKY-R=06616da43d0332d7, msgid=35ba9b3b)

Invalid SPI

No response from BorderManager 3.8.

Non-Zero Reserved Fields

$ ike-scan -M --mbz=255 --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=bf49ac7deceab1b7)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

NAT Traversal

BorderManager 3.8 supports NAT Traversal. Below is an example of a NAT Traversal response from BorderManager 3.8:

$ ike-scan -M --nat-t --auth=3 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Main Mode Handshake returned
        HDR=(CKY-R=c0d4a90ec65429b5)
        SA=(Enc=3DES Hash=SHA1 Auth=RSA_Sig Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080)
        VID=7d9419a65310ca6f2c179d9215529d56 (draft-ietf-ipsec-nat-t-ike-03)

IVEv2

BorderManager does not support IKEv2 as of BorderManager 3.8.

Remote Access VPN Client

Novell bordermanager vpn client.png

Other Interesting Behaviour

Predictable responder cookies

A list of the different responder cookies, and the times that they were received, is given below. In this list, the first column shows the time when the packet was received, and the second column shows the responder cookie. Elipses (...) show where multiple lines with identical cookies have been removed for brevity. Each ellipse represents about 1400 omitted lines.

13:25:06.563218 fcb5babf3454e319
13:26:06.488920 fcb5babf3454e319
...
12:55:06.532470 fcb5babf3454e319
12:56:06.466293 fcb5babf3454e319
12:57:06.445624 70922d04c056bc12
12:58:06.454968 70922d04c056bc12
...
12:39:06.435416 70922d04c056bc12
12:40:06.488223 70922d04c056bc12
12:41:06.568345 534129c8eda39e27
12:42:06.582008 534129c8eda39e27
...
12:23:06.596316 534129c8eda39e27
12:24:06.653245 534129c8eda39e27
12:25:06.580139 2d7c639c57d6d896
12:26:06.421715 2d7c639c57d6d896
...
12:07:06.504430 2d7c639c57d6d896
12:08:06.395834 2d7c639c57d6d896
12:09:06.400113 38338fd7855747ab
12:10:06.524477 38338fd7855747ab
...
11:51:06.419117 38338fd7855747ab
11:52:06.556816 38338fd7855747ab
11:53:06.722715 3f430f2c715908c3
11:54:06.627612 3f430f2c715908c3
...
11:35:06.606475 3f430f2c715908c3
11:36:06.593664 3f430f2c715908c3
11:37:06.528123 4ab09245899ac58e
11:38:06.449059 4ab09245899ac58e
...
11:19:06.576838 4ab09245899ac58e
11:20:06.485380 4ab09245899ac58e
11:21:06.438597 e42cdef7cb8850bb
11:22:06.486008 e42cdef7cb8850bb

Default Configuration

By default, BorderManager 3.8 supports the following transform attributes for IKE Phase-1:

Encryption DES or 3DES
Hash MD5 or SHA1
Authentication RSA Signature
DH Group 1 or 2

There does not seem to be any way to change which IKE Phase-1 transform attributes it will support.

BorderManager 3.8 does not support AES or DH Group 5.

BorderManager claims to support RC5 encryption, but it does not seem to be supported for IKE Phase-1:

$ ike-scan --trans=4,2,3,2 -M 172.16.3.27
Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/)
172.16.3.27     Notify message 14 (NO-PROPOSAL-CHOSEN)
        HDR=(CKY-R=c066fc1ab10ad872, msgid=f813571f)

Discovered Vulnerabilities