How to protect against Firesheep attacks

How to protect against Firesheep attacks

Experts suggest defensive measures to ward off Firefox add-on's hijacking of Facebook, Twitter sessions via Wi-Fi

Computerworld - Security experts today suggested ways users can protect themselves against Firesheep, the new Firefox browser add-on that lets amateurs hijack users' access to Facebook, Twitter and other popular services.

Firesheep adds a sidebar to Mozilla's Firefox browser that shows when anyone on an open network -- such as a coffee shop's Wi-Fi network -- visits an insecure site.

A simple double-click gives a hacker instant access to logged-on sites ranging from Twitter and Facebook to bit.ly and Flickr.

Since researcher Eric Butler released Firesheep on Sunday, the add-on has been downloaded nearly 220,000 times.

"I was in a Peet's Coffee today, and someone was using Firesheep," said Andrew Storms, director of security operations at San Francisco-based nCircle Security. "There were only 10 people in there, and one was using it!"

But users aren't defenseless, Storms and several other experts maintained.

One way they can protect themselves against rogue Firesheep users, experts said on Tuesday, is to avoid public Wi-Fi networks that aren't encrypted and available only with a password.

However, Ian Gallagher, a senior security engineer with Security Innovation, argued that tosses out the baby with the bathwater. Gallagher is one of the two researchers who debuted Firesheep last weekend at a San Diego conference.

"While open Wi-Fi is the prime proving ground for Firesheep, it's not the problem," Gallagher said in a blog post earlier on Tuesday. "This isn't a vulnerability in Wi-Fi, it's the lack of security from the sites you're using."

Free, open Wi-Fi is not only taken for granted by many, but it's not the problem. There are plenty of low-risk activities one can do on the Internet at a public hotspot, including reading news or looking up the address of a nearby eatery.

So if Wi-Fi stays, what's a user to do?

The best defense, said Chet Wisniewski, a senior security adviser at antivirus vendor Sophos, is to use a VPN (virtual private network) when connecting to public Wi-Fi networks at an airport or coffee shop, for example.

While many business workers use a VPN to connect to their office network while they're on the road, consumers typically lack that secure "tunnel" to the Internet.

"But there are some VPN services that you can subscribe to for $5 to $10 month that will prevent someone running Firesheep from 'sidejacking' your sessions," Wisniewski said.

A VPN encrypts all traffic between a computer -- a laptop at the airport gate, for instance -- and the Internet in general, including the sites vulnerable to Firesheep hijacking. "It's as good a solution as there is," Wisniewski said, "and no different, really, than using encrypted Wi-Fi."

One provider, Strong VPN, prices its service starting at $7 per month or $55 per year.

Gallagher, however, warned that a VPN isn't a total solution. "That's just pushing the problem to that VPN or SSH endpoint," he said. "Your traffic will then leave that server just as it would when it was leaving your laptop, so anyone running Firesheep or other tools could access your data in the same way."

"A blind suggestion of 'use a VPN' doesn't really solve the problem and may just provide a false sense of security," he said.

Strong VPN disagreed. "Our servers are in a secure datacenter, so no one's going to be able to 'sniff' the traffic coming in or going out," a company spokesman countered. "All the traffic from, for example, your laptop in San Francisco, is encrypted when it goes to one of our U.S. servers."

Storms echoed Strong VPN's assertion. "I can see [Gallagher's point], that a VPN doesn't solve the root problem, which is on the service end," he said. "But although it's true that the traffic would be clear text when it leaves the VPN server for the site, it's very unlikely that someone would snoop that traffic."

Sean Sullivan, a security advisor with F-Secure, recommended Comodo'sTrustConnect as "a VPN in all but name only." Comodo, a rival of F-Secure, sells the service for $7 per month or $50 annually.

If free is the object, there are options there, too, said Wisniewski, Sullivan and Gallagher, who pointed to a pair of free Firefox add-ons that force the browser to use an encrypted connection when it accesses certain sites.

One of those Firefox add-ons, HTTPS-Everywhere, provided by the Electronic Frontier Foundation (EFF), only works with a defined list of sites, including Twitter, Facebook, PayPal and Google's search engine.

The other choice, Force-TLS, serves the same purpose as the EFF's extension, but lets users specify which sites on which to enforce encryption.

However, other browsers, such as Microsoft's Internet Explorer and Google's Chrome, lack similar add-ons, leaving their users out in the cold.

