Powered By Blogger

Thursday, August 19, 2010

Practical 11.3 TrueCrypt

Ok..... this time we will be trying out another encrypting system the TrueCrypt............

First..... go to www.truecrypt.org to get your TrueCrypt program.......(If the URL does not work... go to any search engines and search for "TrueCrypt")

Click on the Downloads button and then under the Windows Vista/XP/2000 section..... click on the Downloads button again to download the TrueCrypt program~~~ After successfully downloading the file, run the installer and proceed with deafult options.......

When the installation completes launch the Truecrypt program and select NO if they prompt you for a tutorial......(Don't waste your time)

Now.... Your TrueCrypt window should be the same as what is shown in the following screenshot.....
To start off... click on the Create Volume button........The Creation Wizard window should appear as shown in the next screenshot.......
Here, choose the first option Create an encrypted file container and click Next to proceed on....Keep on following any default options until you have reach a window prompting you for the volume size as shown in the screenshot below....

The volume size is recommended to be at 1MB as this is just a testing....Remember that the MB option is selected and not the others.....now click Next and yet again proceed on with default options...........


When you have reach the window on "Volume Format" as shown in the screenshot above....move your mouse around, within the window, for at least 30 seconds to strengthen the encryption...(I do not kknow why, but just do it....If you notice, when you move your cursor around,,, the line of letters and numbers in Random Pool: begins to change every fast as compared to when your don't move your cursor)

After moving your cursor around for at least 30 seconds or until you are satisfied..... click Next to complete your volume creation.....

When you have finish creating your volume you should be back at the home window of truecrypt....But now you should see that one of your drives is not empty anymore as indicated in the screenshot above by the red rectangle^^^^^

Now with a drive activated.... Remember the Encryted.docx & Not Encrypted.docx from the previous post????? now you can move the Encrypted.docx into the activated drive, which you can find when you open My Computer....... Now try opening both Encrypted.docx & Not Encrypted.docx did you noticee any difference in the time taken to open these 2 files????
After you are done,, to unactivate your encrypted drive, go back to your TrueCrypt program and simply click on the Dismount button......
There you have it :)


Posted by at No comments:
Labels: , ,

Practical 11.2 Microsoft's Encrpyting File System(EFS)

Ever used before the default encrpytion system that comes with your OS????? Lets try it out :)

Okkkkkkk.... First create a random Word document with a little bit of contents..... Then named it Encrpyted.docx....... then save it again, but this time as Not Encrpyted.docx ........ If you cannot decide on what to type in your Word document you can copy my content as shown in the screenshot below>>>>>>>>
Ok.... After all that is done..... Close the Word document.....

Right-click on Encrpyted.docx and choose the Properties option......
In the Properties window, click on the Advanced button in the General tab.....

The "Advanced Attributes" window should now appear as shown in the screenshot below.....
Now most of you should have the same situation as seen in the screenshot below; your last check box is greyed out....The Encrpyt contents to secure data box is greyed out..... That is because the version of your Windows 7 OS does not support the Encrpyting File System(EFS).....

FYI only Windows 7 Professional,Ultimate & Enterprise have EFS, the other versions do not have EFS........Some of you might not even find the Advanced button in your Properties window,,,, that is because the system that your file is in is not a NTFS system, therefore, you might need to change the location of your file......


However, for those of you who can check the box, lets proceed on...........
After checking the box..... click OK and try to open Encrpyted.docx again..... Did you notice any difference in the time taken to open the document????

Well there you have it....Thats how you use your default encrpyting system EFS..... :) byebye
Posted by at No comments:
Labels: , ,

Practical 11.1 Installing hash generators and comparing hashes

Ok....... to get your hash generators; first, go to md5deep.sourceforge.net >>>>>
(If the URL does not work, go to any search engines and search for "MD5DEEP")

When you reach the website.. click on the Download md5deep button and you should see the same webpage as the following screenshot...
Remember to choose the correct download for your OS, in this case I will be using windows therefore, I will be downloading the Windows binary as indicated in the screenshot above with the red oval^^^

For this program... I would really suggest that you download it into an easily accessible place cause to access this program you will be using the command prompt..... It would really make it easier to navigate to the program.........

