Difference between revisions of "Willie Stehm"

From WLCS
(Topics of focus)
 
(177 intermediate revisions by the same user not shown)
Line 12: Line 12:
 
::*[http://en.wikipedia.org/wiki/Secure_Sockets_Layer TLS] and SSL
 
::*[http://en.wikipedia.org/wiki/Secure_Sockets_Layer TLS] and SSL
 
::*[http://en.wikipedia.org/wiki/MD5 MD5]
 
::*[http://en.wikipedia.org/wiki/MD5 MD5]
 +
=====Wiimote=====
 +
:*Bluetooth
 +
:*Head tracking
 +
:*Smart board
 +
=====Magnetic Stripe=====
 +
:*DIY reader/writer
 +
:*Writing and editing information on card
 
=====RFID=====
 
=====RFID=====
 
:*[http://en.wikipedia.org/wiki/Rfid RFID Basics]
 
:*[http://en.wikipedia.org/wiki/Rfid RFID Basics]
Line 19: Line 26:
 
::*Editing information stored on card
 
::*Editing information stored on card
 
:*RFID security
 
:*RFID security
=====Magnetic Stripe=====
+
=====Web Development=====
:*DIY reader/writer
+
:*Web Server
:*Writing and editing information on card
+
:*Initial site design
 
+
::*Good / Bad
 +
:*HTML
 +
:*PHP
 +
:*CSS
  
==Ten Goals for the Quarter==
+
==Goals and Documentation==
<p>1) Set up test lab using a minimum of three computers connect to a hub or switch</p>
+
:*[http://paulbui.net/wl/index.php?title=Willie_Stehm_1st_Quarter 1st Quarter]
<p>2) Research and use packet sniffers to intercept packets sent by other computers through the network</p>
+
:*[http://paulbui.net/wl/index.php?title=Willie_Stehm_2nd_Quarter 2nd Quarter]
<p>3) Research and document findings on how to crack password hashes</p>
+
:*[http://paulbui.net/wl/index.php?title=Willie_Stehm_3rd_Quarter 3rd Quarter]
<p>4) Research email security</p>
+
:*[http://paulbui.net/wl/index.php?title=Willie_Stehm_4th_Quarter 4th Quarter]
::*Gmail Chat
 
::*Normal Email
 
  
==Goal Documentation==
+
==Partners in Crime==
===1 Setting up the test lab===
+
*[[AJ McLennan]]
:*After doing a bit of research we settled on using the Xubuntu operating system.  Xubuntu is a streamlined version of the Ubuntu operating system that is less memory intensive and thus better for older computers such as the ones used in our test lab.  It also cuts out some of the unneeded bundled applications that come with Ubuntu, allowing us to add on only what is useful to us.  While comparing hubs and switches we decided to use a hub.  Hubs unlike switches broadcast packets out to all ports.  This enables us to easily intercept packets, learn to analyze packet data, and learn about network security as a whole.
+
*[[Nick Apseloff]]
[[Image:1007081014.jpg|thumb|right|Our test network as we set it up.]]
+
*[[Sean Readdy]]
===2 Packet Sniffers===
 
:*Under the recommendation of Mr.Bui we started using a program called [http://www.wireshark.org/ wireshark] (formally known as ethereal) to start capturing packets sent over our test lab network.  Using the im client [http://www.pidgin.im/ Pidgin], we set up test accounts and started talking to each other over the network.  These packets were relayed to the Pidgin server and then sent to the other account.  Using our hub and concurrently running wireshark, we were able to filter the captured packets to only view those related to Pidgin and the AIM protocol. The results were amazing.  We intercepted packets containing everything from log-on info to message contents, buddy info, updates on when the person was away or idle, and even password hashes being sent at the log-in. 
 
===3 Password Hashes===
 
:*When signing onto AIM through Pidgin, we captured the password hash 51e3ed91700bee528a11e333ab25e6d2 with wireshark. The password algorithm used in the aim protocol is [http://en.wikipedia.org/wiki/MD5 MD5].  MD5 turns the password into a one way 128-bit hash before sending it AOL for verification.  Since MD5 is designed to be a one way algorithm it makes it very difficult to reverse and thus recover the password from the hash.  Two ways we found that this could be done are through the use of a [http://en.wikipedia.org/wiki/Rainbow_table Rainbow table] or through a password cracker such as [http://www.oxid.it/cain.html Cain and Abel].  Password crackers use vast word lists and compare individual words to the password hash hoping to find a match.
 
===4 Email Security===
 

Latest revision as of 11:36, 21 January 2009

Im in your PC stealing your interne.jpg

Today is May 18, 2024. Welcome to my page!

Topics of focus

Networking and Network Security
  • Basic concepts
  • Building test lab
  • Intercepting packets
  • Password hashes
  • IM information (buddy info, messages, sign-on data, sign-off data, etc.)
  • Middle man attacks
  • Encryption
Wiimote
  • Bluetooth
  • Head tracking
  • Smart board
Magnetic Stripe
  • DIY reader/writer
  • Writing and editing information on card
RFID
  • RFID Basics
  • Assembling RFID reader
  • Reading and writing information on RFID card
  • RF-dump
  • Editing information stored on card
  • RFID security
Web Development
  • Web Server
  • Initial site design
  • Good / Bad
  • HTML
  • PHP
  • CSS

Goals and Documentation

Partners in Crime

Retrieved from "https://www.paulbui.net/wiki/index.php?title=Willie_Stehm&oldid=2539"