URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J. 2004.

Slides:



Advertisements
Similar presentations
WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
Advertisements

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Internet Phishing Not the kind of Fishing you are used to.
$200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300 $500 $100 Category One Category Two Category.
XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
CIS101 Introduction to Computing Week 05. Agenda Your questions Exam next week - Excel Introduction to the Internet & HTML Online HTML Resources Using.
CIS101 Introduction to Computing Week 05. Agenda Your questions CIS101 Survey Introduction to the Internet & HTML Online HTML Resources Using the HTML.
CIS101 Introduction to Computing
Introduction to HTML 2006 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Introduction to HTML 2006 INT197B. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Introduction to HTML 2004 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Introduction 2: Internet, Intranet, and Extranet J394 – Perancangan Situs Web Program Sudi Manajemen Universitas Bina Nusantara.
Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J
CIS101 Introduction to Computing Week 06. Agenda Your questions Excel Exam during second hour Our status after the snow day Introduction to the Internet.
How the World Wide Web Works
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
COEN 252 Computer Forensics Phishing  Thomas Schwarz, S.J
Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 Investigations.
Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.
INTRODUCTION TO WEB DATABASE PROGRAMMING
Forensic and Investigative Accounting
Cyber Crimes.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
Lecturer: Ghadah Aldehim
Lesson 2 — The Internet and the World Wide Web
1 HTML (Set Up Public Folder) Some material on these slides is taken directly from
Windows Internet Explorer 9 Chapter 1 Introduction to Internet Explorer.
Web Page Design I Retest Terms Review. 1. Web pages are created using a language known as ___________. The coding of this language must follow specific.
Badvertisements: Stealthy Click-Fraud with Unwitting Accessories Mona Gandhi Markus Jakobsson Jacob Ratkiewicz Indiana University at Bloomington Presented.
XHTML Introductory1 Linking and Publishing Basic Web Pages Chapter 3.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
Internet Concept and Terminology. The Internet The Internet is the largest computer system in the world. The Internet is often called the Net, the Information.
Technology Standards Review. Where do you click to begin entering the address for the Web site to which you would like to go?
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
 The World Wide Web is a collection of electronic documents linked together like a spider web.  These documents are stored on computers called servers.
MySQL and PHP Internet and WWW. Computer Basics A Single Computer.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Chapter 8 Collecting Data with Forms. Chapter 8 Lessons Introduction 1.Plan and create a form 2.Edit and format a form 3.Work with form objects 4.Test.
1 Welcome to CSC 301 Web Programming Charles Frank.
INTERNET PRESENTATION. WHAT IS THE INTERNET? The worlds largest computer network. A collection of local, regional and national computer networks linked.
Application Block Diagram III. SOFTWARE PLATFORM Figure above shows a network protocol stack for a computer that connects to an Ethernet network and.
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
Phishing A practical case study. What is phishing? Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details.
URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J
Turning Windows 7 into a Web Server Ch 28. Understanding Internet Information Services.
1 UNIT 13 The World Wide Web Lecturer: Kholood Baselm.
Living Online Lesson 3 Using the Internet IC3 Basics Internet and Computing Core Certification Ambrose, Bergerud, Buscge, Morrison, Wells-Pusins.
CSI 3125, Preliminaries, page 1 Networking. CSI 3125, Preliminaries, page 2 Networking A network represents interconnection of computers that is capable.
The Internet and World Wide Web Sullivan University Library.
ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.
Basics What is ? is short for electronic mail. is a method for sending messages electronically from one computer.
The Internet, Fourth Edition-- Illustrated 1 The Internet – Illustrated Introductory, Fourth Edition Unit B Understanding Browser Basics.
 In the 1960s, ARPANET (Advanced Research Projects Agency Network), the internet’s predecessor, was invented  ARPANET used two technologies that are.
Microsoft Office 2008 for Mac – Illustrated Unit D: Getting Started with Safari.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.
IT Security  .
CISC103 Web Development Basics: Web site:
ISYM 540 Current Topics in Information System Management
Warm Handshake with Websites, Servers and Web Servers:
Phishing is a form of social engineering that attempts to steal sensitive information.
Wireless Spoofing Attacks on Mobile Devices
Presentation transcript:

URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J. 2004

URL Obscuring Internet based fraud is gaining quickly in importance. Phishing: The practice of enticing victims with spoofed to visit a fraudulent webpage. Graphics courtesy of Tumbleweed Communications

URL Obscuring Target receives pretending to be from an institution inviting to go to the institutions website. Following the link leads to a spoofed website, which gathers data. It is possible to establish a web-presence without any links: Establish website with stolen / gift credit card. Use to send harvested information to an untraceable account, etc. Connect through public networks.

URL Obscuring: Phishing Example Visible Link: Actual Link: Actual website IP: Uses Java program to overwrite the visible address bar in the window:

URL Obscuring: Phishing Example

URL Obscuring Phishs need to hide web-servers URL Obscuring Javascript or other active web-technology overwrites URL field Other techniques to hide web-server address Use hosts file Hiding illegal web-server at legal site

URL Basics Phishs can use obscure features of URL. URL consists of three parts: Service Address of server Location of resource.

URL Basics Scheme, colon double forward slash. An optional user name and password. The internet domain name RCF1037 format IP address as a set of four decimal digits. Port number in decimal notation. (Optional) Path + communication data.

Obscuring URL Addresses Embed URL in other documents Use features in those documents to not show complete URL URL rules interpret this as a userid. Hide this portion of the URL.

Obscuring URL Addresses Use the password field. has IP address Some browsers accept the decimal value 129*256** *256**2 + 2* = for the IP address. Works as a link. Does not work directly in later versions of IE

Obscuring URL Addresses works. Hide the ASCI encoding Or just break up the name: Or use active page technologies (javascript, …) to create fake links.

'Enroll your card with Verified By Visa program' 2004 Phish sends SPAM consisting of a single image:

'Enroll your card with Verified By Visa program' The whole text is a single image, linked to the correct citi URL. If the mouse hovers over the image, it displays the correct citi URL. But surrounded by an HTML box that leads to the phishing website.

'Enroll your card with Verified By Visa program' Target webpage has an address bar that is overwritten with a picture with a different URL. Go to

Hiding Hosts Name Look-Up: OS checks HOST file first. Can use HOST file to block out certain sites adservers Affects a single machine. OSLocation Linux/etc/hosts Win95/98/MEC:\windows\hosts Win NT/2000/XP ProC:\winnt\systems32\etc\hosts Win XP HomeC:\windows\system32\drivers\etc\hosts

Subverting IP Look-Up In general, not used for phishing. Economic Damage Hillary for Senate campaign attack. Hiding illegal websites. (Kiddie Porn) DNS Server Sabotage IP Forwarding

Subverting IP Look-Up Port Forwarding URLs allow port numbers. Legitimate business at default port number. Illegitimate at an obscure port number. Screen clicks Embed small picture. Single pixel. Forward from picture to the illegitimate site. Easily detected in HTML source code. Password screens Depending on access control, access to different sites.

Phisher-Finder Carefully investigate the message to find the URL. Do not expect this to be successful unless the phisher is low-tech. Capture network traffic with Ethereal to find the actual URL / IP address. Use Sam Spade or similar tools to collect data about the IP address.

Phisher-Finder Capture network traffic with Ethereal when going to the site. This could be dangerous. Disable active webpages. Do not use IE (too popular). Look at the http messages actually transmitted. Expect some cgi etc. script.

Phisher-Finder Investigation now needs to find the person that has access to the website. This is were you can expect to loose the trace. The data entered can be transmitted in various forms, such as anonymous . For example, they can be sent to a free account. IPS usually has the IP data of the computer from which the account was set up and from which the account was recently accessed. Perpetrator can use publicly available computers and / or unencrypted wireless access points. Investigator is usually left with vague geographical data.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.