social network security & backdooring email
DESCRIPTION
Social Network Security & Backdooring emailTRANSCRIPT
Social Networking Security &
Backdooring Email Presented by
Syarif
!Seminar & Workshop Nasional Security System
Malang, Juni 5 2011 Universitas Muhammadiyah Malang
Agenda
• Social Networking ?
• Social Networking : Attacks & Defense
• Backdooring Email
• There is No Privacy anymore :)
• How to protect your self
Social Networking ?
Facebook Statistics
Twitter Statistics
Facebook & twitter attack
Facebook & twitter attack
• Phishing
Facebook & twitter attack
• Session Hijacking
• Firesheep
facebook & twitter defense
• Be a paranoid & don’t trust anyone on the internet
• Never put some sensitive information carelessly
• Keep your eyes, Always check the correct url
• Never Subscribe unauthorized applications
• Always remember, wireless is not secure. Keep “safety” browsing :p
• Always using https
• etc
Email attack : Backdooring Email ;)
• Why ?
• Email is very important
• as a communication media
• Email is a privacy
• Everything using email
• User account : facebook, twitter, etc
• Passwords
• paypal account
• domain & hosting account
Email attack : Backdooring Email ;)
• Motivation ?
• Just for fun :)
• Jealous / Revenge
• Get important data
• Get Final Exam Task & Answer :p
• Spy
• Scamming
• Money reason : paypal, etc
• Domain & hosting take over
Email attack : Backdooring Email ;)
• Prelinimary ? • Social Engineering
• password obtained by hacking other websites ~ one password for all
Backdooring Email ? Yes you can ;)
• Using what ?
• Why ?
• most people using it
• easy to use
• could be used to impersonate :p
• high capacity mailbox
• 10 more accounts could be backdoored in one mailbox
• no need to log in the target mailbox
• could be used to backdoor all of mail accounts in some mail server :)
Demo
there is no privacy anymore
someone is watching you !
How to Protect Yourself ?
• Always Check Last Log in your email
• Never put some sensitive information carelessly
• Be a Paranoid, check the flag messages in your email
• Keep on your eyes to check mail in the inbox, sent, draft , and trash
• Always keep your correct mail setting
• Never use “one password for all” :p
• Changer your mail password regularly
• don’t use a “weak” security question
Q & A
• twitter : fl3xu5
• YM : fl3xu5
Thank you :)