HomeHome  CalendarCalendar  FAQFAQ  SearchSearch  RegisterRegister  MemberlistMemberlist  UsergroupsUsergroups  Log in  
Share | 
 

 An IT question

View previous topic View next topic Go down 
AuthorMessage
Bub

avatar

Registration date : 2007-12-15

PostSubject: An IT question   Tue Dec 07, 2010 3:19 pm

I recently read an internet security tip that said:
Quote :
If a vendor does not use encryption, an attacker may be able to intercept your information as it
is being transmitted.

If an email or internet communication is sent from A to B how can it be intercepted by a hacker?

I can understand telephones being tapped and wireless communications being intercepted but I don't understand how a hacker could read my email as it travels over the wires of cyberspace.

Any help?
Back to top Go down
View user profile
jhuggett
BoB's Pioneer & Founding Father
avatar

Age : 45
Location : Olympia, WA
Registration date : 2007-12-09

PostSubject: Re: An IT question   Tue Dec 07, 2010 3:28 pm

It's quite a complex question really. A common method is called a "man in the middle" attack but that usually requires that you be on the same network segment or have an infected machine on the network of the person you are attacking. Modern local networks use switching technology that directs traffic only to its intended host but this isn't for security reasons, its for optimum performance on the network. Therefore it's trivial to either trick the switch or flood it so that it sends you the traffic you want.

There are also attacks that occur out on the internet where hackers can compromise DNS and therefore direct traffic as they see fit. Compromised routers may be another way of obtaining the traffic.

There is also the possibility of the servers themselves being compromised.

As with most IT security stuff there are many ways to skin a cat, with new methods being developed daily. Finger in the dike work to say the least. Laughing

_________________
Jason

"Freedom, Security, Convenience: Choose Two"
"For me, I will take freedom over security and I will take security over convenience." ~ Dan Geer
Back to top Go down
View user profile http://www.brothersofbriar.com
Vercer



Age : 42
Location : Kernersville, NC
Registration date : 2010-09-26

PostSubject: Re: An IT question   Tue Dec 07, 2010 3:31 pm

A couple ways right off. One is they could have a keylogger or other piece of malware on your machine. Two, they could have compromised the mail server itself. Three, the receivers machine could be compromised.

That's a start. Then realize that any piece of information you send/receive over cyberspace travels through several "hops" through servers and routers on it's way to its destination.

For instance if you're on Windows open your start menu and go to Run. In the box type cmd, this will pop up a DOS screen.

In the DOS screen type in tracert www.microsoft.com (or any other website for that matter).

This will show you the number and places of the "hops" your information packet just took. Can be fun to see at times, realize that each and every one of those hops could potentially become compromised at some point.

Of course there are many other ways as well, but these are some that I've seen in the past.
Back to top Go down
View user profile
jhuggett
BoB's Pioneer & Founding Father
avatar

Age : 45
Location : Olympia, WA
Registration date : 2007-12-09

PostSubject: Re: An IT question   Tue Dec 07, 2010 3:35 pm

Laughing

Put together what Vercer and I said that that sums it up pretty good.

_________________
Jason

"Freedom, Security, Convenience: Choose Two"
"For me, I will take freedom over security and I will take security over convenience." ~ Dan Geer
Back to top Go down
View user profile http://www.brothersofbriar.com
puros_bran
Nightrider
avatar

Location : Brandenburg, Ky
Registration date : 2007-12-10

PostSubject: Re: An IT question   Tue Dec 07, 2010 3:35 pm

I thought it was a Cousin IT question.. drats
Back to top Go down
View user profile
lowflyingpenguin

avatar

Age : 63
Location : The Wilds of Canada (from Iroquois for 'the village')
Registration date : 2009-04-10

PostSubject: Re: An IT question   Tue Dec 07, 2010 9:46 pm

It's even simpler than a key logger. Wireless networks can be sniffed using various tools and transmissions from the client machine to the wireless router made in the clear can be easily captured (war-driving). Capturing network traffic on a wired only network is more difficult as you need to be sitting on the same sub domain (ip group eg. 192.168.2.1 through 192.168.2.255) or at the exit point to the internet (captured at the point it leaves the local network and hits the Internet before the packet switching begins). This requires access to the wires themselves.

