Difference between revisions of "PresentationAPE"
From LiluxWiki
Jump to navigationJump to search| Line 1: | Line 1: | ||
Introduction LiLux | Introduction LiLux | ||
| − | |||
Agenda | Agenda | ||
| − | |||
- Firesheep | - Firesheep | ||
- Phishing | - Phishing | ||
| Line 25: | Line 23: | ||
Access www.yahoo.com and log-in | Access www.yahoo.com and log-in | ||
| − | User to Install firesheep himself | + | User to Install firesheep himself -> install Yahoo |
| − | |||
--> always check that https is on front of the URL (address) | --> always check that https is on front of the URL (address) | ||
--> be careful about Open Wifi Access points | --> be careful about Open Wifi Access points | ||
| + | |||
| + | |||
| + | Phishing | ||
| + | Send e-mails : genuine and fake | ||
| + | - linkedin | ||
| + | - facebook.org.lu | ||
| + | - yahoo.org.lu | ||
| + | - numerical with a @ 3584442354 | ||
| + | --> verify link carefully. | ||
| + | --> Don't click but enter the manually or use you bookmark | ||
| + | --> do not use the same password on every site | ||
| + | |||
| + | |||
| + | Bad certificate | ||
| + | Use of the AK-proxy | ||
| + | www.yahoo.com -> user/pass given by APE | ||
| + | www.facebook.com -> user/pass given by APE | ||
| + | |||
| + | 1. bad certificate --> will user react to it | ||
| + | --> Do not ignore bad certificate warning. | ||
| + | --> explain certifacte | ||
| + | 2. redirect on http --> even if real server redirects on https stay on http | ||
| + | --> always enter https in the URL bar or in your bookmarks | ||
| + | |||
| + | Spyware | ||
| + | --> explain | ||
Latest revision as of 21:23, 14 June 2012
Introduction LiLux
Agenda
- Firesheep - Phishing - Bad certificate - Man in the middle
Explication sur le set-up:
- addresse e-mail - compte facebook - mots de passe (dans envelope distribué par APE)
Set-up réseau
Internet -- Hotspot-Lu -- Wifi-router (laptop) -- Wifi access point -- laptop users
+-- laptop present.
Firesheep
Acces via Hotspot.lu (verify if https)
Access www.yahoo.com and log-in User to Install firesheep himself -> install Yahoo --> always check that https is on front of the URL (address) --> be careful about Open Wifi Access points
Phishing
Send e-mails : genuine and fake
- linkedin
- facebook.org.lu
- yahoo.org.lu
- numerical with a @ 3584442354
--> verify link carefully.
--> Don't click but enter the manually or use you bookmark
--> do not use the same password on every site
Bad certificate
Use of the AK-proxy www.yahoo.com -> user/pass given by APE www.facebook.com -> user/pass given by APE
1. bad certificate --> will user react to it
--> Do not ignore bad certificate warning.
--> explain certifacte
2. redirect on http --> even if real server redirects on https stay on http
--> always enter https in the URL bar or in your bookmarks
Spyware
--> explain
