E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group

Slides:

Advertisements

Similar presentations

Decision Group Forensics Investigation Toolkit (FIT) Layer 7 Content Reconstruction Tool.

Advertisements

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.

Working with the Internet

Page 1 / 18 Internet Traffic Monitor IM Page 2 / 18 Outline Product Overview Product Features Product Application Web UI.

Remote User Authentication in Digital Libraries

4.01 How Web Pages Work.

E-Detective Series of Products Presentation (2009) Decision Group

How the Internet Works Course Objectives Introduce the various web browsers Introduce some new terms Explain the basic Internet to PC hookup  ISP  Wired.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Lawful Interception & Packet Forensics Analysis System Casper Kan Chang Decision Group June 2010.

Wireless-Detective WLAN a/b/g/n Interception System Decision Group

DECISION-COMPUTER INTERNATIONAL CO., LTD E-Detective Series of Products Decision Computer Group of Company Website:

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Network Forensics and Lawful Interception Total Solutions Provider

DECISION GROUP The Pioneer of IT Forensics Taipei, Germany, Hong Kong, Singapore.

1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

Lesson 19 Internet Basics.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

INTRODUCTION TO COMPUTER TECHNOLOGY INTRODUCTION TO THE INTERNET & ELECTRONIC COMMERCE Part 4-Session_1 Akanferi Albert

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.

Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.

Course 201 – Administration, Content Inspection and SSL VPN

IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.

SSL Man-in-the-Middle Attacks with Dsniff Rochester OWASP & ISSA Chapters Ralph Durkee Durkee Consulting, Inc.

Cyber Crime & Investigation IT Security Consultant

Web Security Sankar Roy 1. Acknowledgement While preparing the presentation slides and the demo, I received help from Professor Eugene Vasserman Professor.

Surveillance Equipment For Internet Activities It is a Internet activities surveillance equipment designed for sniffer package from networking, converter.

Lawful Interception & Packet Forensics Analysis System for Telecom and ISP Special promotion:- EDDC : Off-line Packet Reconstruction & Network Forensics.

COMP 6005 An Introduction To Computing Session Four: Internetworking and the World Wide Web.

Session 10 Windows Platform Eng. Dina Alkhoudari.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.

Chapter 2 Browsing the Web. Web Sites  What is a Home Page?  What is a Web Portal? (portal) Example: Yahoo! Lycos and MSN Typically offer? ________________________________________.

Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

1 and Internet Evidence Mark Pollitt Associate Professor, Engineering Technology.

Protecting Students on the School Computer Network Enfield High School.

Decision Group Inc. E-DETECTIVE Decision Group Inc.

Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 8 Omar Meqdadi Department of Computer Science and Software Engineering University of.

E-Detective Decoding Centre (EDDC) Offline Decoding & Reconstruction Solution Decision Group

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Instrument for Business, Police, Military, Forensics and Information Investigation Wiretap Technology Revolution!!!

E-Detective Ethernet LAN Interception System (with Real-Time Content Reconstruction) Decision Group

Ethical Hacking: Hacking GMail. Teaching Hacking.

Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP Headers Client IP Address HTTP User Login FAT URLs Cookies.

Activity 4 Protecting Ourselves. Keeping Safe There are lots of different ways we can be at risk on the Internet. How can we protect ourselves and keep.

E-Detective Network Investigation Toolkit - NIT (2010) Decision Group

An Introduction to E-Commerce Security By Graham Mead.

DECISION Group Inc.. Decision Group Monitoring Center Solution on Internet Access for LEA or Intelligence.

COM: 111 Introduction to Computer Applications Department of Information & Communication Technology Panayiotis Christodoulou.

E-Detective VoIP Detective – VoIP Interception (2010) Decision Group

Internet Privacy Define PRIVACY? How important is internet privacy to you? What privacy settings do you utilize for your social media sites?

Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.

Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.

ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.

