PresentationAPE

From LiluxWiki
Revision as of 21:23, 14 June 2012 by ThierryCoutelier (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Introduction LiLux

Agenda 

 - Firesheep
 - Phishing
 - Bad certificate
 - Man in the middle

Explication sur le set-up: 

 - addresse e-mail
 - compte facebook
 - mots de passe (dans envelope distribué par APE)

Set-up réseau 

  Internet -- Hotspot-Lu -- Wifi-router (laptop) -- Wifi access point --   laptop users
                                                                       +-- laptop present.


Firesheep 

 Acces via Hotspot.lu (verify if https)

   Access www.yahoo.com and log-in
   User to Install firesheep himself -> install Yahoo
--> always check that https is on front of the URL (address) 
--> be careful about Open Wifi Access points


Phishing 

  Send e-mails : genuine and fake
    - linkedin
    - facebook.org.lu
    - yahoo.org.lu
    - numerical with a @ 3584442354
--> verify link carefully. 
--> Don't click but enter the manually or use you bookmark
--> do not use the same password on every site


Bad certificate 

 Use of the AK-proxy
 www.yahoo.com -> user/pass given by APE
 www.facebook.com -> user/pass given by APE

 1. bad certificate --> will user react to it
     --> Do not ignore bad certificate warning.
     --> explain certifacte
 2. redirect on http  --> even if real server redirects on https stay on http
     --> always enter https in the URL bar or in your bookmarks

Spyware 

 --> explain
Retrieved from "https://www.lilux.lu//mediawiki/?title=PresentationAPE&oldid=971"