"I expect that [Firesheep] will spur the EFF or others, maybe in the open source community, to some additional development [of such add-ons], maybe Chrome ports of those extensions," Sullivan said.

That could take months. In the meantime, Sullivan had another idea. "A MiFi device can encrypt [traffic], so with one you're always carrying your own Wi-Fi hotspot with you," he said.

MiFi isn't cheap, however. Verizon, for example, gives away the hardware but charges between $40 and $60 per month for the access to its 3G network.

Ultimately, moves users make to plug the holes Firesheep exposes are stop-gaps. The elephant in the room, said Butler and Gallagher as they defended the release of the add-on, is the lack of full encryption. And only the sites and services can fix that.

"The real story here is not the success of Firesheep but the fact that something like it is even possible," Butler wrote in his blog on Tuesday. "Going forward, the metric of Firesheep's success will quickly change from amount of attention it gains, to the number of sites that adopt proper security. True success will be when Firesheep no longer works at all."

But for the moment, even security professionals are worried. "I'm at the airport right now," Wisniewski told Computerworld. "And I'm wondering if someone is using Firesheep here. Maybe I should do a little 'shoulder browsing' to see if anyone has it running."

Firesheep

Hello!!  Long time since I last updated my blog~~~~~

so i decided to add something sifferent this time~ 

Well, take this guys! :DD

We all know about cyber crime and how such acts can affect our lives, so the first thing to do before we can counter such attacks is to understand them. The article below is a brief description about "Firesheep", so lets read~~~~ :)

Firesheep is an extension developed by Eric Butler for the Firefox web browser. The extension uses a packet sniffer to intercept unencrypted cookies from certain websites (such as Facebook and Twitter) as the cookies are transmitted over networks, exploiting session hijacking vulnerabilities. It shows the discovered identities on a sidebar displayed in the browser, and allows the user to instantly take on the log-in credentials of the user by double-clicking on the victim's name.

The extension was created as a demonstration of the security risk to users of web sites that only encrypt the login process and not the cookie(s)created during the login process. It has been warned that the use of the extension to capture login details without permission would violate wiretapping laws and/or computer security laws in some countries. Despite the security threat surrounding Firesheep, representatives for Mozilla Add-ons have stated that it would not use the browser's internal add-on blacklist to disable use of Firesheep, as the blacklist has only been used to disable spyware or add-ons which inadvertently create security vulnerabilities, as opposed to attack tools (which may legitimately be used to test the security of one's own systems).

Later a similar tool called Faceniff was released for Android mobile phones.

As for us in UTM, many uses Wi-Fi for online purposes. But how safe are we against such attacks?

Wireless network security

Local Wi-Fi networks may be configured with varying levels of security enabled. Using a Wired Equivalent Privacy (WEP) password, the attacker running Firesheep must have the password, but once this has been achieved (a likely scenario if a coffee shop is asking all users for the same basic password) they are able to decrypt the cookies and continue their attack. However, using Wi-Fi Protected Access (WPA) encryption offers individual user isolation, preventing the attacker from decrypting any cookies sent over the network even if they have logged into the network using the same password. An attacker would be able to manually retrieve and decrypt another user's data on a WPA-PSK connection, if the key is known.

Well, that's all for now! Hope this post gave you guys some info. 

See you again very soon! xDD

Cabling

Cable is the medium through which information usually moves
from one network device to another. Several types of cable are
commonly used with LANs.In some cases,a network will utilize only one type of cable, other networks will use a variety of cable types.There are four types of cables namely :

1.      Unshielded Twiested Pair (UTP) 
2.      Shielded Twisted Pair (STP) 
3.      Coaxial Cable
4.      Fiber Optic Cable
5.      Wireless LANs

      Unshielded Twiested Pair  (UTP)

•   four pairs of wires inside the jacket
•    each pair is twisted with different twist per   inch to help eliminate  interference from adjacent pairs and other electrical devices.

 Shielded Twisted Pair (STP) 

•  consists of two individual wires wrapped in a foil shielding to help provide a more reliable data communication. 
• suitable for environments with electrical interference but the extra shielding can make the cables quite bulky. 
• often used on networks using Token Ring topology.

Coaxial Cable

• Coaxial cabling has a single copper conductor at its center. 
• A plastic layer provides insulation between the center conductor and a braided metal shield. 
• The metal shield helps to block any outside interference from fluorescent lights, motors, and    other computers.
• The most common type of connector   used with coaxial cables is the Bayone-Neill-Concelman (BNC) connector. 