Ok... After downloading the file, locate it and extract its contents...........After extracting, create a Word document & save it in the file with all the extracted contents as shown in the screenshot below~~~~

After all that preparation is done, go to your Start menu and search for your command prompt program or type cmd into the search box....And then run it.....
Using your command prompt, navigate through your system till you reach the extracted file......This might take sometime if you did not safe it in an easily accessible place~~~~

So...... after you have reach the extracted file.... type in the command MD5DEEP .docx and press Enter. A line of letters and numbers should appear-that is your hash value......
Now we should have another example,,, so,,,, type in the command MD5DEEP MD5DEEP.TXT , this command will show you the hash value of the file "MD5DEEP.txt"..... This is shown in the next screenshot......


What difference can you see between these 2 hashes?????
Well we should have another example... Open the Word document you have created and remove the period at the end of the sentence and save the file with another name(e.g your original document ends with bla bla bla. ,your edited document should be like bla bla bla)

Now type in the command MD5DEEP .docx....


What differences do you see between the hash of your original Word document & the hash of your edited Word document?????
Well there you have it..........You can also test out the different hash generators SHA-1(sha1deep), SHA-256(sha256deep) & Whirlpool(whirlpooldeep)..... By typing in their respective commands stated in the brackets followed by the document's name plus '.'...................
REFLECTIONS!!!!!!!!
The length of the hash generated by MD5DEEP is 32....I have also found out that the MD5 hash is quite strong as it has a fixed length and its hash does not repeat........I have also noticed that the hashes does not contains any alphabets between 'g' to 'z',,,, this is because the hashes are represented by the hexadecimal number system......


Posted by at No comments:
Labels: , ,

Wednesday, August 18, 2010

Practical 8.5 Use an OpenID account

Ok in the previous posts I talked about how to create an OpenID account, but why create something when you do not know how to use it soooo..... This time I will be talking about some examples of using an OpenID account....

For the first example I will be using livejournal>>>>>>>>

So, 1st go to www.livejournal.com/openid/ and you will reach a webpage as shown in the screenshot below.......
Still remember your "PIP URL"??? well enter that into the Your OpenID URL: input box as represented in the screenshot above with the red oval^^^^^^^^

After submitting yout PIP URL, you should be transferred back to your pip verisign lab website, here you will be asked to verify the website and whether to allow the metioned website to have access to the information in your OpenID account.... You will also be given a choice to choose when your OpenID account with that respective website will expire........




So after all that, you will be able to use livejournal for as long as you have stated......

With that finish, we will move on to the second example which is lifewiki.....

1st go to www.lifewiki.net/login you will arrive at the webpage shown in the screenshot below>>>>

Well,,, when you have reach this webpage, you know what to do, just simply repeat everything I have said for the livejournal example, it is the same procedures...... So there you have it,,, thats how you use your OpenID account.......


Posted by at No comments:
Labels: ,

Practical 8.4 Create an OpenID account

This time I will be creating an OpenID account......

To create an OpenID account, 1st go to pip.verisignlabs.com/ to get a Verisign Labs OpenID account. Or if the URL is invalid go to any search engines and search for "PIP OpenID sites".....

Now you should reach the website, click on the Sign in link to reach a similar webpage to the one shown in the screenshot below.....

When you have reach this page, click on the "Sign up for an Account" link to sign up for a new account.......

Fill in all the necessary information but don't fill in too much, only those that you think are necessary cause all these information can be view by others....
So..... When you have finish registering...You will arrive at the webpage shown in the screenshot above... The grey box is where your email address is and the red box is your "PIP URL" which you will need to remember.......
You should also have receive an email from verisignlabs.com, open that email and click on the link provided in the email to validate your account.... After that, click on the My Account link to arrive at the webpage shown in the screenshot below, here, you can edit your profile, add an icon and so on......

After you are done editing your profile, click on the link My Information to come to a webpage that is shown in the screenshot below.....


Here........ It shows you all the information that will be visible to others so you can edit anything that you want to show others or you can take it out so that others cannot see it....

And this is how you create an OpenID account.............. :)

Posted by at No comments:
Labels: , ,

Practical 8.1 Cognitive Biometrics

This time it will be about cognitive biometrics.....


