Information security awareness

From Computing and Software Wiki

(Difference between revisions)
Jump to: navigation, search
Line 35: Line 35:
Although Rainbow Table cracking can be prevented by using salt, a lot of applications and web services do not use salt. A good example is Microsoft Windows, it stores unsalted passwords hashes in the machine; thus it is vulnerable to this kind of attack. Many web applications also store unsalted hashes in the cookies to maintain sessions; since cookies can usually be sniffed easily, they are also vulnerable to Rainbow Tables.
Although Rainbow Table cracking can be prevented by using salt, a lot of applications and web services do not use salt. A good example is Microsoft Windows, it stores unsalted passwords hashes in the machine; thus it is vulnerable to this kind of attack. Many web applications also store unsalted hashes in the cookies to maintain sessions; since cookies can usually be sniffed easily, they are also vulnerable to Rainbow Tables.
-
==Prevention==
+
==Discussion==
-
Although this article is meant to provide examples of attacks, it is necessary to mention two technologies that are used to prevent these attacks.
+
As showed above, there exists many
-
===Virtual Private Network===
+
==External links==
-
 
+
*[http://insecure.org/ Insecure.org, a good source and review of security tools]
-
===Secure Socket Layer===
+
*[http://en.wikipedia.org/wiki/Wireless_security Wireless security on Wikipedia]
 +
*[http://www.aircrack-ng.org/ Aircrack-ng]
 +
*[http://www.wireshark.org/ Wireshark]
 +
*[http://ophcrack.sourceforge.net/ Project Ophcrack, famous tools using Rainbow tables]

Revision as of 09:57, 3 December 2007

Information security awareness is the awareness of potential security risks. Being information security aware means people understand that it is possible (sometimes easy) for someone to break the confidentiality, integrity or availability of information stored or transferred electronically. Since being aware is always the first step of protection, raising people's awareness of potential risks is a good practice to improve information security. Conversely, not knowing or ignoring potential risks is usually bad for information security.

Although people have become more aware of some security concerns such as malware and phishing nowadays, a lot of people do not realize that good security software does not guarantee security. There exists methods, such as sniffing, that compromise information security without involving the user machine at all. Thus these kinds of attacks cannot be prevented by any software on the user computer, no matter how good the software is at dealing with active attacks. This makes it more important for people to be aware of these kinds of security risks.

A good way to make people aware of information security is simply to show them how attacks can be done and how easily they can be done. This article provides several attack techniques as examples and some discussion.

Contents

Examples of attacks

Unlike malware or phishing, some attacks do not require any involvement from the target machine. More importantly, some of these attacks require no specific knowledge about networking or operating system. With the help of some tools, an average hacker can break others' information security even when their machines are well protected by security softwares.

(This section is open for discussing, since there are always new effective attack methods.)

Wireless cracking

Wireless networks are becoming very popular since they provide easy access to the internet. However, wireless networks are vulnerable to a lot attacks that are not possible on wired networks.

Wireless networks are generally very vulnerable to cracking. A lot of wireless networks used in families are poorly configured, which means they either have no passwords at all, or have very weak passwords. This makes it very easy for attackers to get access to the network by simply guessing the passwords.

However, when the network is configured so that it has a good password, there is still a good chance that it can be cracked easily. It is due to the fact that most wireless networks use WEP (Wired Equivalent Privacy) as authentication methods, and WEP has some serious weakness. According to "Weaknesses in the Key Scheduling Algorithm of RC4" by Fluhrer, Mantin and Shamir, RC4, the encryption method that WEP uses, can be broken when enough sample traffic is collected; and both gathering sample traffic and cracking encryption can be automated. When the whole cracking process is automated by computer programs, it takes less than 10 minutes to crack a WEP protected network.

A tools set called Aircrack-ng is worth to be mentioned here, as it is currently the most popular tool to crack wireless networks. It provides a whole set of programs to crack wireless networks, including adapter configuration, fake authentication, de-authentication, passwords cracking, etc., and the only thing it requires is a good wireless card.

Wireless sniffing

Due to the fact that wireless networks are vulnerable to cracking and the traffic on a wireless network is not constrained in wires, sniffing wireless networks is quite easy. Once an attacker gets access to a wireless network, he can sniff any useful information in the traffic as long as the information is not encrypted.

There are a lot of tools, such as Wireshark and Kismet, can be used to sniff the network. They are not very easy to use, but they also do not require any particularly deep knowledge to use. Most of these tools offer good GUI for the users, and the presentation of sniffed data is usually very clear and organized.

One thing should be noted here is that although a lot of websites use encryption when they are expecting passwords from users, many of them do not use encryption after the authentication since usually the only critical information being transferred is passwords. However, this brings a serious problem. Since during the session after authentication, the website stores the session information in cookies, which are not encrypted. These session data can be sniffed and replayed by an attacker to gain access to the website. For example, if a Hotmail user has checked the "remember my password" option, and if an attacker sniffs the session id contained in the user's cookies, the attacker then can access to the user's Hotmail account without even knowing the actual password at any time. (As a side notice, GMail is not vulnerable to this kind of attack.)

This particular type of sniffing is called side-jacking. It is very easy to be performed and it can be done in a lot of situations. Ferret is a tool developed by Errata Security, which automate the whole side-jacking process. A typical hacker can sit in a Hotspot enabled cafeteria, open his laptop and click on Ferret; then after 1 hour or so, he will get all the email accounts that have been accessed in that wireless network.

Passwords cracking

Brutal force cracking used to be very limited, because it requires a huge amount of time to crack a password that is not too short. However, as personal computers have become very powerful and most recent computers carry a good amount of memory, a new brutal force method called Rainbow Table becomes popular recently. A normal password that is shorter than 9 characters can be cracked by Rainbow Table within minutes.

A Rainbow Table is simply a lookup table which stores all possible keys and corresponding hashes. It was very hard to create a large rainbow table in the past since it requires huge amount of disk space to store the database and a lot of RAM to store the indexes to run efficiently. However, personal computers have become powerful enough to create and run a useful rainbow table. A typical rainbow table is about 10 gigabytes large, and can crack any passwords that contains less than 9 characters with no special characters, or less than 8 characters with special characters. The cracking process usually takes less than 10 minutes.

Although Rainbow Table cracking can be prevented by using salt, a lot of applications and web services do not use salt. A good example is Microsoft Windows, it stores unsalted passwords hashes in the machine; thus it is vulnerable to this kind of attack. Many web applications also store unsalted hashes in the cookies to maintain sessions; since cookies can usually be sniffed easily, they are also vulnerable to Rainbow Tables.

Discussion

As showed above, there exists many

External links

Personal tools