DOCSLIB.ORG

Hakin9 Magazine 02/2013

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hakin9 Magazine 02/2013 PRACTICAL PROTECTION IT SECURITY MAGAZINE Dear Hakin9 Readers, his month’s issue is devoted to DDoS Attacks. We prepared T some articles written by experts who face these problems every day. team Editor in Chief: Oleksandr Bevz Janice Camacho and Josh Day discuss the business impact [email protected] of DDoS and the loss it causes. Elizabeth Botes shares her Editorial Advisory Board: John Webb, Marco long-time experience in this field with you too. Gur Shatz men- Hermans, Gareth Watters tiones five golden rules to avoid DDoS attacks. Correro’s Secu- Proofreaders: Jeff Smith, Oleksandr Bevz, Krzysztof rity Evangelist, Stephen Gates, advises what kind of system is Samborski most effective in preventing today’s DDoS attacks. Sergey Shekyan presents his SlowHTTPTest, a tool that Special Thanks to the Beta testers and Proofreaders who helped us with this issue. Without their assistance tests DdoS attacks. there would not be a Hakin9 magazine. Passing to the practical articles, Orlando Pivi explains how Senior Consultant/Publisher: Paweł Marciniak to check if your computer is infected and how to deal with it. Sahil Khan shows how to gather information from website and CEO: Ewa Dudzic [email protected] from Large Computer Network with simple DOS Command. Hakin9’s Editorial Team would like to give special thanks to Product Manager: Krzysztof Samborski the authors, betatesters and proofreaders. [email protected] We hope you enjoy reading this issue and find its content Production Director: Andrzej Kuca both informative and interesting. [email protected] DTP: Ireneusz Pogroszewski Art Director: Ireneusz Pogroszewski Oleksandr Bevz [email protected] Hakin9 Editor and Hakin9 team Publisher: Software Press Sp. z o.o. SK 02-682 Warszawa, ul. Bokserska 1 Phone: 1 917 338 3631 www.hakin9.org/en Whilst every effort has been made to ensure the highest quality of the magazine, the editors make no warranty, expressed or implied, concerning the results of the content’s usage. All trademarks presented in the magazine were used for informative purposes only. All rights to trade marks presented in the magazine are reserved by the companies which own them. DISCLAIMER! The techniques described in our articles may only be used in private, local networks. The editors hold no responsibility for misuse of the presented techniques or consequent data loss. 4 02/2013 CONTENTS DDOS AS A Threat to BUSINESS Stimulating Application Layer Denial of Why DDoS Attacks Are Service attacks with SlowHTTPTest 20 a Threat You Can’t Afford to Ignore? 06 By Sergey Shekyan By Janice Camacho & Josh Day Slow HTTP attacks are denial-of-service (DoS) attacks Distributed Denial of Service (DDoS) attacks no longer that rely on the fact that the HTTP protocol, by design, occur on a small-scale basis: they are now classified requires a request to be completely received by the as “cybercriminal” activity, especially because today’s server before it is processed. If an HTTP request is not hackers have managed to take down well-known global complete, or if the transfer rate is very low, the server corporations. Many DDoS attacks still continue to by- keeps its resources busy waiting for the rest of the data. pass some of the strongest barriers, making no place on the Internet safe. STEP BY STEP WITH DOS AND DDOS How to Combat Email-Based Threats (D)DOS: Practical Approach 22 to Business Continuity with By Dario Ursomando and Emanuele De Lucia Trusted Sender Recognition? 12 During the last years with the advance of information By Elizabeth Botes and communication technologies, our societies are Though mature and capable, the spam filters and an- evolving into global information societies. This brought ti-virus solutions that organizations currently rely on in a constant computing environment that has made cy- to counter email-based threats are quite simply not ber attacks significantly more sophisticated and threat- enough as new threats emerge. These threats can – ening. With the technologies falling prices and with the and do – result in the theft of intellectual property, large subsequent growth of internet access is becoming eas- sums of money being stolen and other serious disrup- ier and more profitable for criminal organizations or for tions that can significantly impact both day-to-day and the single vandal launch attacks against governments long-term business operations. and commercial organizations. The DDoS Protection Jungle – The Five How to Understand that Golden Commandments 16 Your PC Is Infected? 