1st go to www.passfaces.com/demo to try out a demo cognitive biometrics program.(If the URL is invalid then go to any search engines and search for "Passfaces demo") When you have reach the site, scroll down, you should see something similar to the screenshot below--->>>


Enter all the neccessary information into the "First Time Users" section(Assuming that you have not register before) and then click the Click to Enroll button to proceed....(You can also leave all blank and immediately press the button)...By doing so, a window as shown in the screenshot below should appear

Just simply click the Next button and continue on .

When you reach the page shown in the screenshot above, try and remember the three faces given to you, the 3 faces will be your passwords.... When you think you are good to go just simply click the Next button........


Now you will come to a page showing you nine different faces as shown in the screenshot above, click on the face that has been assigned to you, as they have stated, out of the nine faces only one of them has been assigned to you..... Click the correct one to continue to the second face and so on, if you got it wrong, you will start all over again.....
However, do not fear if you have forgotten the face, after a while the correct face will animate and move around in a circle and its outline will turn red......Below is a screenshot to show you an example when you chose the wrong face.....
After choosing a few correct faces you will complete your 'registeration' so now at the homepage you can click the Logon button instead of clicking on the enroll button.....




REFLECTIONS!!!!!!!
I think that cognitive biometrics is quite secure as it does not have something that other people can copy digitally or physically however, in the case of the demo as I have mentioned above, it is not very safe as people just have to know your username they will be able to gain access as the password will reveal itself as long as the person waits....

Posted by at No comments:
Labels: , ,

Practical 7.2 Password Storage Program

Password Storage Program---- basically it stores your passwords for all your accounts so that you will only need to remember one password; which is the "Master password" for the storage program. So..... let us test out 1 such program...


1st go to keepass.info and click the Download button to get your password storage program, as shown in the screenshot below....(If the URL does not work, go to any search engine & search for "Keepass")


After you have downloaded it, loacte the installer file and run it..... Follow and proceed through the setup with default options. After you have successfully installed Keepass, start it up. Now to start a new database for your passwords, go to File and click on New. As shown in the screenshot below>>>
A new window should appear, now input your master password into the input box as shown in the screenshot below and click OK..... to proceed on.


A new window will appear yet again... In this window(as shown in the screenshot below), fill in all the fields that you think are neccessary....For the Username: section, enter the username of the account that you would use this password on.....(e.g this password is for your msn account, so enter your msn account username into the Username: field)

When you are finished.... click the OK button to complete the storage of your password.... now you will be able to see your stored password in the hompage of your Keepass program....
Thats not the end.....This program also allow you to connect to the login page of the account that you have specify.... Just double-click on the URL that you have entered when registering the password entry and it will bring you to that webpage.

After you have reach the webpage just bring your Keepass program over the login webpage as shown in the screenshot below.....
Now just drag and drop your username and password into the respective fields, YES!!!! JUST LEFT CLICK ON YOUR USERNAME IN THE KEEPASS PROGRAM AND DRAG IT TO THE RESPECTIVE FIELD IN THE LOGIN PAGE, its that simple.... and click on the login button and VUALAA!!! you are logged in.......Unless you entered the wrong password into your storage program -,-".... So there you go.... thats how you can use the Keepass password storage program.....




REFLECTIONS!!!!!!!!
Although a password storage program is good and easy to use there are a few causes of concerns, 2 of such causes are:
1.There is only one master password, therefore, people just have to know your master password and they will have access to all your accounts.
2.Drag and Drop function, especially for the password part, is it really safe just because it isn't typed out??
Posted by at No comments:
Labels: , ,

Practical 7.1 Rainbow Tables

This time we will be trying out a rainbow table; it is used to find out what the password is to an account or file...... BUT BE WARNED!!!!! I WILL NOT BE LIABLE IF U USE WHAT U HAVE LEARNT HERE FOR BAD INTENTIONS!!!!! With that out of the way>>>> Now, 1st you need to get your rainbow table software....... So go to ophcrack.sourceforge.net to download your ophcrack rainbow(if the URL mentioned above is invalid, try going to a search engine & search for "Ophcrack"), and remember to download the correct version of Ophcrack for your OS, if you are using Windows, download the Windows version & not MAC or others.....

Ok----------- After you download the correct version, locate the file on your computer and run it. (In this case, I will be using the Windows version)



Proceed with your setup until you have reached the page as shown in the screenshot above. You can choose to download all(but it will take quite long), if you want or you can just choose to "download and install" the "tables" that correspond to your version of Windows...... In this case I will be "downloading and installing" the "small Windows XP tables". Then just continue on with the setup with default choices.

