SMT 2-4 Plaintext Communication Vulnerability
Summary
TLDRThis script delves into the importance of secure communication in networks, highlighting the risks of plain text transmission. It introduces the CIA Triad—confidentiality, integrity, and availability—as key principles for information security. The script uses scenarios to illustrate how encryption protects data from unauthorized access and tampering, emphasizing the need for secure practices like using SSH over Telnet and HTTPS over HTTP to safeguard personal and payment information from cyber threats.
Takeaways
- 🔒 The importance of avoiding plain text communication in networks due to the risk of data exposure to unauthorized third parties.
- 📈 The evolution of networks from simple information exchange to complex systems handling sensitive personal and payment information, necessitating enhanced security measures.
- 👀 The visibility of network packets during transmission, making them susceptible to interception and misuse by attackers.
- 🛡️ The CIA Triad (Confidentiality, Integrity, Availability) as a framework for understanding and implementing information security.
- 🔑 Confidentiality is about restricting access to information to only those with proper authorization, ensuring data is not exposed during transmission.
- 🔄 Integrity ensures that data remains unaltered and reliable throughout its transmission, crucial for maintaining trust in data and systems.
- 🚫 Availability highlights the necessity of ensuring that services are accessible when needed, without interruptions or denial-of-service attacks.
- 🔒🔓 Encryption is a fundamental method to protect data confidentiality and integrity, but it must be properly implemented to ensure availability.
- 🔑🔄 Key exchange methods, like Diffie-Hellman, are essential for secure communication, allowing parties to exchange encrypted messages without exposing keys to eavesdroppers.
- 🕵️♂️ Demonstrating the vulnerability of plain text protocols like TELNET and HTTP through packet sniffing, and the security provided by encrypted protocols like SSH and HTTPS.
- 🔒 The use of HTTPS in web services to encrypt data transmission, protecting user information from being easily intercepted and ensuring a secure browsing experience.
Q & A
Why should we avoid plain text communication in networks?
-We should avoid plain text communication because it exposes data to unauthorized third parties, making it vulnerable to eavesdropping and data breaches, especially as networks now carry sensitive personal and payment information.
What is the significance of the CIA Triad in information security?
-The CIA Triad represents the three core aspects of information security: Confidentiality, Integrity, and Availability. It provides a framework for understanding and ensuring that data is protected from unauthorized access, remains accurate and reliable, and is accessible when needed.
How does the concept of confidentiality relate to data protection?
-Confidentiality ensures that data is protected from exposure to unauthorized individuals. It involves measures to prevent unauthorized access to sensitive information, such as through encryption or access controls.
What is integrity in the context of information security?
-Integrity in information security refers to the assurance that data is accurate, consistent, and has not been modified, tampered with, or altered in an unauthorized manner during transmission or storage.
Why is availability important for network services?
-Availability ensures that authorized users have access to information and services when they need them. It is crucial for services to be reliable and operational to prevent downtime and ensure continuous service delivery.
How can encryption help maintain the integrity of data?
-Encryption can help maintain data integrity by preventing unauthorized modification of data during transmission. It ensures that the data remains intact and can be verified as accurate and unaltered by the recipient.
What is the purpose of the Diffie-Hellman key exchange method mentioned in the script?
-The Diffie-Hellman key exchange method is used to securely exchange cryptographic keys over a public channel without having to transmit the keys themselves, thus enabling secure communication between parties.
How does the script illustrate the difference between plain text and encrypted communication?
-The script uses examples of eavesdropping on plain text communication (e.g., telnet) where data can be easily read and intercepted, versus encrypted communication (e.g., SSH) where data is protected and not visible to unauthorized parties.
What is the risk of using plain HTTP protocol for transmitting sensitive data like passwords?
-Using plain HTTP protocol exposes sensitive data like passwords in plain text, making it easily accessible to attackers who can intercept the data during transmission, leading to potential data breaches.
How does HTTPS improve the security of web services?
-HTTPS encrypts the communication between a user and a web service, making it difficult for third parties to read or modify the data being exchanged, thus enhancing the confidentiality and integrity of the transmitted information.
What does the lock icon in the browser's address bar signify?
-The lock icon in the browser's address bar indicates that the website is using HTTPS, meaning that the communication between the user and the website is encrypted and secure, providing a visual assurance of the site's security.
