Upload File

social network security & backdooring email

20
Social Networking Security & Backdooring Email Presented by Syarif Seminar & Workshop Nasional Security System Malang, Juni 5 2011 Universitas Muhammadiyah Malang

Upload: syarif

Post on 18-Dec-2014

1.556 views

Category:

Education


0 download

Report

DESCRIPTION

Social Network Security & Backdooring email

TRANSCRIPT

Page 1: Social Network Security & Backdooring email

Social Networking Security &

Backdooring Email Presented by

Syarif

!Seminar & Workshop Nasional Security System

Malang, Juni 5 2011 Universitas Muhammadiyah Malang

Page 2: Social Network Security & Backdooring email

• http://www.google.com/search?q=fl3xu5

• http://fl3x.us

Whoami

http://fl3x.us
Page 3: Social Network Security & Backdooring email

Agenda

• Social Networking ?

• Social Networking : Attacks & Defense

• Backdooring Email

• There is No Privacy anymore :)

• How to protect your self

Page 4: Social Network Security & Backdooring email

Social Networking ?

Page 5: Social Network Security & Backdooring email

Facebook Statistics

Page 6: Social Network Security & Backdooring email

Twitter Statistics

Page 7: Social Network Security & Backdooring email

Facebook & twitter attack

Page 8: Social Network Security & Backdooring email

Facebook & twitter attack

• Phishing

Page 9: Social Network Security & Backdooring email

Facebook & twitter attack

• Session Hijacking

• Firesheep

Page 10: Social Network Security & Backdooring email

facebook & twitter defense

• Be a paranoid & don’t trust anyone on the internet

• Never put some sensitive information carelessly

• Keep your eyes, Always check the correct url

• Never Subscribe unauthorized applications

• Always remember, wireless is not secure. Keep “safety” browsing :p

• Always using https

• etc

Page 11: Social Network Security & Backdooring email

Email attack : Backdooring Email ;)

• Why ?

• Email is very important

• as a communication media

• Email is a privacy

• Everything using email

• User account : facebook, twitter, etc

• Passwords

• paypal account

• domain & hosting account

Page 12: Social Network Security & Backdooring email

Email attack : Backdooring Email ;)

• Motivation ?

• Just for fun :)

• Jealous / Revenge

• Get important data

• Get Final Exam Task & Answer :p

• Spy

• Scamming

• Money reason : paypal, etc

• Domain & hosting take over

Page 13: Social Network Security & Backdooring email

Email attack : Backdooring Email ;)

• Prelinimary ? • Social Engineering

• password obtained by hacking other websites ~ one password for all

Page 14: Social Network Security & Backdooring email

Backdooring Email ? Yes you can ;)

• Using what ?

• Why ?

• most people using it

• easy to use

• could be used to impersonate :p

• high capacity mailbox

• 10 more accounts could be backdoored in one mailbox

• no need to log in the target mailbox

• could be used to backdoor all of mail accounts in some mail server :)

Page 15: Social Network Security & Backdooring email

Demo

Page 16: Social Network Security & Backdooring email

there is no privacy anymore

Page 17: Social Network Security & Backdooring email

someone is watching you !

Page 18: Social Network Security & Backdooring email

How to Protect Yourself ?

• Always Check Last Log in your email

• Never put some sensitive information carelessly

• Be a Paranoid, check the flag messages in your email

• Keep on your eyes to check mail in the inbox, sent, draft , and trash

• Always keep your correct mail setting

• Never use “one password for all” :p

• Changer your mail password regularly

• don’t use a “weak” security question

Page 19: Social Network Security & Backdooring email

Q & A

• twitter : fl3xu5

• YM : fl3xu5

Page 20: Social Network Security & Backdooring email

Thank you :)


Email Security

Email Security Seriesstatic.highspeedbackbone.net/pdf/SonicWALL Email Security Applian… · Security works Dell SonicWALL Email Security attacks spam with over a dozen different

1. Barracuda Email Security Service - Overview · Barracuda Email Security Service - Overview Searching Barracuda Email Security Service The Barracuda Email Security Service is a

Cisco Email and Web Security Ordering Guide...Cisco Email Security Cisco Email Security offerings provide protection against email threats, minimize downtime associated with email-borne

IronPort Email Security Appliances Security Target · PDF fileIronPort Email Security Appliances Security Target ... the C160, C370, X1060, and ... ST Title – IronPort Email Security

Backdooring hardware devices by injecting malicious ... · Backdooring hardware devices by injecting malicious payloads on microcontrollers_ By Sheila A. Berta (@UnaPibaGeek)

HomePlugAV PLC: practical attacks and backdooring · PDF file · 2018-01-05HomePlugAV PLC: practical attacks and backdooring HomePlugAV PLC: ... Domestic Powerline Communication

In Through The Out Door: Backdooring& Remotely Controlling

Barracuda Networks Email Security Technology...Barracuda Networks Email Security Technology The Barracuda Email Security Gateway is a comprehensive email security solution that manages

Cisco Cloud/Hybrid Email Security 개요 · 1-3 Cisco Cloud/Hybrid Email Security 개요 1장 Cisco Email Security Service 이해 Cisco Cloud Email Security Service 개요 Message

Hardware backdooring is practical

Hardware Backdooring is Practical -

DefCon 2012 - Hardware Backdooring (White Paper)

Email security

1. Barracuda Email Security Service - Overvie · 2014. 10. 31. · Barracuda Email Security Service - Overview Searching Barracuda Email Security Service The Barracuda Email Security

SonicWall Email Security 9 · Preliminary Draft 1 SonicWall Email Security 9.2 MSP Deployment Guide Email Security as a Service 1 4 Email Security as a Service Managed Service Providers

Hardware backdooring is practical : slides

SHA-1 backdooring & exploitation

[Defcon] Hardware backdooring is practical

Websense Email Security Transition Guide · 1 Websense Email Security Transition Guide 1 Introduction Websense® Email Security Gateway Anywhere is the next generation of email security

1. Barracuda Email Security Service - OvervieBarracuda Email Security Service - Overview en The Barracuda Email Security Service is a comprehensive and affordable cloud-based email

Forcepoint Email Security Cloud€¦ · Forcepoint Email Security Cloud 1 Advanced Email Encryption End-User Guide Forcepoint Email Security Cloud offers support for advanced email

Backdooring the Lottery - DEF CON CON 25/DEF CON 25... · Backdooring the Lottery and Other Security Tales ... resides in Las Vegas. ... SeNet Logic Bomb (Cont.)

Backdooring a car

DefCon 2012 - Hardware Backdooring (Slides)

backdooring workshop

Art of Backdooring: Technique and Practice

Forged Email: Detect Spoofing with Cisco Email Securitycisco.com/c/en/us/products/collateral/security/email-security... · Forged Email: Detect Spoofing with Cisco Email Security

Hardware Backdooring is practical - Black Hat | Home

Backdooring MS Office documents with secret master keys

[Hackito2012] Hardware backdooring is practical

CORE SECURITY - hack.lu 2018• Backdooring the web server • Gathering information from the camera • Basic Network discovery • Pivoting • Video stream hijacking • Conclusion

Hiding for Persistance - Backdooring Linux Systems

Cisco Email Security Appliance Security Target · Cisco Email Security Appliance Security Target 2 Table of Contents 1 SECURITY TARGET INTRODUCTION

Network Security: Email Security, PKI