Fromadia Network    | Rattlesnake | Offside | 4arthur | h4ckerx
-=Deaf=-
Back to the pavilion Discussion board About Us Want to post something?
REGISTER
nick:
pass:
 


 
Multimedia Law
# Computer Law    Jun 17 2005 - 08:48 EST    Posted By m4tt

printer friendly page   Comment on this article -- there are 0 comments already  (0)
This article was written for a law module whilst I attended university. I hope you enjoy reading this article and please remember this is not fact just one mans humble opinion.

Critically consider the extent to which the law in relation to IP rights adequately protects the interests of Multimedia and Audiovisual professionals.


continued...



printer friendly page   Comment on this article -- there are 0 comments already  (0)

To the best of our knowledge, the text on this page either may be freely reproduced and distributed or was written specifically for fromadia.com. The site layout, page layout, and all original artwork on this site are Copyright © 2002 Fromadia.com. If you wish to reproduce any of it or if you are author of a work that you feel shouldn't be printed here, please email us at copyright@fromadia.com.

 
Wireless Security Basics
# Networking    Mar 21 2004 - 19:12 EST    Posted By quixote

printer friendly page   Comment on this article -- there are 0 comments already  (0)
| Wireless Security Guide |

By Conor





| Introduction |



Wireless communications are just so rad. I just want hopefully to spark your interest. It’s not intended to be complete... more like an eye-opener.





| Understanding Basic Networking and Terminology |



You should already understand LAN topologies but I’ll go over it a bit. There are two types of networks- either infrastructure or ad hoc(Latin for ‘to that’, thanks mom).



An infrastructure is set to for all clients to send all of it’s communications to an access point(AP). The access point acts as an Ethernet bridge and forwards the communications to the appropriate network, either wired LAN or another wireless network(WN).

Infrastructures are usually only used for large networks or networks with many ‘sub-hubs’.





An ad hoc is set up with a router or gateway as to enable clients to connect directly to each other. No APs are used to connect the ad hoc network directly with wired network. Designed to allow only clients within range of each other to communicate.



If you own a wireless router/gateway or mobile client it is vital that you acquire some type of encryption method especially if you are in a work environment.





| Wireless Whatnot |





SSID

Service Set Identifier is meant to differentiate networks from one another. Depending on the manufacturer, the SSID can be set by default. For example Linksys’s AP have network name ‘linksys’, Cisco’s is ‘tsunami’ and mine was initially set to ‘54mbps’). I recommend that you change it, an attacker could find your network a lot easier.



It is pretty important that you try to conceal your SSID.



-by default AP’s broadcast their SSID every few seconds in what are known as ‘Beacon Frames’. Again this could allow an attacker to find your SSID easily.



Authentication Type

Before any communications can take place, a dialogue must be established between the client and AP. This process is known as associating. Authentication is required immediately after a device associates. There are two types of authentication: shared key authentication and open authentication.



-The simplest and default setting for this feature is open authentication. This allows anyone to begin a conversation with the AP and provides no security on who can talk to the AP.



-The shared key authentication is where client begins by sending an association request to the AP. The AP responds with a string of challenge text which the client must encrypt using the WEP key(see WEP below). If the text is encrypted correctly, the client is allowed to communicate with the AP and move to the next layer of security.



WEP

Wired Equivalent Privacy. Intended to give wireless users security equivalent to being on a wired network.

Popular types:

-Each packet transmitted from one radio to another is first encrypted by taking the packets data payload and secret 40 bit number and passing them through RC4 algorithm.



-The resulting encrypted packet is then transmitted across the air waves and the receiving station hears the packet it then uses the resulting in the host receiving useable data.



Above Standard types:

-The SSID is not transmitted in the ‘Beacon Frames’.

-128 bit WEP(also called WEP Plus). Extends WEP key from 40 bits to 104 bits for added security.

Broadcast key rotation- another method intended to help counter flaws in WEP. In this model, there are two WEP keys, one key meant to encrypt data between AP and client and the other meant to encrypt broadcasts such as: ARP and DHCP. It generates short-lived WEP keys. Admin sets a specific time(in seconds) for the AP to broadcast a new WEP key, encrypting it with the old one. Because these timeouts are usually set to ten minutes or so, there’s not enough time for attackers to intercept the amount of packets needed to crack the key (see below for methods).



MAC address filtering limits access to the AP only those MAC addresses of authorized clients.



| Methods and Solutions |



Fingerprinting a wireless network can be really fun as long as you know some methods to obtain information even if you don’t get anywhere. WarDriving is when one runs around trafficy areas with a NIC(network interface card) and packet sniffing software in order to attack a network.



You should definitely dl some packet sniffing software. (good=Airopeek)



SSID

This should be considered first level security. Knowing it narrows it down from senseless packets to actual proof of a network.

Methods to getting past this first level-

-scanning for networks with names of manufacturers default SSID.

-try guessing :D



WEP

Problems:

-the RC4 encryption has been proven insecure- combines bitted key with a 24 bit random numbers known as Initialization Vector to encrypt the data. The packet sent over the airwaves contains the IV followed by the encrypted data.