Outlines
🔒 Importance of Network Security and the CIA Triad
The first paragraph introduces the necessity of understanding cyber threats and emphasizes the importance of practicing in a secure environment without breaching networks. It discusses the evolution of network usage from simple information exchange to a complex system involving personal data. The paragraph highlights the significance of protecting data in transit, introducing the CIA Triad (Confidentiality, Integrity, and Availability) as fundamental concepts in information security. Confidentiality is about preventing unauthorized access to data, integrity ensures data remains unaltered, and availability guarantees access to services when needed. The CIA Triad is crucial for evaluating the security level of a network.
🛡️ Protecting Data Integrity and Availability in Cyberspace
The second paragraph delves deeper into the concepts of data integrity and availability. It explains how maintaining data integrity is vital to prevent unauthorized modifications that could lead to severe consequences, such as incorrect orders or altered financial transactions. The paragraph also addresses the importance of availability, illustrating how service disruptions or slow response times can compromise it. It discusses encryption as a method to safeguard both integrity and availability, using the analogy of a padlock to explain secure data exchange between parties. The paragraph concludes with a thought experiment on safely exchanging messages, hinting at cryptographic methods like the Diffie-Hellman key exchange.
🌐 The Risks of Plaintext Communication and the Benefits of Encryption
The third paragraph demonstrates the dangers of plaintext communication through practical examples, such as using Telnet and HTTP protocols, which expose sensitive information like login credentials and passwords. It contrasts plaintext communication with encrypted protocols like SSH and HTTPS, which protect data from being intercepted or altered by unauthorized parties. The paragraph illustrates the difference between secure and insecure communication by showing the encrypted nature of SSH packets and the readable data in HTTP packets. It concludes by highlighting the importance of the lock icon in web browsers, which indicates a secure HTTPS connection, thus promoting the use of encrypted protocols to safeguard personal and financial information.
Mindmap
Keywords
💡Cyber threats
💡Plain Text Communication
💡Confidentiality
💡Integrity
💡Availability
💡Encryption
💡Key Exchange
💡Eavesdropping
💡HTTPS
💡SSH
💡Telnet
Highlights
The importance of not breaching network environments without approval and practicing in personal environments first.
The vulnerability of plain text communication and the risks associated with transmitting sensitive data.
The evolution from simple information exchange to internet-based services requiring login processes and personal information transmission.
The necessity of protecting data in transit due to its visibility to potential attackers.
Introduction of the CIA Triad (Confidentiality, Integrity, Availability) as fundamental concepts in information protection.
The definition and importance of confidentiality in protecting data from unauthorized exposure.
Methods to ensure confidentiality, such as restricting access to key information only to authorized individuals.
The concept of integrity and its significance in maintaining the accuracy and reliability of data.
Examples illustrating the consequences of integrity breaches, such as incorrect orders or altered bank information.
Techniques to maintain data integrity, including the use of hash algorithms and encryption.
The concept of availability and its role in ensuring timely access to services and data.
The impact of availability breaches, such as service downtime or slow response times, on user experience.
The role of encryption in maintaining confidentiality and integrity, with a hypothetical scenario involving Alice, Bob, and Eve.
The importance of key exchange methods, such as the Diffie-Hellman method, for secure communication.
A practical demonstration of the risks of plain text communication using telnet and the benefits of encrypted SSH.
The comparison between HTTP and HTTPS protocols, emphasizing the encryption and security provided by HTTPS.
The significance of the lock icon in web browsers as an indicator of a secure and encrypted connection.