After you have successfully installed your Ophcrack, locate it and run it. After running the program click on the Tables icon-this will lead you to a page similar to the screenshot shown below.However the status of all your "Tables" should be not installed, so to activate a "Table", click on the "Table" that you have downloaded and click on the "Install" button at the bottom of the page.... After that, the red circle beside your chosen "Table" should turn green, this will indicate that you are ready to continue, just click on the OK button to proceed on>>>>>>



After clicking on the OK button, it should bring you back to the homescreen.... & now your activated table should appear at the bottom half of your page as shown in the screenshot below-highlighted by the red line........

Now.... you will need a dummy hash value to test out your rainbow table..... To get your dummy hash value, go to www.objectif-securite.ch/en/products.php , when you have reached the webpage, scroll all the way down until you see something similar to the screenshot shown below....



In the input box beside the "password:" enter any password you want, in this case I will be using '12345' as my dummy password; after entering your dummy password click on the submit password button>> a single line of letters and numbers should appear just below the "password:" input box-that, is your hash value. Copy that and return to your Ophcrack program....
Now, click on the Load icon in your Ophcrack program to review a list of choices, from this list choose the Single hash option. A new window will appear, paste your hash value there as shown in the next screenshot>>>>>>


Now... just simply click OK and let the program run :)
In a few seconds your password will appear as shown in the screenshot below; highlighted by the red lines..... However, how long the program takes to crack your password depends on the complexity of your password, if your password is as simple as '12345' as in the case of this example, it only takes a few seconds.....




So......... feel free to test how powerful your password by using a similar password,,,, remember do not enter your actual password I won't be responsible if your password is leaked because of this arhs.............



REFLECTIONS!!!!!!!!!
Rainbow Table attacks work by obtaining a hash value and deciphering the password from the hash value through a similar method to brute force attacks....
Three characteristics of a strong password are:
1.Not make up of words that can be found in dictionaries.
2.Should not be easy for people to think of when they think of you.
3.Should be made up of letters, numbers and or special characters such as ":~!@#$%^&*;?<>".
Posted by at No comments:
Labels: , ,

Saturday, June 12, 2010

Practical 2.2 Use a Keylogger

RESTRICTED!!!!!!

The things that are learnt from this page shall only be used for studying and NOT for malicious intentions...............................................................................

(You might need to temporary disable your antivirus software and any other security software as such softwares might block you from downloading the keylogger file, or if you have a virtual machine, download it in your virtual machine, it will be safer...)

Ok, after saying that, we shall continue..... This time we will be trying out a keylogger.....
Well, first open a web browser and enter the URL: www.softdd.com/keystrokerecorder/index.html , if this URL does not work, got to any search engines and search for "Keyboard Collector". You will arrive at the webpage shown in the next screenshot>>>>>>>>>>>>>>

After reaching this webpage(above screenshot), you can either read the introductions it has or simply scroll down until you see the "Go To Download Page(Download.com)" link and click it to be redirected to another website and from there just simply click the download icon to download the keylogger....(by the way, there is a short summary of the various features of the software below the link, so you can also browse through it if you want to)

After downloading the keylogger, double-click the installer to run it. Install the keylogger with default installation procedures...
After successfully installing the keylogger, you should be able to see its dialog box appearing or if it prompts you for a password just simply click the "OK" button to move on(this will appear everytime you want to open the keylogger so remember it, because I would not repeat this again). In the keylogger's window, ensure that the "<--Always Run(Ignore Start Time)" check box is Checked before clicking on the "Activate/Start" button and then "Yes" to start the keylogger...
Now if you are curious, you can click "Alt+Ctrl+Del" to open the task manager.... Here you will find that eventhough you have activated your keylogger, it does not appear in the Task Manager..... This is because it automatically cloak itself to prevent itself from being detected...(Or else how can it so successfully keep log of another user's activity with his/her computer if the other user will notice it running just by opening the Task Manager?)