38 By Gur Shatz By Orlando Pivi DDoS is not a theoretical threat but something busi- In this article you will learn how to control and secure a nesses and organizations deal with every day. DDoS is computer that can be infected by a virus or in general by different because it involves real people trying to take malicious software or unwanted software (PUA – PUP*). down your site, using their wits and tools to overcome You will have also a general idea of how to determine if every protection layer. This has pushed vendors to the a file is safe or not, manually and automatically, and you limits of their creativity. The good thing is that there are will learn also how to do to find what a specific file does good solutions and ideas out there. The bad news is to the system. Balanced the use of on-line services to that there are lots of different options and technologies create a simple guide understandable by all. Of course to pick from. Regardless of the type of solution that is the most accurate way is a total manual analysis but to best for you, to be effective, it should adhere to a set of understand it you should have some knowledge base. fundamental commandments. How to Gather Information with Ddos? 42 By Sahil Khan HAKIN9 EXTRA In this article you will learn how to gather information Interview with Stephen Gates 18 from websites and from large computer network, in dif- By Aimee Rhodes ferent environment, with simple DOS command. Stephen Gates, Corero’s key security evangelist, ex- Information Gathering is also used in Forensic Investi- plains what are the business impacts of DDoS and what gation in both way, web and network. defense systems he believes are capable to prevent the attacks. www.hakin9.org/en 5 DDOS AS A THREat TO BUSINESS Why DDoS Attacks Are a Threat You Can’t Afford to Ignore? Distributed Denial of Service (DDoS) attacks no longer occur on a small-scale basis: they are now classified as “cybercriminal” activity, especially because today’s hackers have managed to take down well-known global corporations. Many DDoS attacks still continue to bypass some of the strongest barriers, making no place on the Internet safe. Luckily, DDoS mitigation expert DDoS Defend is here to ensure your website’s protection. What you will learn… What you should know… • What is a typical DDoS Attack • Have general computer knowledge • What are the targets of the attacks • What damages are caused by the attacks hen the Internet was first created in 1969, for themselves, perfect their image, and maximize it was designed to be a system that sig- their sales, as long as they have the proper mar- W nificantly improved communication be- keting tactics. In fact, according to Moving Your tween four computers. Since then, it has expand- Business From the Real World to the Internet, by ed into a global phenomenon that connects almost Jane M. Dawson, businesses that choose to ex- two and a half billion people (30% of the world’s plore the options of the Internet find that new doors population) through networks. open to better business branding, effective adver- At present, we live in an age where Internet de- tising, community building, consumer education, pendency is at an all-time high. Internet users and profits. spend a total of 35 billion hours online per month But, reputation is everything. In order to build a shopping, paying bills, using social networks, vis- trusted brand, websites must offer security, espe- iting multi-media sites, sending emails, reading cially if they plan to be in possession of their cus- news, etc. Because of the popularity of existing tomers’ private data at any time. As it turns out, Internet businesses, more real-world business- more planning went into the connective aspect of es are launching websites in an effort to market the Internet as opposed to its security. The truth is themselves worldwide and improve their brand. that websites are anything but safe from viruses Research from the US Census Bureau shows that and other attacks that could cause massive down- 45% of small businesses have a website, with an- time, affect user privacy and interaction, and inter- other 13% planning to build one in the near future. fere with company earnings. Also, according to annual revenue reports, 45% of According to Ketki Aror and Krishan Kumar, au- businesses with a website brought in $100,000- thors of Impact Analysis of Recent DDoS Attacks, $500,000 in revenue; 49% brought in $500,000- “The Internet’s architecture is very open in nature; $999,000; 69% brought in $1,000,00-$2,490,000; any machine attached to it is publically visible to and 67% brought in $2,500,000-$4,500,000. In [other] machines attached to enable communi- May 2012, The Washington Business Journal re cation.” Because of the Internet’s openness, it is ported that more than 69% of small business own- easy for computers to be infected with viruses. As ers believed that mobile websites would be the key a precaution against catching and spreading vi- to their marketing growth over the next five years.