Transcripts
hello traines in this class I would like
to introduce various cyber threats that
can occur on the network one thing to
keep in mind is that it's good to follow
the practice during a class but never
breach any of the network environments
without approval if you want to practice
you have to build and test in your own
environment first let's look at the
vulnerability of plain Tex communication
if you think about how we normally talk
we don't talk in encrypted language but
why should we avoid plain text
Communication in networks first of all
the data sent and received on the
network has become more important than
in the past in the past networks were
used to Simply exchange information but
the number of users increased as
multiple networks were connected to form
an internet Network as the internet
became active we started to provide
services based on Authority which
required a login process currently not
only our login information but also much
personal information such as our name
address phone number and payment
information are transmitted and received
using the network that's why we want to
ensure the safety of the
data in the network data is transferred
toward the desired destination within
its own rules still should we protect
our data the answer is yes packets in
the network are transmitted from the
sender to the receiver but during the
transmission process the packets are
still visible to other people too there
are many reasons why attackers want to
access the packets such as to obtain
personal information in the data or to
use malware to produce the desired
result also they may just simply want to
prevent the target user from accessing
the normal internet condition therefore
you need to protect your data from these
attacks there is a concept called the C
A Triad that often appears when
explaining information protection the
CIA stands for confidentiality integrity
and availability the CIA Triad can be
applied to the field of security to
interpret and solve problems if these
three characteristics are well met the
network will be evaluated as highly
secure let's start with
confidentiality confidentiality refers
to the protection of data from exposure
to unauthorized third parties for
example if you write down all your
personal information to sign up for a
web service and some unreliable person
manages to read this data in the middle
of transmission to the web service it's
an attack that compromises
confidentiality from a network
perspective confidentiality breaches can
occur in the form of someone
eavesdropping on transmitting and
receiving data so how do we protect
confidentiality the key to
confidentiality is to prevent access to
key information by people who do not
have the right Authority hence only
people who have authority over the
information should have access to it
from a network perspective only the
sender and the receiver will have the
right to that data in the communication
process by allowing only two people to
view this data you can keep it
confidential so how do we make sure that
only these two people are able to see
the data in the process of transmitting
and receiving data this data goes
through a lot of networks and a lot of
equipment it is extremely dangerous to
trust all those Network equipment
because it means that there are a lot of
vectors that can access your data
anytime anywhere so we have to do
something about the data itself such as
encryption integrity means that when the
data arrives at the destination the data
initially sent by the sender arrives
intact without modification Integrity is
maintained when the data is accurate and
reliable for example during the war any
reports that are sent to the commanders
should not be modified or tampered with
under any situation inaccurate
information could affect their tactics
and in the worst case it could lead to
their loss in the war from a CEOs point
of view let's say you order 10 products
but the content is altered and you end
up ordering a th000 products then the
system used for the order will be
unreliable in other cases if some
hackers are targeting a certain company
for the purpose of damaging their
reputation they would exploit the
company's system vulnerabilities and
hack their system they could steal their
data for blackmail or to to give it to
the company's
competitors to give another example I
would like to initiate a wire transfer
to send money to my parents but if the
bank information is changed to a
hacker's account my parents will not be
able to receive it in fact Integrity
breaches can occur in a variety of ways
you can attack the service to modify the
contents of the database or you can
sneak between the two devices that are
communicating on the network and alter
the data however malicious cases are not
the only ones that cause the Integrity
breach in some cases data may also be
lost or altered unintentionally due to
network conditions therefore we have to
make sure that we transfer the data to a
Flawless Network various methods can be
used to maintain Integrity you can use
the hash algorithm to verify whether the
Integrity has been compromised
encryption can also often be a way to
maintain
Integrity next is availability even if
the confidentiality and integrity of the
data are maintained it will be useless
if communication is not made
availability means that the right person
must be able to access the service at
the right time of need for example if
there is a rubber in your house you
should call the police station but what
happens if the police station doesn't
answer the phone call because they are
having a day off the police will never
come to help you right from a web
service perspective users should be able
to access the web pages any time
anywhere in in addition if the service
is too slow to use or becomes
unavailable availability will not be
guaranteed
too from an attacker's point of view you
can understand availability in two ways
firstly maliciously exploiting a service
that would result in an attack that
compromises its availability think of a
situation where you sneak into the
network and Eaves drop or alter the data
secondly to prevent users from knowing
that they are being attacked they need
to maintain avail a ability by
forwarding packets that are received in
the middle interestingly they need to
maintain availability for successful
attacks while also avoiding
detection one way to maintain
confidentiality and integrity is
encryption so is encryption safe this is