Forensics Investigation Toolkit (FIT) Offline Raw Data Files Parsing and Reconstruction Tools (Windows) Decision Group

Internet Vulnerabilities & Criminal Activity Internet Forensics 12.1 April 26, 2010 Internet Forensics 12.1 April 26, 2010.

Introduction to Computers

E-Detective System Backup Server July 2010

Federal Law Enforcement

Presentation transcript:

E-Detective HTTPS/SSL Interception – MITM & Proxy Decision Group

Introduction to HTTPS/SSL Interception  Intercept HTTPS/SSL traffic (connection sessions) by MITM attack or by Proxy setup.  HTTPS/SSL Interception by MITM mode is carried out utilizing both DNS and ARP attacks.  HTTPS web pages on targeted user can be decrypted, decoded and reconstructed. Username and password can also be obtained for Web Login.  Apply to standard HTTPS/SSL traffic without additional security.  HTTPS/SSL Interception by Proxy mode required the target users’ Web Browser to be pre-configured to use the Proxy service. Solution for: Lawful Enforcement Agencies (Police Intelligence, Military Intelligence, National Security, Counter Terrorism, etc) and corporate organizations. HTTPS/SSL Interception Appliance (Software + Hardware) User can opt to purchase only software from us and use their own hardware/server.

HTTPS/SSL Interception – By MITM Attack Intercept and reconstruct HTTPS/SSL traffic. Obtain HTTPS page login username and password. Intercept on specific targets (suspects)

HTTPS/SSL Interception – By MITM Attack  HTTPS/SSL Interception by MITM mode is carried out utilizing both DNS and ARP attacks.  HTTPS web pages on targeted user can be decrypted, decoded and reconstructed. Username and password can also be obtained for Web Login.  Target User (Suspect) IP Address must be known or pre-configured in the setup of HTTPS/SSL Interception system.  Target Website Links (URLs) must also be pre-configured.  Concurrently attack up to 5 users (Optional for more users).  Apply to standard HTTPS/SSL traffic without additional security. To view encrypted content, a key is a needed

HTTPS/SSL Interception – By Proxy Method

 HTTPS/SSL Interception by Proxy implementation.  Proxy pre-configured on the targeted user(s) ‘ Web Browser is required.  HTTPS/SSL Interception by Proxy implementation can supports other protocols capturing and reconstruction besides HTTPS/SSL traffic.  Some supported protocols are: Webmail (Yahoo Mail, Gmail, Hotmail etc.), IM (Yahoo, MSN, ICQ, IRC, QQ, Web MSN, Web Yahoo etc.), HTTP Web Browsing, P2P and Online Games).  Can be implemented to a group of users (more than 100 concurrent interception)  HTTPS/SSL decryption only apply to standard HTTPS/SSL traffic without additional security. To view encrypted content, a key is a needed

IM/Chat (Yahoo, MSN, ICQ, Gtalk, IRC, QQ, Web MSN, Web Yahoo) Webmail (Hotmail, Yahoo, Gmail etc.) HTTP (Link, Content, Reconstruct) File Transfer P2P Others Online Games HTTPS/SSL Interception – Proxy Implementation Protocols Supported

Sample: Webmail (Read and Sent)

Sample: IM (Yahoo, MSN, ICQ etc.)

Sample: HTTP Link and HTTP Content

References – Implementation Sites and Customers  Criminal Investigation Bureau  The Bureau of Investigation Ministry of Justice  National Security Agency (Bureau) in various countries  Intelligence Agency in various countries  Ministry of Defense in various countries  Counter/Anti Terrorism Department  National Police, Royal Police in various countries  Government Ministries in various countries  Federal Investigation Bureau in various countries  Telco/Internet Service Provider in various countries  Banking and Finance organizations in various countries  Others Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.

Decision Group For more information about HTTPS/SSL Interception system, please contact Product demonstrations can be arranged.