Load more

Recommended publications
  • JW Apostate Reply Supporting Motion to Quash April 6Th
    Case 7:20-mc-00119-CS Document 13 Filed 04/06/20 Page 1 of 21 1 JANE / JOHN DOE 2 Email: [email protected] 3 4 Pro se 5 IN THE UNITED STATES DISTRICT COURT FOR THE 6 SOUTHERN DISTRICT OF NEW YORK 7 8 IN RE: DMCA SUBPOENA TO GOOGLE, LLC Case No.: 7:20-mc-00119 9 10 JANE / JOHN DOE’S REPLY IN SUPPORT OF THE OBJECTION AND MOTION TO 11 QUASH DMCA SUBPOENA 12 13 A. INTRODUCTION 14 15 While it is true that Jehovah’s Witnesses are well known for their distribution of 16 Bible based books and publications, they are also a notorious group of criminal 17 pedophiles running a scam “religion” who are guilty of abuse of process and emotional 18 19 extortion through sham litigation in their pathetic efforts at discovering leaks and 20 moles and whistleblowers. Unfortunately for them, this is the year 2020 and things 21 22 like VPNs, anonymous proxies, and TOR exit nodes frustrate them at every turn. 23 Whether one is known as Darkspilver or John Redwood or JW Apostate, or any 24 number of other pseudonyms, it does not really matter as we are all Spartacus in this 25 26 fight! Reporting on and exposing to public comment and ridicule the doctrinal 27 inconsistencies and reversals, failed predictions, mistranslation of the Bible, harsh 28 JANE / JOHN DOE’S REPLY IN SUPPORT OF OBJECTION AND MOTION TO QUASH DMCA SUBPOENA- 1 Case 7:20-mc-00119-CS Document 13 Filed 04/06/20 Page 2 of 21 1 treatment of former members and autocratic and coercive leadership (not to mention 2 the child raping!) is a public duty that Jane / John Doe takes extremely seriously at 3 1 great personal risk.
    [Show full text]
  • Introduction Points
    Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database) TORLINKS Directory for .onion sites, moderated. Core.onion - Simple onion bootstrapping Deepsearch - Another search engine. DuckDuckGo - A Hidden Service that searches the clearnet. TORCH - Tor Search Engine. Claims to index around 1.1 Million pages. Welcome, We've been expecting you! - Links to basic encryption guides. Onion Mail - SMTP/IMAP/POP3. ***@onionmail.in address. URSSMail - Anonymous and, most important, SECURE! Located in 3 different servers from across the globe. Hidden Wiki Mirror - Good mirror of the Hidden Wiki, in the case of downtime. Where's pedophilia? I WANT IT! Keep calm and see this. Enter at your own risk. Site with gore content is well below. Discover it! Financial Services Currencies, banks, money markets, clearing houses, exchangers. The Green Machine Forum type marketplace for CCs, Paypals, etc.... Some very good vendors here!!!! Paypal-Coins - Buy a paypal account and receive the balance in your bitcoin wallet. Acrimonious2 - Oldest escrowprovider in onionland. BitBond - 5% return per week on Bitcoin Bonds. OnionBC Anonymous Bitcoin eWallet, mixing service and Escrow system. Nice site with many features. The PaypalDome Live Paypal accounts with good balances - buy some, and fix your financial situation for awhile. EasyCoin - Bitcoin Wallet with free Bitcoin Mixer. WeBuyBitcoins - Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more. Cheap Euros - 20€ Counterfeit bills. Unbeatable prices!! OnionWallet - Anonymous Bitcoin Wallet and Bitcoin Laundry. BestPal BestPal is your Best Pal, if you need money fast. Sells stolen PP accounts.
