Presentation is loading. Please wait.

Presentation is loading. Please wait.

URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J. 2004.

Published byCorey Fletcher Modified over 9 years ago

Similar presentations

Presentation on theme: "URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J. 2004."— Presentation transcript:

1 URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J. 2004

2 URL Obscuring Internet based fraud is gaining quickly in importance. Phishing: The practice of enticing victims with spoofed email to visit a fraudulent webpage. http://www.antiphishing.org/

3 URL Obscuring: Phishing Example Visible Link: https://www.usa.visa.com/personal/secure_with_visa/index.html?t=h1_/index.html Actual Link: http://www.verified-web-us.com/Visa%20USA%20%20Personal%20%20Protect%20Your%20Card.htm Actual website IP: 209.35.123.41 Uses Java program to overwrite the visible address bar in the window:

4 URL Obscuring: Phishing Example

5 URL Obscuring Phishs need to hide web-servers URL Obscuring Hide host of web service Use networking protocol

6 URL Basics Phishs can use obscure features of URL. URL consists of three parts: Service Address of server Location of resource. http://www.cse.scu.edu/~tschwarz/coen252_03/Lectures/URLObscuring.html

7 URL Basics Scheme, colon double forward slash. An optional user name and password. The internet domain name RCF1037 format IP address as a set of four decimal digits. Port number in decimal notation. (Optional) Path + communication data. http://tschwarz:fiddlesticks@www.cse.scu.edu/~tschwarz/coen252_03/Lectures/URLObscuring.html http://www.google.com/search?hl=en&ie=UTF-8&q=phishing

8 Obscuring URL Addresses Embed URL in other documents Use features in those documents to not show complete URL http://www.usfca.edu@www.cse.scu.edu/~tschwarz/coen252_03/index.html URL rules interpret this as a userid. Hide this portion of the URL.

9 Obscuring URL Addresses Use the password field. www.scu.edu has IP address 129.210.2.1. Some browsers accept the decimal value 129*256**3 + 210*256**2 + 2*256 + 1 = 2178023937 for the IP address. http://www.usfca.edu@2178023937 Works as a link. Does not work directly in later versions of IE

10 Obscuring URL Addresses http://www.usfca.edu@129.210.2.1 works. Hide the ASCI encoding of @: http://www.usfca.edu%40129.210.2.1 Or just break up the name: http://www.usfca.edu%40%127%167w.scu.edu Or use active page technologies (javascript, …) to create fake links.

11 'Enroll your card with Verified By Visa program' Recent Phish sends SPAM consisting of a single image:

12 'Enroll your card with Verified By Visa program' The whole text is a single image, linked to the correct citi URL. If the mouse hovers over the image, it displays the correct citi URL. But surrounded by an HTML box that leads to the phishing website.

13 'Enroll your card with Verified By Visa program' Target webpage has an address bar that is overwritten with a picture with a different URL. Go to www.antiphishing.org.

14

15

16 Hiding Hosts Name Look-Up: OS checks HOST file first. Can use HOST file to block out certain sites adservers Affects a single machine. OSLocation Linux/etc/hosts Win95/98/MEC:\windows\hosts Win NT/2000/XP ProC:\winnt\systems32\etc\hosts Win XP HomeC:\windows\system32\drivers\etc\hosts

17 Subverting IP Look-Up In general, not used for phishing. Economic Damage Hillary for Senate campaign attack. Hiding illegal websites. (Kiddie Porn) DNS Server Sabotage IP Forwarding

18 Subverting IP Look-Up Port Forwarding URLs allow port numbers. Legitimate business at default port number. Illegitimate at an obscure port number. Screen clicks Embed small picture. Single pixel. Forward from picture to the illegitimate site. Easily detected in HTML source code. Password screens Depending on access control, access to different sites.

Download ppt "URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J. 2004."

Similar presentations

Introduction to Web Design Lecture number:. Todays Aim: Introduction to Web-designing and how its done. Modelling websites in HTML.

Introduction to Web Design Lecture number:. Todays Aim: Introduction to Web-designing and how its done. Modelling websites in HTML.
1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.
Basic Internet Terms Digital Design. Arpanet The first Internet prototype created in 1965 by the Department of Defense.

Basic Internet Terms Digital Design. Arpanet The first Internet prototype created in 1965 by the Department of Defense.
WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
XP New Perspectives on Browser and E-mail Basics Tutorial 1 1 Browser and E-mail Basics Tutorial 1.

XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
4.01 How Web Pages Work.

4.01 How Web Pages Work.
HTML5 and CSS3 Illustrated Unit E: Inserting and Working with Links

HTML5 and CSS3 Illustrated Unit E: Inserting and Working with Links
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
CIS101 Introduction to Computing

CIS101 Introduction to Computing
URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J. 2004.

URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J
Introduction to HTML 2006 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.

Introduction to HTML 2006 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Computer Science 103 Chapter 2 HyperText Markup Language (HTML)

Computer Science 103 Chapter 2 HyperText Markup Language (HTML)
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.

COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J. 2006.

URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J
How the World Wide Web Works

How the World Wide Web Works
COEN 252 Computer Forensics Phishing  Thomas Schwarz, S.J. 2006.

COEN 252 Computer Forensics Phishing  Thomas Schwarz, S.J
UNDERSTANDING WEB AND WEB PROJECT PLANNING AND DESIGNING AND EFFECTIVE WEBSITE Garni Dadaian.

UNDERSTANDING WEB AND WEB PROJECT PLANNING AND DESIGNING AND EFFECTIVE WEBSITE Garni Dadaian.
The Internet & Web Browsers Business Webpage Design Kelly Seale.

The Internet & Web Browsers Business Webpage Design Kelly Seale.

Similar presentations

Ads by Google