Tuesday, February 2, 2010

Defense MailBox

Internet mail, or, as they say, "soap", no longer a rare phenomenon in the network spaces. Such servers are known as mail.ru, yandex.ru and rambler.ru, there are about 20 million registered users, and every day, this figure increases. Mail is used as an ordinary nick, and a variety of companies, organizations, companies for communication. And ever since the appearance of the first e-mail servers, and there are people who are interested in gaining access to the mailbox. The objectives for this were different: someone wanted to read the letter from his wife, who had wanted to get money for breaking in order, someone to know the names of clients competing firm, someone else something. So they began looking for a variety of vulnerabilities in security, quite successfully. It's been a long time since the detection and removal of the first vulnerabilities, but the problem of protecting your email account remains valid to this day. Too many sites - mostly on the hacker theme - consider various ways of breaking soap, but not such that would give good advice to protect the mail. That is the question I would like to highlight in this article.

First of all, to protect their soap from unauthorized hacking, you need to know the methods resorted to by an attacker while trying to gain access to the box:

1. Breaking through social engineering

Principle: Social Engineering (SI) - a very powerful tool for cracking. The method is based on psychological factors, or rather, the permanent human errors. Basically it is deceptive or misleading in its introduction. In general, the main task of social engineering - enter contact you and set you on the idea that he can be trusted. Very often, for breaking an attacker's mailbox sends the victim a letter on behalf of the Authority, which reports on an equipment change on the server and asks for a login and password - otherwise the soap will be removed. You fear that your soap is removed, naively sends its data to the attacker. And many do not even look, from whom received a letter, although this precaution is not necessary if a hacker replaced the name of the sender. Contents of the letter may be different, but in any case you are asked to login and password, and it should have been alerted.

Method of protection: Remember: never, under any pretext mail administrators, and any other servers do not require their users to send them their passwords. Therefore, would not submit their data in response to such suspicious letters.

2. Breaking with the Trojans

Principle: As you know, many Trojans steal passwords. And passwords for the mail no exception. Successfully slip Trojan horse can easily steal your login information and send them to the attacker.

Method of protection: The best measure is to counteract the mail trojan antivirus and firewall (Firewall, or firewall). The first would not have known malicious programs of this type run on your computer and carry out their evil intentions, and the second will oversee all programs with a network and catch suspicious attempts to send mail, fill the file on the FTP-server, and the like. In addition, Firewll protect the system against hacker invasions, forced downloads of malware from the network and similar stuff. In my opinion, a very good firewall can be considered Russia's development - Agnitum Outpost Firewall.

3. Breaking with fakie

Principle: Fake in English the word means cunning, deception, fraud. This method is to create a special web-pages, is absolutely similar to the login form on any mail server, and placing it on the Internet. Then you send the letter, which asked to link and, for example, to vote for any gift to. The trick is that when you click on a link you see a login form in the mailbox, make sure to enter data and press the button "Login", then the browser throws you on any page. That's all! Your login and password are now known to the attacker, and he can get access to your soap.

Method of protection: Always check the references for which you are asked to move. All fakie-pages are available, mostly on free hostings. Therefore, their URL-address always contains some extra text - eg, sayt.freehostia.com, sayt.narod.ru, sayt.ucoz.ru and the like. If you've followed a link and there you were offered to enter your login and password, make sure you compare the content of links to the login page address on your mail server. For example, for Mail.ru this site. If the link does not match - means you are trying to deceive.

4. Breaking with the mail server vulnerabilities

Principle: Many different servers on the Internet are vulnerable to hacker attacks, and mail - no exception. So, knowing any breach in security systems, such as XSS, anyone can use it to get your password.

Method of protection: from such attacks you can not protect anyone except the mail server system administrators. But there is one very good way, which is called e-mail client. This is a program that allows you to receive and send mail without having to visit web pages of soap server using SMTP and POP3. This means that the vulnerability in web-interface, you will not touch any side. In addition, you will save time because you do not have to enter your login information and waiting for loading pages and get many more and many useful functions (anti-spam filters, handy pocket-book, instant access to already received mail and others). The best, in my opinion, e-mail clients - it TheBat! and ThunderBird.

5. Breaking bruteforce

Principle: Brute force is translated from English as "brute force". This method is based on a brute force search possible password. Frequently, such a brute force run automated some program.

Method of protection: It is not necessary as a password to mention his name, home or mobile number, date of birth and so forth. Such passwords are easy to predict, which is used by hackers. The best option - password length is not less than 6.7 characters, and it must contain letters, digits and icons on the type of question mark, brackets and the like. If the password hard to remember you, then the second option would be some kind of phrase, written without any spaces or with the sign "_". It may be, for example, Shakespeare's famous phrase - "be_or_not_to_be". Such passwords are much harder to guess.

6. Security Answer

Principle: I think many know this method of password recovery, as the answer to the security question you provided when registering the mailbox. Most often these are questions like "My favorite dish" or "What is the name my dog." Learn the answer to these questions is absolutely easy - just get acquainted with the victim, if you with it yet familiar, and somehow get her favorite dish or name of a pet. Learning, an attacker is able to create a new password for the soap.

Method of protection: Do not use such banal and standard questions. It is best to specify your, and the answer should be known only to you. For example, the question "What kind of flower I have is on the table in the kitchen?" hardly anyone will answer, but you and your loved ones. Or a very good question would be the number of your passport.

7. Stealing the session (cookies)

Principle: Maybe someone of you knows what Cookies (or "cookies", as computer people say), so it is clear: it is a text file stored on the user's computer and contain proprietary information. Many web-servers store various data such as numbers and the session is in the cookie settings to ensure that the next time you visit the resource you do not have to reenter all that data. Sometimes the cookies stored password for your account, usually encrypted algorithm MD5. This must be to make the transition from one page to another we do not have to pass a hundred times authorization.

Method of protection: If you simply close your browser after visiting the address, a cookie will remain on your disk. By stealing the session file and install it at home, the hacker thereby deceive the server, since the latter would take a real cracker user of soap and give full access to the box. To avoid this, any mail server is such a button - "Exit". By clicking on it your session is closed, and the theft of cookies will be useless!

As we see, how to break the mailbox quite a lot, but it's not all. Why did not describe the rest? Because they are all based on any of the above. For example, the interception of network traffic the user can extract from there login and password. And in order to foist someone a program, you need to own social engineering. Follow all my advice, you can easily protect your mailbox from outside interference.

"Get Money for Clicks" NameDrive.com - Fastest Growing Domain Parking Company in the World.

No comments:

Post a Comment