Transcript Power Point - ECE Users Pages - Georgia Institute of Technology

Anonymous Digital Communications
Final Lab Presentation
ECE 4112
Internetwork Security
Group 3
Alvin Schurman and Kelly Lehman
Georgia Institute of Technology
http://www.afrl.af.mil/images/pictures/abl-sor.jpg
1
Presentation Topics









Topic Description and Controversy
Project Scope and Proposed Lab Inclusion
Laboratory Set-up
Web Client Information
IP Address Spoofing (Obfuscation)
Web Bugs
Tor Networks
Conclusions
Questions
2
Project Scope and Lab Inclusion
 Too big for Lab addition
 Related topics in current laboratory experiments
 Lab 3, Address Spoofing, Denial of Service, Email Spoofing
 Propose to retool Lab 3 and include this material
3
Laboratory Set-up
 Simplify Lab Set-up
 VMware Appliances
 Ready-made apps
 Pre-configured devices
4
Web Client Information
 Easiest First
 Shows client information
 Uses Firefox extensions
 Spoofs client information
 IP/port address not spoofed
 Not included in Lab
 Firefox extension detection with chrome element in javascript
5
IP Address Spoofing (Obfuscation)





Client data with PhProxy
Proxy + Ethereal = hackerpot
Snooping HTTPS Proxy
Examining server logs
Research HTTPS sniffers
 Proxypot
 Sebek
 Open Proxy Honeypot
 It’s just HTTP/HTTPS right?
 Wrong … desproxy
6
Web Bugs
 Traditional image in html
 CSS element web bug in html
 Both elements hidden in .doc
7
Tor Networks
 The Onion Router (TOR)
 Layered approach
 Provides anonymity for Internet traffic




Web browsing
IM
IRC
SSH
 Downsides to Tor Networks
 Exiting the network
 Traffic Analysis
8
Tor Networks
9
Tor Networks
10
Tor Networks
11
Local Windows Account Hijacking
QUESTIONS?
References/Sources/Tools
 Vmware Workstation 6.0 Beta
 WYSIWYG Web Builder 4.1
 Grandma’s Lamp v1.0.0
 PhProxy 0.5 Beta
 Microsoft Windows XP Professional
 Microsoft Office 2007 Trial
 Web Bug Howto from http://ha.ckers.org/webbug.html
 EFF from http://tor.eff.org
12