    [Show full text]
  • Longitudinal Analysis of Misuse of Bitcoin⋆
    Longitudinal Analysis of Misuse of Bitcoin? Karim Eldefrawy1, Ashish Gehani1, and Alexandre Matton2?? 1 SRI International, USA 2 Stanford University, USA Abstract. We conducted a longitudinal study to analyze the misuse of Bitcoin. We first investigated usage characteristics of Bitcoin by analyz- ing how many addresses each address transacts with (from January 2009 to May 2018). To obtain a quantitative estimate of the malicious activity that Bitcoin is associated with, we collected over 2.3 million candidate Bitcoin addresses, harvested from the dark web between June 2016 and December 2017. The Bitcoin addresses found on the dark web were la- beled with tags that classified the activities associated with the onions that these addresses were collected from. The tags covered a wide range of activities, from suspicious to outright malicious or illegal. Of these addresses, only 47,697 have tags we consider indicative of suspicious or malicious activities. We saw a clear decline in the monthly number of Bitcoin addresses seen on the dark web in the periods coinciding with takedowns of known dark web markets. We also found interesting behavior that distinguishes the Bitcoin addresses collected from the dark web when compared to activity of a random address on the Bitcoin blockchain. For example, we found that Bitcoin addresses used on the dark web are more likely to be involved in mixing transactions. To identify mixing transactions, we developed a new heuristic that extends previously known ones. We found that Bitcoin addresses found on the dark web are significantly more ac- tive, they engage in transactions with 20 times the neighbors and 4 times the Bitcoin amounts when compared to random addresses.
    [Show full text]
  • Cyber Influence Campaigns in the Dark Web
    Cyber Influence Campaigns in the Dark Web Lev Topor and Pnina Shuker In recent years there has been a significant rise in the scope and intensity of information wars between the great powers and other forces in the international arena, and influence campaigns have become a legitimate tool in the hands of politicians, propagandists, and global powers. In this context, the professional literature has focused most on campaigns on social networks while it has almost ignored similar campaigns in the Dark Web where the current research tends to focus on criminal activity. The Dark Web was developed by the American Navy for intelligence purposes and was then promoted by the West as a public tool to protect privacy and anonymity. Today it provides fertile ground for deliberate leaks by countries that do not wish to publish certain information in the traditional media. These leaks are perceived as authentic, leading the media and other intelligence organizations to swallow the bait and investigate, and in some cases they even change their operations accordingly. The purpose of this article is to present the way in which the Dark Web is used in influence campaigns, particularly through deliberately leaking information. Keywords: Dark Web, influence campaigns, propaganda, information wars, disinformation Dr. Lev Topor is a senior strategic advisor and researcher on racism and cyber. Pnina Shuker is a Neubauer Research Fellow at the Institute of National Security Studies. Cyber, Intelligence, and Security | Volume 3 | No. 2 | October 2019 63 LEV TOPOR AND PNINA SHUKER | CYBER Influence Campaigns IN THE DARK WEB 64 Introduction In January 2019, tens of thousands of documents and emails from senior Russian government officials, leaders of the Russian Orthodox Church, and Russian oligarchs were leaked to the Dark Web.
