PresentationAPE

From LiluxWiki
Jump to navigationJump to search

Introduction LiLux

Agenda

 - Firesheep
 - Phishing
 - Bad certificate
 - Man in the middle

Explication sur le set-up:

 - addresse e-mail
 - compte facebook
 - mots de passe (dans envelope distribué par APE)

Set-up réseau

  Internet -- Hotspot-Lu -- Wifi-router (laptop) -- Wifi access point --   laptop users
                                                                       +-- laptop present. 


Firesheep

 Acces via Hotspot.lu (verify if https)
   Access www.yahoo.com and log-in
   User to Install firesheep himself -> install Yahoo
--> always check that https is on front of the URL (address) 
--> be careful about Open Wifi Access points


Phishing

  Send e-mails : genuine and fake
    - linkedin
    - facebook.org.lu
    - yahoo.org.lu
    - numerical with a @ 3584442354
--> verify link carefully. 
--> Don't click but enter the manually or use you bookmark
--> do not use the same password on every site


Bad certificate

 Use of the AK-proxy
 www.yahoo.com -> user/pass given by APE
 www.facebook.com -> user/pass given by APE
 1. bad certificate --> will user react to it
     --> Do not ignore bad certificate warning.
     --> explain certifacte
 2. redirect on http  --> even if real server redirects on https stay on http
     --> always enter https in the URL bar or in your bookmarks

Spyware

 --> explain