Saturday, October 24, 2009

Lab 7 : Security In Network

0 comments Posted by gina at 10:40 PM

For me, IP Sec means a security protocol from the IETF that provides authentication and encryption over the Internet. IPsec is supported by IPv6 and since IPsec was designed for the IP protocol, it has wide industry support and is expected to become the standard for virtual private networks (VPNs) on the Internet.

Here I will explain how to Capturing File Transfer Protocol (FTP) Username and
password:
1.Start VM containing winserv03_server and winserv03_client.
2.Login as Administrator
3. Set the IP address of your winserv03_server and winserv03_client
4. Check that your winserv03_server is already installed with FTP server and Wireshark. If FTP server installed than start the FTP service using [Start] | [Administrative tools] | [Internet
Information Services (IIS)] otherwise you need a Windows Server 2003 CD to installed Internet Information Services (IIS) with FTP.
5. if wireshark is not install then it can be downloaded for free from http://www.wireshark.org.
6.open Wireshark on winserv03_server.[Start] | [Program] | [Wireshark].
7.Click on [Capture] | [Interfaces] to choose the network interfaces you wanted to monitor

IPsec, Different to SSL which that provides services at layer 4 and secures two applications, IPsec works at layer 3 and secures everything in the network and which is typically built into the Web browser, IPsec requires a client installation.
The benefit is IPsec can access both Web and non-Web applications, whereas SSL requires workarounds for non-Web access such as file sharing and backup.

IPSec protocol:
• Authentication Header- use for provide connectionless integrity and data origin authentication for IP datagrams and for protection against replay attacks.
• Internet key exchange (IKE and IKEv2) - to set up a security association by handling negotiation of protocols and algorithms and to generate the encryption and authentication keys to be used by IPsec.
• Encapsulating Security Payload (ESP) - to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service.

 

Thursday, October 15, 2009

Lab 8 : Hack the Wireless

0 comments Posted by gina at 1:41 AM

Hacking wireless can be done by any attacker or person which usually want to detect password and username of other people wireless connection. For security, Access Point should be topologically located outside the perimeter firewalls.I learned how to hacking wireless. This activities can be done by using software named as Backtrack. We can use gui or command to start hack the wireless connection.For start the GUI, type 'startx' to start the gui. To check the network connection, type 'ipconfig'.For checking the wireless type 'iwconfig'. Then type 's' to sort the network. The most important thing is need to remember the MAC address.Here is example :

--> To get network that connect
airodump -ng --ivs -w capture --channel 1 ahndhbo(name of device wireless)

--> To get a reply from network
aireplay -ng-o-e dlink -a 00:1E:FB:57:ED -h 00:22:4C:1E:FB

 

Monday, October 5, 2009

Lecture 8 : Wireless Security

0 comments Posted by gina at 7:33 PM

Wireless help us easy to connect to internet without using any external devices such as cable ,
switch, hub and so on.
Wireless is help us reduce the space. For connect to wireless, we only need access
point(AP) and wireless station(Eg: desktop, laptop,PDA)
In 1997, IEEE produce a Wi-Fi(802.11). Two type of wireless mode use in wireless connection:
1. Ad-Hoc Mode - connect without using access point, it is easy and called as peer-to-peer.
2. Infrastructure - at least need one access point.There are two type
a) Basic Service Set (BSS) - one Access Point
b) Extended Servce Set (ESS) - more than one BSS.

Wireless LAN (WLAN) is service of 802.11 which use Layer 1(Physical Layer) and Layer 2
(Data Link Physical). There are 3 basic security service in WLAN environment. First is authentication
which provide a security to identify an identity in communication. Second is an integrity to check
that the message from sender to receiver is secure without get attack or modify by hacker.Because
an attack also can manipulate message through access point.Third is confidentially, is to ensure that
there is secret between network and privacy all the detail.

In wireless connection, Wired Equivalence Privacy(WEP) is use for shared key between PC/laptop with access
point and provide the extended service set(for ensure access point have same shared key).

WPA is Wi-Fi Protected Access which use in 802.11a, 802.11b and 802.11g. This use to solve the
problem with Wired Equivalence Privacy because it used on small amd handled device for connectivity.

Wireless Transport Layer Security(WTLS) use to make sure the data is privacy before it being broadcast.

 

Lecture 7 : Security In Application

0 comments Posted by gina at 7:32 PM

Email use to transmit data or information into other receiver. It’s operated by divide each email by two part (header and body). It uses MIME protocol. Email can easily expose to threats same as threats can easily exposed by email. The most theats that enabled by email is spamming, it dissipate memory and bandwidth of our computer.

PGP is Pretty Good Privacy, glamour as plug-in emails clients and also used as stand-alone software. It will sign a detached and stored separately.

Web security techniques that popular use by people in network. I think everybody is familiar with SSL, SSH, https, and SET.

1. SSL which provides two layers architecture can help to secure the used of web browser and servers. It popular use in electronic banking.

2. tSSH used to provide a security in application layer which built on TCP in transport layer.

3. SET specially designed to secure communication link and to protect credit card but it need confidentially pament and information, card holder authentication and merchant authentication.

4. Https used to secure communication between computers and www.

Nowadays, biometric technology is exposed in fingerprint(example shape is arch, loop and whorl), eye, face, hand geometry, signature and voice. It also had been found in body odour, palm print, earshape and DNA. Biometric is an identifier of person through physiological or behavioral. How biometric function is if there is unique, acceptability, stability and universality. It function with using storage, data collection, signal processing, matching, and transmission. Examples of device that apply all the function are Optical fingerprint sensor, electro-optical sensor, e-field sensor, thermal sensor, and capacitive sensor. But we must alert with threats that usually attack biometric sensor, example is replay attack of eavesdropped biometric data and manipulation of stored biometric reference data. Because over than 50% of email is now spam. Other protocol that is used is S/MIME that allows a good client security through signature also encryption.

 

;;
Subscribe to: Posts (Atom)