Microsoft Power Point - Esecurity-200810 Bur

Published on December 2016 | Categories: Documents | Downloads: 26 | Comments: 0 | Views: 217
of 34
Download PDF   Embed   Report

Comments

Content

A

Wojtek Bogusz [email protected] [email protected] [email protected] [email protected]

-www.frontlinedefenders.org/soc/200810.pdf
: Assi Kootstra www.konkret.pl

1

A A A ‘ A hackers passwords A malware ’

Encrypting A A (A A A ) A Backup A privacy Web

2

http://security.ngoinabox.org http://security.ngoinabox.org/draft

3

A

A A

‘ A

A A U

’A

.... A A A A

AU .... .... .... ....

CD/Website ”

“A
“ A A





A A

A

A Handbook ”
4

A

A



A

A



A

A

A A A A

A

5

malware A A “Tools & Guides” Anti spyware software “Tools & Guides” A

hackers

Software (CD/Website Avast Install )

(CD/Website SpyBot Install )

Anti virus, anti spyware, Windows update Internet Explorer, Outlook or Outlook Express, Microsoft Office Free and Open Source Software A (fsf.org or gnu.org) Firefox, Thunderbird, OpenOffice (“Tools & Guides” Install ) A attachments A (U A A backup A www.virusbtn.com, news.yahoo.com/fc/tech/computerviruses)
6

malware Firewall A A A A A

hackers

A

A /

( A A ( ) A A A

)

CD/Website

“Tools & Guides”

Comodo Firewall Firewall A Linux

Install Install

A – www.IPCop.org (

A ) www.Ubuntu.com

7

malware Windows

hackers

Updates Temporary files Login ( A

A password A

Install

password ) screen

screensaver

Firewall, antivirus, antispam software A A A

8

Password
Password (


passPhrase) ) ( ) passPhrase

--

A





KeePass
− −

passPhrase A ( )

passPhrase

A passPhrase

Password A CD/Website KeePass password

A
“Tools & Guides” passwords database
9

KeePass

Install

master

Password

Password A A !MarSter” U Punctuation A =+{}[]\|;:'"<>?/.,), /
− − −

U

“My naME is Not MR. ”

“Let Them Eat (U ( ) !@#$&*()/A U

A A

A

"1haD,waMwB=" <> “I had a dream, where all men were born equal” "2Bon2B?TitQ" <> "To be or not to be? That is the question" "Mf,yrU:-)2d?" <> "My friend, why are you happy today?"

10

/Disk
− −

encryption data

A

A A disk / TrueCrypt A Install disk / password

− −

“Tools & Guides” A



anti-virus, anti-spyware, firewall, updates



TrueCrypt

A

USB-memory ( ) install disk



TrueCrypt

11

A

A
A A backup A Backup A Backup A Backup A U

Backup media hard disk, DVD/ CD-RW, DVD/CD-R, DAT tape, ZIP, secure server, email, floppy disk: − - data
− − − −

- data - data A A A ( <> A ) - Truecrypt A backup A

Backup Backup

Computers, servers, mobile phones

CD/Website AlwaysSync

“Tools & Guides” Install

Cobian Backup or
12

A

A
A

A

A

A

A

A

--

browsing history, internet cache, user names, passwords, filled web form entries, cookies, recently-used files/folders, recycle bin, temporary files and documents intermediary versions, document properties, unused space on disk, swap file, slack of clusters

( A A

delete disk A A ( )A A A “Tools & Guides” CCleaner, Eraser ) DBAN (dban.sourceforge.net ). meta-data ) A

– A Install (

A A disks, diskettes, cd/dvd's, ...
13

A
A

private
A

/A A

A

IP: 217.67.142.198

14

A
http vs. https

HTTP

vs

HTTPS

Secure Sockets Layer (SSL)

15

A
http vs. https

16

A
A

17

A

A A

A client (browser)

