PresentationAPE

From LiluxWiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Introduction LiLux

Agenda

 - Firesheep
 - Phishing
 - Bad certificate
 - Man in the middle

Explication sur le set-up:

 - addresse e-mail
 - compte facebook
 - mots de passe (dans envelope distribué par APE)

Set-up réseau

  Internet -- Hotspot-Lu -- Wifi-router (laptop) -- Wifi access point --   laptop users
                                                                       +-- laptop present. 


Firesheep

 Acces via Hotspot.lu (verify if https)
   Access www.yahoo.com and log-in
   User to Install firesheep himself -> install Yahoo
--> always check that https is on front of the URL (address) 
--> be careful about Open Wifi Access points


Phishing

  Send e-mails : genuine and fake
    - linkedin
    - facebook.org.lu
    - yahoo.org.lu
    - numerical with a @ 3584442354
--> verify link carefully. 
--> Don't click but enter the manually or use you bookmark
--> do not use the same password on every site


Bad certificate

 Use of the AK-proxy
 www.yahoo.com -> user/pass given by APE
 www.facebook.com -> user/pass given by APE
 1. bad certificate --> will user react to it
     --> Do not ignore bad certificate warning.
     --> explain certifacte
 2. redirect on http  --> even if real server redirects on https stay on http
     --> always enter https in the URL bar or in your bookmarks

Spyware

 --> explain