|
|
[[_TOC_]]
|
|
|
This page discusses various aspects related to Kea software security. This is a living document. This page will eventually be merged into [Kea ARM](https://kea.readthedocs.io).
|
|
|
|
|
|
>> Vicky: I think it would be more appropriate for the ARM to address this from the perspective of, 'how can you improve the security of your Kea deployment' and provide more of a 'how to' approach.
|
|
|
|
|
|
# 1. Kea Security
|
|
|
The sections below are not listed in any particular order.
|
|
|
|
|
|
This page discusses various aspects related to Kea software security. This is a living document. This page will eventually be merged into [Kea ARM](https://kea.readthedocs.io).
|
|
|
[[_TOC_]]
|
|
|
|
|
|
>> Vicky: I think it would be more appropriate for the ARM to address this from the perspective of, 'how can you improve the security of your Kea deployment' and provide more of a 'how to' approach.
|
|
|
|
|
|
The sections below are not listed in any particular order. This is not a recommendation for any specific practices. Many topics here are simply something to consider. In many cases, there's a trade-off between convenience and higher security. It is up to the administrator to make those choices.
|
|
|
# 1. Kea Security
|
|
|
|
|
|
Kea was designed to be installed into a protected environment in a core network datacenter. It is not hardened from a security perspective. This is not a recommendation for any specific practices. Many topics here are simply something to consider. In many cases, there's a trade-off between convenience and higher security. It is up to the administrator to make those choices.
|
|
|
|
|
|
|
|
|
## Component-based design
|
... | ... | @@ -40,6 +42,11 @@ Depending on the database configuration, it's also possible to check if the syst |
|
|
|
|
|
As of today, Kea does not support SSL/TLS connection to databases. There is a community contributed patch available for [SSL support for MySQL](https://github.com/isc-projects/kea/pull/15) and [SSL support for Cassandra](https://github.com/isc-projects/kea/pull/118). If the communication channel to the database is a concern, the database can be run locally on the Kea server.
|
|
|
|
|
|
## Kea Logging
|
|
|
|
|
|
- what security sensitive information might be in the logs?
|
|
|
- where are logs stored, presumably access can be controlled via file permissions?
|
|
|
|
|
|
## Cryptography components
|
|
|
|
|
|
Kea has support for two cryptographic libraries: Botan and OpenSSL. This is both compile and run-time dependency. The library is chosen at compilation time. The binaries use only one library that is chosen at compilation time. Most deployments use OpenSSL, because it's much more popular, but Botan remains a fully supported alternative.
|
... | ... | @@ -97,9 +104,9 @@ Kea 1.9.2 introduced a new `auth` hook point. With this new hook point it is now |
|
|
|
|
|
Kea runs on a wide selection of open source UNIX/Linux variants. You can choose your preferred OS. ISC provides installer packages for the most popular operating systems. If you prefer a stripped-down OS to minimize the footprint for security purposes, we do provide an installer package for Alpine Linux.
|
|
|
|
|
|
## Vulnerability Handling
|
|
|
## Kea Vulnerability Handling
|
|
|
|
|
|
ISC is an experienced and active participant in the industry standard vulnerability disclosure process and maintains accurate documentation on our process and vulnerabilities in ISC software. Kea vulnerabilities are publicly disclosed, and any critical vulnerabilities reported to Mitre/CERT.
|
|
|
ISC is an experienced and active participant in the industry standard vulnerability disclosure process and maintains accurate documentation on our process and vulnerabilities in ISC software. Any critical vulnerabilities (those that score >5.0 on CVSSv3) are publicly disclosed and documented and reported to Mitre/CERT.
|
|
|
|
|
|
In case of a security vulnerability in Kea, ISC will notify support customers ahead of the public disclosure, and will provide a patch and/or updated installer package that remediates the vulnerability.
|
|
|
|
... | ... | |