case one Alice and Bob are going to
exchange letters Eve who delivers the
letter in the middle is a malicious
person who reads the letter in the
process of delivering it Alice just sent
Bob a letter but Eve can also read the
letter very easily you can think of the
above communication as the normal plain
text communication process if a
malicious user comes in the middle he
can see the data we need to protect the
data from being read in the
middle this is case two this time Alice
applied encryption to the letter so that
no one can read it because it is an
encrypted letter Eve can no longer check
the message Alice has successfully
protected the confidentiality and
integrity of the letter is this correct
however the Letter's availability is not
protected Alice and Bob are the senders
and receivers of the letter so they are
the ones who should have access to see
and read the
letter however Bob will not be able to
view the letter because the key used for
encryption is not shared with Bob as a
result Alice's communication objectives
have not been achieved so both Alice's
and Bob's availability have not been
protected for this we need to create a
safe data method that only Bob and Alice
can
see how can Alice and Bob send and
receive messages safely think about it
Alice wants to send Bob a very precious
box as expected Eve is in the middle of
the process pretending to be a delivery
man but in fact he's going to open this
precious box this box is designed to be
locked with a padlock how can Alice and
Bob safely receive the contents of this
precious box without showing it to Eve
there can be more than one correct
answer if Alice and Bob can successfully
open the box safely so that Eve can't
see it then it's all correct I will tell
you the answer after 10 seconds pause
the recording and take a moment to think
about
it so how can Alice and Bob send and
receive messages safely if they both use
the logs they can safely exchange
messages without exchanging the keys
first Alice locks the padlock and sends
it to Bob the box is logged with Alice's
key and Bob can't check the contents
inside this time Bob also locks the
padlock and sends it again to Alice now
that Alice's padlock and Bob's padlock
are both hung Alice can't check the
contents either Alice unlocks her
padlock and sends it back to Bob then
Bob receives the box with only his own
padlock when he unlocks the padlock he
is now able to see what's inside the
box also in the process Eve is always
watching the box with the padlog but she
can never open it just applying
encryption like this doesn't mean it's
safe and it is important that you know
how it works in fact the Diffy Helman
key exchange method is the basis for
exchanging the required keys in
communication this part is about
cryptography not the network so if
you're interested in this it would be to
find out more in the related
chapter now you all know that plain text
communication is dangerous this time I
tried to EES drop on my computer so that
I could show you what the data looks
like when actually communicating as you
can see in the image here I'm trying to
access a remote computer the program I
use to connect with is a program called
telnet which helps me communicate using
the Tet protocol so what does it look
like if i e drop on the login process in
fact the image below is the result of a
wi tapping attempt as I will mention
later this program is called wies Shock
the image here captures the moment you
log into the server using a protocol
called tet on the network for your
information blue colored letters are the
incoming data and red colored ones are
the outgoing
data I received the text colly login in
the image here and the user entered the
ID collie in the packet below you can
see the Blu string collie login and you
can see that there is a string that
looks like collie overlapping in Reds
and blues can you guess why the string
collie seems to overlap the reason why
col is overlapped is that every time the
user Types on the keyboard letters are
printed on the screen so the input data
is received as it is after the input if
you look at the image again you can see
that the password string was printed and
it was entered by the user but it was
not printed on the screen for security
reasons however if you look at the
packet below you can see the data that
you actually entered because all of this
was plain text communication you can see
the data very easily therefore it is
recommended that you log into the server
using a cryptographic communication
based protocol such as SSH rather than a
plain text communication
teling I also Bugg the SSH communication
process the left side is the attempt to
log into SSH and the right side is the
Captured Moment of the action with wire
shock the image on the left gives a
rough idea of what data was exchanged in
sssh
communication however as shown on the
right SSH cannot find the sent anded
string because the packet is encrypted
in this case the attacker cannot view or
modify the data so it appears to
communicate
securely now let's try one of the most
popular protocols the HTTP protocol on
the left is a web server with HTTP
communication
the user will enter the password in the
input box you may think it's safe
because the password is covered however
if you look at the captured image of the
packet attempting to log in you can see
the password that you entered financial
services are often handled on the web as
the number of Internet users is
constantly increasing for the last few
years if my personal information is
easily accessible by a third party like
this my data is not protected and will
be easily breached you need to encrypt
your data to protect it when using the
https protocol it encrypts any
Communications involved when using the
web
service the image here captures the
moment you log into the web service
using the https protocol on the network
I don't see any readable data as if I
bugged SSH packets compared to
traditional HTTP Communications it is
not possible to determine what data is
sent and received when viewed by a third
party in this way web services can also
improve confidentiality and integrity
because strong encryption makes it
difficult to expose personal information
and alter key data when you communicate
with https the lock icon is activated in
the address window of the browser as
shown in the bottom right corner so if
you want to make sure that your current
homepage status is secured and encrypted
remember this icon
5.0 / 5 (0 votes)