    [Show full text]
  • Full 8Chan Leak Dump As of April-15-2015 This Is a Quick Overview of Quick Leak
    Full 8chan Leak Dump As Of April-15-2015 This is a quick overview of Quick Leak http://8ch.net/leaked/index.html Anonymous Post Makes News Headline! KILLCEN 04/15/15 (Wed) 15:09:40 No.235[Repl y][Watch Thread] LoL! Hey Anonymous! You made news coverage! http://www.cbsnews.com/news/top-law-officials-personal-information-posted-online -right-wing-group-blamed/ DHS-CIA-FBI TRAITORS HOME ADDRESSES: http://quickleak.ir/xiUw8SIv Infowars also covers dox KILLCEN 04/15/15 (Wed) 15:19:3 2 No.236 Holly Molly! Infowars posts report about this too! (I'd l ay low if I were you, for a while) http://www.infowars.com/leaking-of-government-officials-ad dresses-accompanied-by-note-warning-of-fema-crackdown-by-nwo-satanists/ PREPARATION FOR MARTIAL LAW DOWNLOAD LINKS Anonymous 04/15/15 (Wed) 14:51:11 No .234[Reply][Watch Thread] CONCENTRATION CAMPS FOR AMERICANS FREE PDF DOWNLOAD Concentration Camps for Americans How would you like to enter one the over 600 American concentration camps acros s the USA? The barbed wired, shackle embedded camps have been built and are awaiti ng to enslave huge numbers of the population. Should a fitting event take place, current laws allow FEMA to legally incarcerate civilians into these camps. The Federal Government admits plans to detain millions of people Rex 84, short for Readiness Exercise 1984, was a plan by the United States fede ral government to test their ability to detain large numbers of American citizens in case of massive civil unrest or national emergency.
    [Show full text]
  • Says a Friend of Benthall's
    54 I At 3:15 P.M. on October 1, 2013, Ross Ulbricht’s career as a drug kingpin came to an end in the science- fiction section of San Francisco’s Glen Park Library. The 29-year- old had walked up the steps just inside the modern stone building, passed the librarian working at the circula- tion desk and taken a seat at a far corner table near a window. It was a sunny day, but the small community library was filled with people. Ulbricht, with his easy smile and thick mop of brown hair, was dressed in blue jeans web of lies_ AN UNDERGROUND, ANONYMOUS INTERNET— THE DEEP WEB—IS THE LAST LAWLESS FRONTIER ON EARTH. BUT NOTHING COULD SAVE ITS KINGPINS FROM THE PAINFUL CONSEQUENCES OF HUMAN ERROR BY JOSHUA HUNT and a T-shirt. The hand- ful of people reading and wandering among rows of novels nearby weren’t dressed much differently, but beneath their shirts and jackets they wore vests that identified them as FBI agents. Until the moment they rushed Ulbricht, pushing him up against a window to handcuff him as other agents seized his laptop before he could lock it down, nobody suspected anything out of place. The cuffs went on and a small crowd gathered, but Ulbricht just looked out at the afternoon sun. Ulbricht was an educated person, with a master’s degree in 55 materials science and engi- neering from Penn State. He was a good son from a good Texas family, an un- likely addition to the list of men who had changed the shape and scale of drug distribution in Amer- ica.
    [Show full text]
  • Technical and Legal Overview of the Tor Anonymity Network
    Emin Çalışkan, Tomáš Minárik, Anna-Maria Osula Technical and Legal Overview of the Tor Anonymity Network Tallinn 2015 This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non- profit and non-commercial purpose, provided that copies bear a full citation. www.ccdcoe.org [email protected] 1 Technical and Legal Overview of the Tor Anonymity Network 1. Introduction .................................................................................................................................... 3 2. Tor and Internet Filtering Circumvention ....................................................................................... 4 2.1. Technical Methods .................................................................................................................. 4 2.1.1. Proxy ................................................................................................................................ 4 2.1.2. Tunnelling/Virtual Private Networks ............................................................................... 5
    [Show full text]
  • Troll Hunting
    For my father, Brian, who taught me to love wor ds. Hell is empty, and all the devils are here. William Shakespeare, The Tempest, Act 1, Scene 2 THIS IS A work of nonfiction, researched and documented to the best of my ability. There were significant security risks in writing this book. I sought expert advice and wrote according to it. Therefore, some of the trolling syndicates mentioned within these pages have been given pseudonyms or go unnamed. Likewise, some of the trolls themselves are discussed only with a pseudonym. A few of the trolls who spoke to me behind the scenes are not named at all and others are composites or have been segmented. Some readers may be critical of the decision to provide anonymity for people who are hurting others so much. However, sometimes access to information comes at a cost – and, all things being equal, the trolls gave me great access. By the same token, some predator-troll victims are in physical danger. This is especially true where domestic violence is involved. In those cases, names and other identifying details may have been altered but the facts of the stories are unchanged. I have worked hard to quote all interviewees verbatim, but for the sake of readability have corrected some spelling errors and syntax. When I’m messaging with trolls in the United States, I use Australian spelling and they use American spelling. For authenticity, I’ve left this as is. This is a book about the internet and how it bleeds into real life. When quoting links and screenshots, I’ve aimed for accuracy.