After sidetracking a little, we shall come back to testing out the keylogger we have just installed... To test it out I have simply open a notepad and typed in "did you take this down?" and saved it as "text"....
After that to see if your keylogger is really working, double-click on the keylogger's icon on the desktop to open it, then click on the "View Your Logs" button you will see something similar to the screenshot below>>>>>


As you can see the red-lined words are the contents that I have typed in (as you have noticed there are some discrepancy in the sentence, that is because I did a few "Backspaces" but the keylogger did not notice it and it just blindly records the letters that I typed) and the purple-lined words are the name of the file that I have save the sentence under.......
Now, you can continue to test it out further by trying to login in to any accounts or you can try to type and send an e-mail.......
But when you are done, always remember to click on the "Deactivate" button to stop the logging..... And remember to uninstall it from your system when you are done....You can do this by simply clicking on the "Uninstall" button in the Keylogger's window, and then follow the default procedures.......
REFLECTIONS!!!!!!!!!!
The main learning of this practical is to learn how a keylogger works so that we will be able to devise a way to counter its activity and prevent it from recording anything from our computers.


Posted by at No comments:
Labels: ,

Friday, June 11, 2010

Practical 4.1 WireShark Protocol Analyzer

This time we will be using a protocol analyzer a.k.a sniffer... it captures information in "packets" to decode and analyze its contents.

So to test out this cool and dangerous software, first, go to the website: www.wireshark.org or if the URL does not work, then go to any search engines and search for "Wireshark" and you will come to the webpage as shown in screenshot below>>>>>

To download..... it should be very obvious.... just simply click the very big "Download Wireshark" icon or the link just below it.....

After a successful download, double-click on the installer to run it and follow any default installation procedures....

After installing, go to your Start menu, move your cursor over the "All programs" to expand the list, click Wireshark and click Wireshark again...... Wireshark will start up and show you a page similar to the screenshot below....

(Just for some safty reasons I shall not show anymore screenshot and I will try my best to guide you well by words)

Ok,,,, so after seeing this, click on the Capture tab and then choose Interfaces, select the network interface adapter for your computer and then click Start to let the program start capturing any packets that pass through your computer's network interface adapter.....

Next, go to your Start menu and search for a program call "Command prompt" and open it, there, type "ftp server1" and press the "enter" button on your keyboard... After which some comments will appear and after it does, type "quit" and press the "enter" button on your keyboard again, then click on the "exit" button to close the command prompt window....

Now, it is time for the fun part..... we shall now try to use the wireshark program to capture passwords and other login information....

So..... now open your web browser and go to www.bluehost.com/cgi-bin/uftp/ .... there, enter "Gerald" for the username and "happy" for the password and press Enter,, this will cause an error message to appear, telling you that your inputs are invalid...

Return to your wireshark window and click on the Edit tab and choose Find Packet... click on the String tab.... Under "Filter:" type "Gerald" and then click on the Find button.... it will highlight one of the packets captured and at the bottom half of your wireshark window, you will be able to see both the username and password that you have just entered, this can also be seen by any other attackers if they are also able to capture this particular "packet" or if they are able to view your computer records......

So remember to close your wireshark when you finish and choose not to save any data.....




REFLECTIONS!!!!!
I have learnt that a protocol analyzer is a computer software or hardware that can intercept and log traffic passing over a digital network or part of it.And through wireshark, a person can capture and view passwords and other infos. You can counter such problems by not blindly having passwords that are similar to any of your important accounts such as your bank accounts. So that if your password for some minor website account is being captured by others, they would not be able to access any of your important ones.... Or you can change your password frequently so that they will not be able to access your accounts even if they haved captured your passwords.
Posted by at No comments:
Labels: , ,

Practical 3.3 Set Web Browser Security

This is for those who are unsure of how to set their web browser's security>>>>>>

First, open your Internet Explorer(for this, I am using IE version 7)..

Next, click on Tools on the menu bar and then click on Internet Options,,, as shown in the next screenshot....


After that, a dialog box will appear... Under the General tab, click the Settings button under the section "Browsing history"... Then click View files, this will cause another window to appear, showing the contents of "Temporary Internet Files" ...... To see how long you have not cleared your browsing history, just right-click on any empty space in the window...then go to "Sort by" and then click "Last Checked".....
NOW..... to check the cookies that you have>>>>> simply right-click on any of the empty spaces in the window, go to "Sort by" and then choose "Name"..... Now, scroll down to the files staring with the letter "C" and all your cookies will have their file name look something like; "cookies:blabla_blabla@blablabla.com", double-click on it to view what a cookie file will contain.... After this.... close both the "Temporary Internet Files" windows and the "Internet Options" dialog box..... Then once again, click on the Tools tab and choose Manage Add-ons, it will popup a dialog box showing all the add-on applications that you have in your computer... which in this dialog box.... you can enable or disable them. Under the "show:" drop-down menu, choose "Run without permission" to view all the apps that run without needing to seek administrator permissions....