• Fiber Optic Cable  consists of a center glass core surrounded by several layers of protective materials and transmits light rather than electronic signals eliminating the problem of electrical interference. 
• Fiber Optic Cable is ideal for certain environments that contain a large amount of electrical interference. 
• It is able to transmit signals over much longer distances than coaxial and twisted pair.

Summary of Ethernet cabling 

10BaseT : Unshielded Twisted Pair : 100 meters

10Base2 : Thin Coaxial : 185 meters

10Base5 : Thick Coaxial : 500 meters

10BaseF : Fiber Optic : 2000 meters'

Linear Bus Topology

		Illustrate the characteristics of the linear bus topology.  Now that you know how topologies can affect networks, it's time to learn more about the different types of typologies. The term "linear" refers to a line, and the linear bus is a network configuration in which each computer is connected to the next in a (more or less) straight line. A small bus network is shown in the graphic below. One important characteristic of the linear bus is that it has a beginning and an end. When computers are cabled in a line, the signal travels down the cable. When it reaches the end, it can "bounce" back (this is called signal bounce), interfering with network communications. To prevent this, a bus network must be terminated; that is, small devices called terminators are placed at both ends of the bus.
In addition to termination at both ends, the bus should be grounded at one end only.
		When choosing a network topology, it is important to keep in mind the organizational needs and the following criteria: size, cost, transmission speed, tendency to attenuation,  fault tolerance, and servicing.The table below lists some of the advantages and disadvantages of the linear bus.
Advantages of linear bus   Disadvantages of linear bus Simple set-up Least expensive layout Uses inexpensive thin coax cable Uses smallest amount of cable Doesn't require a hub Appropriate for small networks For instance, a temporary training room that is set up and torn down quickly Slow Vulnerable to attenuation, or the loss of signal strength over distance Inappropriate for large networks Less fault tolerant
How computers communicate on a linear bus		A linear bus is called a passive topology. This means that as the signal travels down the network, it is simply passed from one computer to another without any regeneration or amplification, as occurs in an active topology.The animation below shows how data travels on a linear bus topology.
Equipment requirements		Equipment requirements for a linear bus network are minimal. Each computer must have:A network interface card (NIC) with a BNC T connector attached. One length of cable to reach between each two computers. The network must have: A terminator for each end of the network. If the linear bus is long, you may need repeaters to boost the signal. With thin coax, you need a repeater every 180 meters; with thick coax, every 500 meters.
One meter equals approximately 3.28 feet.

Week 2: Network Topology

Network topology is the layout pattern of interconnections of the various elements (links, nodes, etc.) of a computer or biological network. Network topologies may be physical or logical.Physical topology refers to the physical design of a network including the devices, location and cable installation. Logical topology refers to how data is actually transferred in a network as opposed to its physical design. In general physical topology relates to a core network whereas logical topology relates to basic network.

Topology can be understood as the shape or structure of a network. This shape does not necessarily correspond to the actual physical design of the devices on the computer network. The computers on a home network can be arranged in a circle but it does not necessarily mean that it represents a ring topology.

There are two basic categories of network topologies: 

1. Physical topologies 2. Logical topologies

The shape of the cabling layout used to link devices is called the physical topology of the network. This refers to the layout of cabling, the locations of nodes, and the interconnections between the nodes and the cabling. The physical topology of a network is determined by the capabilities of the network access devices and media, the level of control or fault tolerance desired, and the cost associated with cabling or telecommunications circuits.

The logical topology, in contrast, is the way that the signals act on the network media, or the way that the data passes through the network from one device to the next without regard to the physical interconnection of the devices. A network's logical topology is not necessarily the same as its physical topology.

Examples of network topologies:

• Bus
• Star
• Ring or circular
• Mesh
• Tree

Introduction to Telecommunication

Hello, this is an official post about telecommunication. In the future,this blog is going to discuss in detail the topics and subjects we learnt in class.
So, in short telecommunication is the transmission of information over significant distances to communicate. In earlier times, telecommunications involved the use of visual signals, such as beacons, smoke signals, semaphore telegraphs, signal flags, and optical heliographs, or audio messages via coded drumbeats, lung-blown horns, or sent by loud whistles, for example. In the modern age of electricity and electronics, telecommunications now also includes the use of electrical devices such as the telegraph, telephone, and teleprinter, as well as the use of radio and microwave communications, as well as fiber optics and their associated electronics, plus the use of the orbiting satellites and the Internet. That's all for this time! See you soon!