    [Show full text]
  • Quase 700 Sites Onion, a MAIORIA ESTÁ ONLINE
    Quase 700 sites onion, A MAIORIA ESTÁ ONLINE (ALGUNS NÃO SÃO 24HRS ONLINE) APROVEITE, TENHA CAUTELA A VISITAR SITES SEM LEGENDA, NÃO SABEMOS O QUE É OU O QUE V AI ENCONTRAR EU NÃO TESTEI TODOS OS SITES, OBVIAMENTE. http://2222243pi3jvhgnt.onion/ The Nowhere Server (restored from FH) http://222224h72gngmbr4.onion/ The Nowhere Server (restored from FH) http://2222266ahj25j5j2.onion/ The Nowhere Server (restored from FH) http://2223t4sermipwasm.onion/ The Nowhere Server (restored from FH) http://23tjl3xpt5btiqms.onion/ W38M411 - Login http://25ffhnaechrbzwf3.onion/ NL Growers - Coffee Shop grade Cannabis from the Netherlands - Weed, Hash, Marijuana, Cannabis for Bitcoins http://2atptz66l5aepcbj.onion/ Hacktivisme libre http://2bicbge75gy5xjso.onion/ Sam's Drug Store http://2cmg43zpfbelgwlw.onion/ http://2fqgjzbb2h7yevom.onion/ http://2gxxzwnj52jutais.onion/ The Nowhere Server (restored from FH) http://2jv5r7k66ralyk3g.onion/ http://2kcreatydoneqybu.onion/ Einloggen http://2kka4f23pcxgqkpv.onion/ Euro Guns - Number one guns dealer in onionland - Buy guns and ammo for Bitcoin. http://2ogmrlfzdthnwkez.onion/ Rent-A-Hacker - Hire a hacker for every job you c an imagine, from DDOS to completely ruining people or destroy reputation of a co mpany or individual http://2oztyiaxrr3vijwe.onion/ Index of / http://2pdkdy3eo552mpiz.onion/ http://2q4ryi45p6har5w2.onion/ I2P Downloads from kytv http://2qhtfzoxe24d5gxe.onion/ System Setup Required http://2qtnwm3zdbn52nxt.onion/ Hidden Service #6 http://2r2tz6wzqh7gaji7.onion/ KAVKAZ CENTER http://2xtsq3ekkxjpfm4l.onion/
    [Show full text]
  • Administration's Replies to Members Initial Written Questions
    Index Page Replies to initial written questions raised by Finance Committee Members in examining the Estimates of Expenditure 2021-22 Director of Bureau : Secretary for Constitutional and Mainland Affairs Session No. : 3 Consolidated e-file name : CMAB-1-e1.docx Reply Serial Question Name of Member Head Programme No. Serial No. CMAB001 0003 CHENG Chung-tai 144 (1) Director of Bureau’s Office CMAB002 0759 CHENG Chung-tai 144 (5) Subvention: Equal Opportunities Commission and Office of the Privacy Commissioner for Personal Data CMAB003 0760 CHENG Chung-tai 144 (3) Mainland and Taiwan Offices CMAB004 2844 CHENG Chung-tai 144 (5) Subvention: Equal Opportunities Commission and Office of the Privacy Commissioner for Personal Data CMAB005 2859 CHENG Chung-tai 144 (1) Director of Bureau’s Office CMAB006 2227 CHEUNG 144 (2) Constitutional and Kwok-kwan Mainland Affairs CMAB007 1624 CHEUNG 144 (2) Constitutional and Wah-fung, Mainland Affairs Christopher CMAB008 1695 CHEUNG 144 (2) Constitutional and Wah-fung, Mainland Affairs Christopher CMAB009 1696 CHEUNG 144 (2) Constitutional and Wah-fung, Mainland Affairs Christopher CMAB010 1714 CHEUNG 144 (2) Constitutional and Wah-fung, Mainland Affairs Christopher CMAB011 1715 CHEUNG 144 (3) Mainland and Taiwan Wah-fung, Offices Christopher CMAB012 1716 CHEUNG 144 (2) Constitutional and Wah-fung, Mainland Affairs Christopher CMAB013 1313 CHIANG Lai-wan 144 (2) Constitutional and Mainland Affairs CMAB014 1112 CHUNG Kwok-pan 144 (3) Mainland and Taiwan Offices CMAB015 1115 CHUNG Kwok-pan 144 (3) Mainland
    [Show full text]
  • A Study of Doxing, Its Security Implications and Mitigation Strategies for Organizations