After you have enabled/disabled any apps/activeX controls.... close the dialog box.....
Now go back to the Internet Options dialog box by clicking on the Tools tab and choose "Internet Options".... After which click on the Security tab.... Then click on the "Internet" icon.
Under the section "Security level for this zone" there is a slider.... this slider represents the level of security that is currently activated for your internet....(Feel free to slide the slider up or down to view the different security measures it will do under different levels of security)...Other than the slider... you can also click on the "Custom level" button just below the slider to better customise what actions your web browser will do to protect your computer....
Moving on.... Now click on the "Restricted Zone" icon.... To test out what this section does... add any one of the websites that you know into this section, by clicking on the "sites" button and then entering the URL of the website that you want to add, after which, simply click on the "add" button... Now, using your web browser, go to the website that you have included into the "Restricted Zone" section... At first you will be able to access the webpage(don't worry, this does not mean that it is not working), try accessing any link on the website.... you will find out that an alert message box will appear as shown in the next screenshot....




After testing out that function.... go back and remove the website that you have added, if necessary, if not; go back to the "Internet Options" dialog box and click on the Privacy tab and you will see something to the screenshot below>>>>>

Here, you can also slide the slider anyway you want to see what the web browser will do about the cookies under different levels of security.... Lastly, as you can see in the screenshot above, there is a "Pop-up Blocker" section, click on the "Settings" button to change how you want your web browser to filter the pop-ups.....
After doing that, you are done.....finished......
REFLECTIONS!!!!!!!
From this practical, I have learnt that "ActiveX" is a framework for defining resuable software components in a programming language independent way. I have also learnt that "ActiveX controls" can also be found in other browsers other than Internet Explorer.I have also learnt that though ActiveX is good, but it also poses as a security problem to us. As we download the various ActiveX controls, some of them might be malwares that havve been disguised as ActiveX controls.Thus, we should always be careful of what we download...




Posted by at No comments:
Labels: , ,

Sunday, June 6, 2010

Practical 4.3 Hosts file attack

This time would be about hosts file attack....this happens by substituting a fraudulent IP address. Attackers can target local hosts file and create new entries to redirect users to their fraudulent website.... So I will be showing an easy example of how they do the redirecting....

First check out any 2 websites of your choice.....in this case I will be choosing Course Technology Web site and Google.... confirm the 2 URLs are working and make sure you know any one of the website's IP address....

After meeting these requirements you are now ready to attack your own hosts file>>>>>

First, search for "Notepad" in your start menu, right-click it and choose "Run as administrator"... As shown in the screenshot below


After which, when your notepad opens.....click on the File tab and choose "Open"; next navigate to your file C:\windows\system32\drivers\etc\hosts and open it....
At the end of the file enter the IP address of google,74.125.47.99 as shown in the red bracket in the screenshot below>>> Then press the Tab button and type the URL www.course.com as shown in the green bracket in the screenshot below....

After typing the IP address and another website's URL in.... go to File and click Save... Now,,, to test out whether it works... Open your web browser and type in the same URL that you have typed into the green bracket ...

So for my case initally the link www.course.com is suppose to bring me to the webpage as shown in the screenshot below>>>>
But after doing those editing in the notepad, after I entered the URL www.course.com into the web browser.... it will bring me to the webpage of google as shown in the screenshot below....





And if this happens that means that you have successfully attack your own hosts file....Congrats.... Now to revert it back to normal just delete what you have just entered and Save the notepad.... After you have done this, everything will revert back to normal.....
REFLECTIONS!!!!!!!
Through this practical, I have learnt that DNS stands for Domain Name System... Its purpose is to name resolution within your domain as well as outside of your domain.... And the purpose of substituting a fraudulent IP address in the DNS or the hosts file is so that when a user enters a specific URL, he/she is redirected to the fraudulent website.....

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)