A server
“Tools & Guides” RiseUp

www.riseup.net (CD/Website ) www.bluebottle.com www.fastmail.fm www.safe-mail.net

server A
www.vaultletsoft.com (“Tools & Guides” ) www.hushmail.com

A

A A

VaultletSuite

18

A
A - https A A

Password circumvention ( A A ) login name Spoofing A U BCC A A
19

Spam A

A A

A

A
PGP or GPG
A U A A

-- Asymmetric / Public Key Cryptography

A A A

A

+ password

20

A
A -- PGP/GPG

–A

A

– A

A

A

–A – A

21

A
A -- PGP/GPG
-----BEGIN PGP MESSAGE----Version: GnuPG v1.4.2 (MingW32) - GPGshell v3.47 hQIOA6+KqOfe9P7fEAgAqMu89itDeq92O6cxuyjXBXowW beaAHmB0m0OHHDzwE6MjX1abEddU4/0oNAQ0NUoGNq Y3BO5o6FJBvdeBOfBo+2t3QsT8F8pva3bi10qOYXo7KF7y sX7xJ+py9AMP95A62Skgy5iBgUx0zMhf2v2lZHdOLaWW3 KOZogbsdd82agNxs3bI/ik5ATRjUhItKm8IhptliDTMdYxP9P/ IjIgGkuAleyWBVxGLFHFoIqi8Ro -----END PGP MESSAGE-----

22

A
PGP or GPG:
RiseUp A ) TrueCrypt

-- Asymmetric / Public Key Cryptography

account -(100 MB)

(KeePass

password

(KeePass

password

) Portable Thunderbird A install Portable Thunderbird A GPG Thunderbird install Thunderbird Thunderbird RiseUp email account Enigmail add-on disk save Thunderbird install GPG4Win Firefox ) A A A A A A / A A A
23

-GPA + GPG A

install RiseUp account (KeePass password

A

A
A Chat Pidgin + Off-the-record chat: Pidgin – multi-protocol instant-messaging client (QQ, AIM, ICQ, MSN Messenger, Yahoo!, IRC, Jabber, Gadu-Gadu, and Zephyr) Off-the-record – Pidgin A chat A -A A CD/Website “Tools & Guides” Pidgin OTR Install plugin

24

A

Internet chat:
Skype A open source A A A

Skype A spyware, adware, remote-controlled programs, worms, computer viruses malware . Skype Username/Password A Skype username

(

)
A A

A A
)A A A A A –A

A

A
A

Passwords ( username Skype A



A

A

code
25

A A

A

A
- www.rsf.org

A A U

-A --

A A AA

A

A

OpenNet Initiative Global Internet Filtering Map - map.opennet.net A A A A A A
26

A

A

A

A

A

... DNS

... IP A

27

A

A

A Proxy Servers

http

https

28

A

A TOR

A

Your IP is ??? http://www.hostip.info/

- (“Tools & Guides” ) Firefox browser - (“Tools & Guides” ) Tor Browser

Tor

Install

29

A

A

A

212.115.146.248 [email protected]

...

user name: john.smith

...

12:25 Wednesday, June 7th - “Other Guides” ( ) www.rsf.org/rubrique.php3?id_rubrique=542 RSF Handbook for Bloggers & Cyberdissidents - “Other Guides” ( ) http://advocacy.globalvoicesonline.org/tools/guide/ Anonymous Blogging with Wordpress and Tor
30

A
( ) server https server ( ) -www.electricembers.net (USA), www.xs4all.nl (Netherlands), www.dedibox.fr (France), www.ikshosting.com (USA), www.koumbit.org (Canada) Server A A A password ( ) A open source hack A Backup website Server
31

software A

A (firewall

A

= firewall)

A

A certificate A )

(https, A

A
A A A A A

A
A

A
A U A U U A U A

A /

A

A

A

A

A A A A

A ( )

A

A Linux OS Firefox, Open Office A open source software A update

U

A

Windows OS (

)

32

A
update (

A

A
A

anti-virus, anti-spyware, firewall E account A )

A (www.ccleaner.com/download/builds/downloading-portable or clean manually) USB A A A download A A Tor browser USB A A A scan account account A A ) A USB A A

account A Riseup ( ) VaultletSoft account -A A A A A

TrueCrypt ( TrueCrypt A

download A
33

links CD: 'How-to' Booklet, Tool Guides, Other Guides: “Digital Security & Privacy for HRDs” and “Protection Manual for HRDs” http://security.NGOinaBox.org/ http://security.NGOinaBox.org/draft www.frontlinedefenders.org/digital-security www.privacyinternational.org - watchdog on surveillance and privacy invasions by governments and corporations www.rsf.org - Reporters Without Borders www.epic.org - Electronic Privacy Information Center www.thefreecountry.com/security www.riseup.net - provider of email and web www.opennetinitiative.org - research on surveillance and filtering

A

-www.frontlinedefenders.org/soc/200810.pdf
34

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close