Opensource Forensics Tools

admin — Sat, 15 May 2010 03:05:52 +0000

Had to create a presentation based on some research into open source forensic tool that could be used while acquiring data from machines.

IT Governance

Check out the presentation.

Blizzard Battle.net Authenticator

admin — Wed, 12 May 2010 14:35:58 +0000

For one of my paper that I am studying at uni, we’re meant to check out applications on our computer that we use daily and of them, we’re meant to have a look at the ones that implement a security mechanism. This got me thinking and I decided that World of Warcraft will be my application I’ll be checking out. Many players of WoW now utilise what they call the “Battle.net Authenticator” which is in fact, a two factor security device which provides an extra level of security and safety of accounts. Unfortunately this can be easily hacked through Middle-Man-Attacks. Sad, but it’s true.

Anyway, I decided, I would create a diagram representing the interaction between the Blizzard Authenticator and the login procedure. I’ve not yet (at the time of writing this 13/05/2010) decided to packet-sniff login information or not. For now I guess I will not sniff, though, if I’m bored I’ll check this out.

So going from what we know about WoW and its login requirements:

Username (email address)
Password (password)
Blizzard Authenticator Number (string)

Now that we’ve got the details, lets think about the data encryption used.

Blizzard have come up with their own protocol called “wow” which communicates data once there is a connection established. This information can easily be captured by using applications such as wireshark.

From becoming intimate with Google (<3), it seems that World of Warcraft uses two algorithms for the encryption of data; while the username is sent in plaintext. An interesting discussion leads me to come up with the following information:

SRP6 – newest addition to a new class of strong authentication protocols that resist all the well-known passive and active attacks over the network. SRP borrows some elements from other key-exchange and identification protcols and adds some subtle modifications and refinements. The result is a protocol that preserves the strength and efficiency of the EKE family protocols while fixing some of their shortcomings. More info.
RC4 – is the most widely-used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). More Info.

So basically, wow sends 4 packets, two from the client to the server and two from the server to the client. Each message to the server is accompanied by an ACK message which would confirm the message and thus proceed to the next process or phase.

WoW in all its awesome fun, is quite a complex piece of software which incorporates a token, 2 factor even “strong” authentication to ensure player account security. For more information on this, please click here.

Legal Aspects of Information System Security

admin — Wed, 12 May 2010 13:00:19 +0000

So for our Information Security class, we were given many questions to choose to write an Essay. I decided to write my essay on the Legal Aspects of Information System Security.

I do apologise for any errors and mistakes found in this document.

Read/Download PDF: Legal Aspects of Information System Security

Alkaif » Uni Work

Opensource Forensics Tools

Blizzard Battle.net Authenticator

Legal Aspects of Information System Security