1 / 157

A disturbing comment on my blog…

A disturbing comment on my blog…. Who is sux@boston.com ?. IP: 128.100.171.22. sux@boston.com posted from this IP!. So what’s an IP? An address. Every computer connected to the Internet has one, or shares one. Four numbers - each 0-255, separated by periods: 128.100.171.22

bevis
Télécharger la présentation

A disturbing comment on my blog…

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A disturbing comment on my blog…

  2. Who is sux@boston.com?

  3. IP: 128.100.171.22 sux@boston.com posted from this IP!

  4. So what’s an IP? An address. Every computer connected to the Internet has one, or shares one. Four numbers - each 0-255, separated by periods: 128.100.171.22 Try typing “66.233.167.99” into a web browser. You get…

  5. 66.233.167.99 is the IP address of one of the thousands of computers that run Google’s website. Easier to remember “google.com”, huh?

  6. Every computer on the Internet has an IP address or shares one. Everything transmitted on the Internet - an email, a webpage, a picture, a sound file - is made up of one or more “packets” of data. These packets have a header, a payload and, sometimes, a footer. The header includes the IP address of the computer sending a packet, and the IP address of the computer receiving it.

  7. When you type 66.233.167.99 into your browser, you send a set of packets to a Google computer, asking it to send some packets back to your IP address. Your browser assembles those packets into the Google homepage.

  8. So what’s my IP address?

  9. 151.203.155.73. Or was that 192.168.0.103?

  10. Network Address Translation lets 254 computers share one IP address!

  11. Who is 128.100.171.22? No - whois 128.100.171.22!

  12. One of 65,536 IP addresses at U Toronto…

  13. “Dear Russ, which of your users thinks Boston sucks?”

  14. nslookup at kloth.net

  15. haxor.citizenlab.com!

  16. whois contacts the authority responsible for assigning IP addresses and asks who has been assigned the IP address you’re curious about. nslookup uses the domain name system - the system that associates the names of computers connected to the Internet to IP addresses - to tell you what domain names are associated with an IP address.

  17. Aha! Nart works for Citizen Lab!

  18. Allowing me to craft an appropriate response…

  19. Other possible outcomes: • - IP address was from a shared or publicly accessible computer. Result: no way to know who made the post without a record of users. • IP address was from an ISP via dialup, DSL or cable modem. Result: ISP may have records of which user had the IP, but won’t release except under subpoena. • - IP address was a proxy or anonymizer, designed to hide the poster’s identity. Result: Proxy operator may - or may not - have records of the real IP.

  20. IP address is a lousy identifier. What happens if Google says “Hello, Ethan - here’s your new gmail” when it sees a request from 151.203.155.73? Anyone in my house can read my mail. And when my ISP gives me a new IP, someone else is very confused to be greeted as Ethan. Unfortunately, IPs get treated like unique identifiers often… because we don’t have other options.

  21. I can’t get information from an ISP about who has a particular IP… But governments can. Security online is about protecting and obscuring your IP address. If you don’t protect your identity, prepare to have your computers seized…

  22. Deleting & Wiping files • When files are deleted the name is removed from the disk and the space is marked as available for new data • As long as no data is written to that space the original file can be recovered

  23. A little experiment • A file called secretfiles.doc was created in “My Documents” • It was “deleted” and sent to the Recycle bin • The Recycle bin was emptied

  24. Undelete

  25. Wiping • Wiping utilities overwrite data with garbage • The greater the number of overwrite passes it makes the more difficult it is to recover the data

  26. Dpeft boe djqifst: voefstuboejoh fodszqujpo

  27. Dpeft boe djqifst: voefstuboejoh fodszqujpo Codes and ciphers: understanding encryption

  28. Codes and ciphers: Add to each letter: 1 Dpeft boe djqifst: “Add to each letter” - algorithm “1” - secret key A very weak form of encryption…

  29. A better cipher + -+-+-+ -+-+-+ 1 234512 345123 B zhpydt zmkicu Realworld ciphers use complex, multipart algorithms and LONG keys. Algorithms are public - keys are secret.

  30. An encrypted file…

  31. Encrypted Storage • A lot of utilities, a nice one for Windows is BestCrypt (http://www.jetico.com/) • It creates an additional drive letter that you need to enter a password to access

  32. Encrypted Storage

  33. Encrypted Storage

  34. Encrypted Storage • Any files you place in the BestCrypt drive are encrypted • When you unmount the drive, the drive letter disappears

  35. Remote Backup • Store files on a remote server • Allows you to recover your files if something happens • You can remove sensitive files from you computer, and retrieve them at a later time

  36. Martus.org • Martus is a software tool that allows users to create “bulletins”, uploading them at the earliest opportunity, and storing them on redundant servers located around the world

  37. Martus.org • Records are encrypted, stored securely at a remote site, backed up to multiple locations and protected by a unique password. • After a bulletin has been designated as final by the user, it cannot be altered, ensuring that even an unauthorized user who may have obtained access cannot delete the group's records.

  38. Some bad passwords: “fluffy” - Pet’s name (guessable) “010473” - Dates (guessable) “solitaire” - common words (vulnerable) Dictionary attacks - take every word in a dictionary. Encrypt them. See if any one matches the password. If so, you’re in! Better password: fluffy010473 Even better: fluFFY0104&#

  39. VGY&BHU* Not very easy to remember…

  40. VGY&BHU* Very easy to remember… possibly too easy

More Related