What they are talking about when they talk about the vendor using encryption is at the application layer (layer 7) of the OSI stack. Typically this is accomplished using SSL and means that the data that moves down the stack to the physical hardware layer (layer 1) is encrypted. The encryption takes place at the application layer in the browser through session keys established by the remote machine and the local machine when the SSL protocol is established.
Back to top Go down
View user profile
jhuggett
BoB's Pioneer & Founding Father
avatar

Age : 45
Location : Olympia, WA
Registration date : 2007-12-09

PostSubject: Re: An IT question   Wed Dec 08, 2010 2:37 pm

SSL is usually considered layer 6 isn't it?

_________________
Jason

"Freedom, Security, Convenience: Choose Two"
"For me, I will take freedom over security and I will take security over convenience." ~ Dan Geer
Back to top Go down
View user profile http://www.brothersofbriar.com
ZeroContent

avatar

Age : 34
Location : Swanzey, NH
Registration date : 2010-10-23

PostSubject: Re: An IT question   Wed Dec 08, 2010 3:28 pm

In short, anything is possible. The risk, though, with any major dealer is probably about the same as getting rob while walking from your car to a store.
Back to top Go down
View user profile http://www.teantobacco.com
jhuggett
BoB's Pioneer & Founding Father
avatar

Age : 45
Location : Olympia, WA
Registration date : 2007-12-09

PostSubject: Re: An IT question   Wed Dec 08, 2010 5:00 pm

I think one of the biggest problem of associating risk in IT security is how most underestimate it. Most think of these things as a targeted attack. True it's not very likely that someone would target just you to try to get your information. The more likely is they would gather large amounts of random traffic and data mine it for stuff that is useful.

How many times have you had or seen people get spyware such as fake antivirus software or browser highjackers? What occurred is someone installed a piece of software on your machine without your permission either through a social engineering tactic or from a flaw in the operating system/browser/whatever. It happens so often people just try to clean it up and move on without a second thought.

Unless you had base lined your machine and then did a complete forensic analysis of what these programs were doing you have no way of knowing if a key logger was installed or if the software is shipping off your information to some server in the Ukraine. Google zues botnet for a very recent example.

AV has a poor detection rate no matter the vendor. Most organizations don't have the staff or the money to properly detect these things, let alone the home user. It's rough out there. Laughing

I know this isn't the same as intercepting an email but the bottom line is if you don't put measures in place to protect your information you should consider it public. That's not a problem as long as you aren't sending out information that should be guarded.

_________________
Jason

"Freedom, Security, Convenience: Choose Two"
"For me, I will take freedom over security and I will take security over convenience." ~ Dan Geer
Back to top Go down
View user profile http://www.brothersofbriar.com
lowflyingpenguin

avatar

Age : 63
Location : The Wilds of Canada (from Iroquois for 'the village')
Registration date : 2009-04-10

PostSubject: Re: An IT question   Wed Dec 08, 2010 7:44 pm

jhuggett wrote:
SSL is usually considered layer 6 isn't it?

It occurs in the transport layer and if you use the 7 layer model that actually makes it layer 4. The invocation and key verification occur in the browsers so it also appears in level 7.
Back to top Go down
View user profile
 
An IT question
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» theme-background-question
» When Reseting Passwords add a Security Question(s)
» question-about-forum-securities
» tos-related-question-regarding-softwear-i-created
» Chapter 18 - Preliminary Results. Preparation For The Interrogations

Permissions in this forum:You cannot reply to topics in this forum
Brothers of Briar :: Community :: The Round Table-
Jump to: