---------- Forwarded message ---------- From: Shrey Sharma <[email protected]> Date: Mon, Apr 4, 2011 at 1:32 PM Subject: Re: [umit-devel] Regarding GSoc project- Packet Manipulator To: "Luis A. Bastiao Silva" <[email protected]>
Hey ,For detecting the MITM I have found some interesting techniques... I would like to know the present techniques which the Packet Manipulator uses.. And also tell me which of the techniques I have listed could work in the present scenario... Various defenses against MITM attacks use authentication techniques that are based on: - Public key infrastructures<http://en.wikipedia.org/wiki/Public_key_infrastructure> - Stronger mutual authentication<http://en.wikipedia.org/wiki/Mutual_authentication>, such as: - Secret keys (which are usually high information entropy<http://en.wikipedia.org/wiki/Entropy_(information_theory)> secrets, and thus more secure), or - Passwords (which are usually low information entropy secrets, and thus less secure) - Latency examination, such as with long Cryptographic hash function<http://en.wikipedia.org/wiki/Cryptographic_hash_function> calculations that lead into 10s of seconds; if both parties take 20 seconds normally, and the calculation takes 60 seconds to reach each party, this can indicate a third party - Second (secure) channel verification - One-time pads <http://en.wikipedia.org/wiki/One-time_pad> are immune to MITM attacks, assuming the security and trust of the one-time pad. - Carry-forward verification<http://en.wikipedia.org/w/index.php?title=Carry-forward_verification&action=edit&redlink=1> Cheers! -Shrey On Mon, Apr 4, 2011 at 4:39 AM, Luis A. Bastiao Silva <[email protected]>wrote: > It means change behavior of protocols. The firewall can block the traffic, > and audit, based on questions, answer with different answer, not the > expected ones. > > For instance, do a request to an HTTP server. Then, the MITM audit can > change the answer of HTTP Server, to fuzzing the client, and test it. It is > change the behavior of protocol. Make sense? > > > On Sun, Apr 3, 2011 at 7:55 PM, Shrey Sharma <[email protected]>wrote: > >> And I have one more question.... >> In the project named Packet Manipulator-new audit >> what does "change the protocols behavior based on MITM audits" means ...I >> mean do we have to work to prevent such attacks ?? >> >> -Shrey >> >> On Mon, Apr 4, 2011 at 12:21 AM, Shrey Sharma >> <[email protected]>wrote: >> >>> Hey i was jst experimenting with my Nmap and i found that it doesn’t >>> identify the windows platform precisely ...i.e. it says that it could be >>> windows 7,windows vista, windows 2000.. >>> >>> but it doesn’t identify that exactly which version is being used.So , I >>> have come up with an idea, Please read it and tell me if it can work.. >>> >>> >>> “Less tactful attempts at OS identification can be made by >>> >>> launching known exploits for a given OS type against a target host, in >>> >>> chronological order. The theory is that exploits are patched as they are >>> >>> discovered so by starting with the oldest known exploit against a given >>> host >>> >>> and working forward should yield a point at which an attack succeeds, >>> which >>> >>> should thereby identify the revision of OS in use. As an example, >>> Microsoft >>> >>> Windows 95, 98 and NT4 are difficult to distinguish supposedly because >>> the >>> >>> IP stack code was only marginally revised between OS versions. Starting >>> >>> with a basic WinNuke attack and moving forward to more complex attacks >>> such as Teardrop can eventually yield a vulnerability that points to the >>> type and/or hotfix revision that is missing from the OS, thus indicating the >>> current patch level” >>> >>> Waiting Eagerly, >>> -Shrey >>> >>> On Sat, Apr 2, 2011 at 5:40 PM, Luis A. Bastiao Silva < >>> [email protected]> wrote: >>> >>>> Ah, now I notice, did you need any help to start running Audit >>>> Framework? >>>> >>>> >>>> On Fri, Apr 1, 2011 at 5:24 PM, Luis A. Bastiao Silva < >>>> [email protected]> wrote: >>>> >>>>> Shrey, >>>>> >>>>> You should start by doing a proposal. >>>>> >>>>> Start filling the template: >>>>> >>>>> http://www.google-melange.com/gsoc/org/home/google/gsoc2011/umit >>>>> >>>>> Then, submit, and you can edit on the fly. I can paste a few comments. >>>>> Start by filling it. >>>>> >>>>> >>>>> >>>>> On Fri, Apr 1, 2011 at 4:52 PM, Shrey Sharma <[email protected] >>>>> > wrote: >>>>> >>>>>> Can you please suggest me how can I submit a patch on 11 - Packet >>>>>> Manipulator - new audits ? >>>>>> *and how can I improve my chances to get selected for this project. >>>>>> * >>>>>> >>>>>> On Fri, Apr 1, 2011 at 9:03 PM, Luis A. Bastiao Silva < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Shrey, >>>>>>> >>>>>>> On Fri, Apr 1, 2011 at 3:55 PM, Shrey Sharma < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> >>>>>>>> Hi, >>>>>>>> My name is Shrey Sharma.I am really very excited >>>>>>>> about *P**acket Manipulator .* >>>>>>>> * *I am a B.tech Student of Indian Institute of >>>>>>>> Technology(IIT),Kharagpur majoring in Computer Science. >>>>>>>> I have a huge interest in the field of networks. I >>>>>>>> have also volunteered as the system administrator in my Computer >>>>>>>> Science >>>>>>>> Department . >>>>>>>> >>>>>>> >>>>>>> >>>>>>> Thanks for introduction. It has a great value for us, because we are >>>>>>> an open souce organization focused on network security, audit, >>>>>>> monitoring .. >>>>>>> :) >>>>>>> >>>>>>> >>>>>>>> >>>>>>>> Skills: >>>>>>>> I know Python,but didn't do any major project in it. >>>>>>>> I am currently learning about the network protocols. >>>>>>>> Recently, attended a workshop on Hacking and Digital >>>>>>>> Securities organized by Kyrion Digital >>>>>>>> Securities<http://www.kyrion.in/> >>>>>>>> >>>>>>>> It would be really great if you could suggest me any work >>>>>>>> that I can do to increase my chances to work in this project. >>>>>>>> I have gone through all the links but it would be great >>>>>>>> if you can send further details of this project. >>>>>>>> >>>>>>> >>>>>>> >>>>>>> Related ideas: >>>>>>> http://www.umitproject.org/?active=gsoc&mode=ideas#6 >>>>>>> http://www.umitproject.org/?active=gsoc&mode=ideas#7 >>>>>>> http://www.umitproject.org/?active=gsoc&mode=ideas#11 >>>>>>> >>>>>>> You can also propose your own idea to improve PacketManipulator. >>>>>>> >>>>>>> Information about Packet Manipulator: >>>>>>> http://trac.umitproject.org/wiki/PacketManipulator >>>>>>> >>>>>>> Information about Audit Framework (PacketManipulator framework) >>>>>>> http://trac.umitproject.org/wiki/AuditFramework >>>>>>> >>>>>>> Submit your proposal: >>>>>>> http://www.google-melange.com/gsoc/org/google/gsoc2011/umit >>>>>>> >>>>>>> >>>>>>> >>>>>>> Just let us know if you need further information. >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Eagerly Waiting for your reply, >>>>>>>> Shrey Sharma >>>>>>>> Department of Computer Science >>>>>>>> IIT Kharagpur >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Create and publish websites with WebMatrix >>>>>>>> Use the most popular FREE web apps or write code yourself; >>>>>>>> WebMatrix provides all the features you need to develop and >>>>>>>> publish your website. http://p.sf.net/sfu/ms-webmatrix-sf >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Umit-devel mailing list >>>>>>>> [email protected] >>>>>>>> https://lists.sourceforge.net/lists/listinfo/umit-devel >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> Best Regards, >>>>>>> -- >>>>>>> Luís A. Bastião Silva >>>>>>> Skype: koplabs >>>>>>> http://www.bastiao.org >>>>>>> >>>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Luís A. Bastião Silva >>>>> Skype: koplabs >>>>> http://www.bastiao.org >>>>> >>>>> >>>> >>>> >>>> -- >>>> Luís A. Bastião Silva >>>> Skype: koplabs >>>> http://www.bastiao.org >>>> >>>> >>> >> > > Best Regards, > -- > Luís A. Bastião Silva > Skype: koplabs > http://www.bastiao.org > > -- Luís A. Bastião Silva Skype: koplabs http://www.bastiao.org
------------------------------------------------------------------------------ Create and publish websites with WebMatrix Use the most popular FREE web apps or write code yourself; WebMatrix provides all the features you need to develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf
_______________________________________________ Umit-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/umit-devel