    A Study of Doxing, its Security Implications and Mitigation Strategies for Organizations Roney Simon Mathews Shaun Aghili, Dale Lindskog Information Systems Security Information Systems Security Concordia University College of Alberta Concordia University College of Alberta Edmonton, AB, Canada Edmonton, AB, Canada [email protected] {shaun.aghili, dale.lindskog}@concordia.ab.ca Abstract—This research paper focuses on the impact of collection, publishing and use of personally identifiable intentional and unintentional exposure or leakage of sensitive information (PII) [2] by doxers, cause privacy implications. personal data elements that- when aggregated and used or Addressing these risks and mitigating them is challenging to disclosed in an unauthorized manner- could impact the both individuals and organizations. As such the focus of this employees of an organization. Doxing usually escalates to paper is on incorporating dox mitigation strategies, within an hacking, espionage and harassment. Such impacts could damage enterprise’s risk management framework. the reputation or competitive advantage of the organization; especially if the targeted employee is a senior management Personal information discussed in this paper refers to the executive. Threat agents use doxing to collect data undetected, exclusive containment of pieces of data (identifier, quasi- from targeted victims. Doxing is a mode of Open Source identifier or sensitive) that an individual may share on the Intelligence (OSINT), aimed at launching sophisticated attacks internet with a restricted group of people. These may be shared on individuals or employees of an organization, through the on blogs, social networking websites, surveys, and websites collection of personal information over time; as such, doxing is that require collection of user information for creating a considered an Advanced Persistent Threat (APT).
    [Show full text]
  • The Effectiveness of the TOR Anonymity Network by David
    The Effectiveness of the Tor Anonymity Network David Gingerich 68-590-K 11/30/2014 Abstract Recent reports of government agencies monitoring their own citizens’ internet activity has led to an increasing demand for anonymity on internet. The purpose of this project is to present the research and findings that relate to the reliability of the web anonymity network Tor. Tor works by relaying public internet traffic to a predetermined set of nodes that hide the original sender and receiver’s information from an individual's internet traffic as it travels over the internet. Each Tor node only knows which node the packet came from and where the packet is going. The project explains the core technologies that make Tor work as well as the various attacks that Tor is designed to circumvent. Tor’s roots as an anonymity project designed by the US Naval Laboratory intended to protect the identities of government employees working out of hostile territories, to its current status as a non-profit organization is detailed. The reader will be guided through an explanation of how Tor works, as well as how Tor’s hidden services allow for a website’s physical location to be hidden. The reader is also guided through various examples of when the Tor network’s integrity was faulted, as Tor is a common target of various US government agencies such as the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI). Over the last several years many Tor users’ identities have been exposed due to various factors that were of their own makings.
    [Show full text]