-the first attack uses a simple numerical limitation of the IV to figure out the WEP key. Because the IV is only 24 bits long, there are only so many permutations of the IV for the RC4 to pick from. (possible values= 16,777,216 (2^24)). With a great amount of packets, the RC4 begins to choose the same IVs over and over. The attacker can eventually acquire the 2 variables.



Solutions:

-the 128 bit WEP key.

-Broadcast key rotation. One key is meant to encrypt the individual stream of data between the AP and the wireless client and the other is meant to encrypt broadcast transmissions such as DHCP or ARP requests. The admin would set a certain time, in seconds, on the AP, and the AP broadcasts a new WEP key, encrypting it with the old.

-MAC Address filtering. This provides good security but difficult to maintain clients if the network is large.



| More Implementations |



VPN

Virtual Private Network. This type of network is to consider the wireless network equivalent to the internet and only users in an encrypted channel would be able to communicate.



There are few weaknesses with this setup, the process of getting correct access to a wireless network begins with the client booting up and receiving an IP, the client then can negotiate a tunnel over the wireless network to begin its communications. False users go through the same process and although they can not use communications outside of network, they can, however, communicate to other clients on a LAN. This would divide the connection speed which could be used as a DoS attack.



RADIUS server.

Remote Dial-In User Service. When a client requests access the AP, the AP then demands a set of credentials and forwards them to a RADIUS server. This method of authentication is defined as <b>EAP</b>.



EAP

Extensible Authentication Protocol.

An authentication method to allow developers to create their own methods of passing credentials.



Four commonly used EAP methods are:



EAP-MD5

-relies on an MD5 hash of a username and password to pass credentials to the RADIUS server. It offers no key management.



EAP-Cisco Wireless (LEAP)

-Standard developed by Cisco. LEAP accepts a username and password from the wireless client and transmits them to the RADIUS server for authentication. LEAP dynamics creates a key for and individual user.



EAP-TLS (by Microsoft)

-Instead of username/password combinations EAP-TLS uses certificates to handle authentication.

-Like LEAP, EAP-TLS offers one-time WEP key generation.



EAP-TTLS (by Funk Software)

-alternative to EAP-TLS. The AP identifies itself to the client with a server certificate but TTLS then passes the credentials to response mechanisms (CHAP, PAP/Token Card, or EAP).





| Conclusion |



Wireless is fun.



printer friendly page   Comment on this article -- there are 0 comments already  (0)

To the best of our knowledge, the text on this page either may be freely reproduced and distributed or was written specifically for fromadia.com. The site layout, page layout, and all original artwork on this site are Copyright © 2002 Fromadia.com. If you wish to reproduce any of it or if you are author of a work that you feel shouldn't be printed here, please email us at copyright@fromadia.com.

 
NTFS File Permissions in Windows XP
# Windows Security    Dec 17 2003 - 11:36 EST    Posted By T0m_Bombad1L

printer friendly page   Comment on this article -- there are 1 comments already  (1)
Circumventing NTFS in Windows XP
Part One in a Series Called: Learn From My Mistakes by Tom_Bombadil

Let’s say you have found yourself locked out of some NTFS folders in windows XP. Accessing them is actually quite simple and all of it can be done from within windows XP. All of this is of course assuming you have physical access to the computer. continued...



printer friendly page   Comment on this article -- there are 1 comments already  (1)

To the best of our knowledge, the text on this page either may be freely reproduced and distributed or was written specifically for fromadia.com. The site layout, page layout, and all original artwork on this site are Copyright © 2002 Fromadia.com. If you wish to reproduce any of it or if you are author of a work that you feel shouldn't be printed here, please email us at copyright@fromadia.com.

 
Designing Shellcode
# Linux/Unix    Dec 12 2003 - 14:08 EST    Posted By the_swede

printer friendly page   Comment on this article -- there are 0 comments already  (0)
Introduction
------------

Although tedious and abstract, shellcoding is an important skill
to learn in order to understand the underlying concepts of computer
systems. Shellcode is also important for the understanding of computer
security where shellcode is used to exploit vulnerable applications. In
this article, we will be working on Linux using the IA-32(x86)
architecture. Knowledge of C and IA-32 assembly, as well as knowledge
of how to use gdb is helpful.
continued...



printer friendly page   Comment on this article -- there are 0 comments already  (0)

To the best of our knowledge, the text on this page either may be freely reproduced and distributed or was written specifically for fromadia.com. The site layout, page layout, and all original artwork on this site are Copyright © 2002 Fromadia.com. If you wish to reproduce any of it or if you are author of a work that you feel shouldn't be printed here, please email us at copyright@fromadia.com.

the older posts:

even older posts...



 


Enter a keyword...
sponsored links

web hosting
Reseller Hosting

The content and design of this site is © 2002 by Fromadia.com and any of the people that help support our community.

Lightning Servers - Reseller Hosting Experts | Lightning Servers Cpanel Hosting | Hosting Knowledge Base | Reseller Works | Web Design | Miserable Failure