Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

21 11-2013 anonymous-browsing_protection_or_revealing_privacy

2,572 views

Published on

In an exceedingly digitally connected world, one small mistake or a click event can trigger an influx of sophisticated attacks in enterprise networks, leaving businesses wide open to evolving threats and cyber security risks. Researchers, analysts, bloggers, journalists all have offered varying theories and analysis into this growing menace of malware and botnet mayhem, suspecting anonymous browsing service as the root cause. Through this webinar Cyberoam shares useful insights into adopting future-ready security measures and guidelines to lay in-depth defense against such security risks

Published in: Technology
  • Be the first to like this

21 11-2013 anonymous-browsing_protection_or_revealing_privacy

  1. 1. www.cyberoam.com Protecting or Revealing Privacy Our Products © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. Network Security Appliances - UTM, NGFW (Hardware & Virtual) Presenter: Cyberoam Modem Router Integrated Security appliance © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  2. 2. Webinar agenda  Anonymous Browsing - What, Why & How  Understanding Anonymity tools  Risks of Anonymity  Traditional Practice to protect against Anonymity  Cyberoam protecting privacy © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  3. 3. Anonymous web browsing What is Anonymous web browsing? Browsing theWorld Wide Web while hiding the user's IP address and any other personally identifiable information from the websites that one is visiting © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  4. 4. Anonymous web browsing Why do you need Anonymity?  The way Internet censorship is clamping down, it is vital to remain anonymous some times  To hide one’s identity while surfing unproductive websites  To circumvent any organizational or country specific web access restrictions  Online shopping also is being recorded, both by retailer and your email provider (details of order receipts) © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  5. 5. Anonymous web browsing – Approaches to Anonymity Web based proxies – Works with a web browser and server side software Secure/SSL proxies – Uses HTTPS connections to create a secure tunnel where content are encrypted. Proxy networks – Uses layered encryption and peer-to-peer networking, for e.g. TOR – known as “onion routing” Software applications – Client side application software to automatically configure browser’s proxy settings, e.g. Ultrasurf, Freegate etc. VTunnel.com HideMyAss.com Freegate XRoxy.com Proxy.org Anonymouse.org The-Cloak.com Proxify.com EvadeFilters.com Vpn One Click Tunnelier Gpass UnBlockAll.net UltraSurf Spotflux GTunnel ProxyBoxOnline.com Hotspot Shield Hyk-proxy Tor Browser GappProxy © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  6. 6. Web Based Proxy © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  7. 7. Incognito browsers Incognito Browsing Google Chrome InPrivate Browsing Internet Explorer Private Browsing Firefox Mozilla © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  8. 8. Proxy Networks Hiding Identity using VPN Does it really hide your identity? Anonymous proxy servers just hide IP address…. Monitoring of Logs and Cookies can reveal your identity! © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  9. 9. Proxy Applications Wi-Free client www.facebook.com Administrator has blocked access to Facebook. User will install proxy application like Wi-Free to circumvent corporate policies Proxy & Protocol based detection Wi-Free Tunnel server// Wi-Free application masks facebook traffic as general HTTP traffic that is allowed by Firewall and Proxy & protocol detection tools User successfully bypasses corporate policies and accesses www.facebook.com © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  10. 10. Why users are using such tools? I browse what I want to I get it easily It’s FREE!! Are you sure you are not paying any cost for it? Let us understand their business model © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  11. 11. What do they invest? Infrastructure costs Skilled developers Advertisements and branding Administration and Maintenance costs They are not non-profit or community organizations. They are running business… What do they need to run business? © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  12. 12. How do they get money to run business? Advertisements on their software Monitoring of user surfing pattern You don’t pay Money…. You pay much more There are risks associated with you hiding your identity © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  13. 13. Dramatic Increase in Tor Activity Tor users were vulnerable to the Firefox 17 ESR vulnerability, which allows an attacker to perform arbitrary code execution Silk Road, an illegal drug market operating on the Tor network, was shut down in October A spike in the number connections starting near the middle of August and continuing through September can clearly be seen Increase in traffic during August and September can likely be attributed to a new variant of the Mevade malware family. © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  14. 14. Top Used Anonymizer Applications Applciation Category Region Application Name % of Organizations Anonymizer Americas Tor 24% CGI-Proxy 16% Hamachi 8% Hopster 8% Ultrasurf 7% EMEA Tor 23% CGI-Proxy 12% Hamachi 4% Hopster 7% Hide my Ass 7% APAC Tor 20% Hopster 6% CGI-Proxy 6% Hamachi 6% Hide My Ass 7% © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  15. 15. Risks of Anonymity © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  16. 16. Advertisements Traffic monitoring and analysis Pay per install mechanism  Can lead to - Malware entry through malicious websites - Targeted attacks through phishing  Collected huge data for user network activities, surfing behavior  User data transferred in clear text format – easy to sniff  Sell data to hackers in grey market  Targeted attacks through phishing Let us understand how this business model works © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  17. 17. Typical exploitation method for anonymity desired users Snap of a web-based proxy where ad is displayed. User clicks on the ad Malicious program hosted on website Proxy servers can easily monitor your network activities Attacker identifies the user’s browser and exploits the vulnerability of browser or browser plug-in On successful exploit, a malicious software is copied to user’s computer User’s computer gets infected and sends user’s network activities to the command & control center 1 2 3 Attacker can use this user information to plan a targeted attack or can simply sell it to other hacker/attacker © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  18. 18. Risks of Anonymity  Legal risk – Schools must comply with CIPA from offensive internet content  Cyberbullying – helps to cover the tracks so that the user can taunt other employees and department heads with impunity  Phishing and password theft – sharing of password or critical information over the proxy servers which act as middle one leads to a breach  GeoLocation – using such servers can allow its operators to figure out the general physical location, identify details of their device and also install advertising cookies to track ones movements © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  19. 19. What harm can it bring to me or my company? Top 7 countries targeted by Flame Source: securelist.com Anonymity leading to attacks © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  20. 20. Mechanisms used to block Anonymous browsing Transparent proxy Firewall Challenges involved in protecting against anonymity tools… Anonymity tools are built to evade such security mechanisms Anonymity tools are frequently updated – Security mechanisms take time to release patch © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  21. 21. Mechanisms failing to protect against risks of anonymity Wi-Free client www.facebook.com Administrator has blocked access to Facebook. User will install proxy application like Wi-Free to circumvent corporate policies TCP: Port 80 Identified All the user details are transferred through Tunneled server. The Wi-Free application has total If allowed user visibility of user information, will be credentials, surfing behavior, etc. successful to bypass Firewall Proxy & Protocol based detection Wi-Free Tunnel server// HTTP protocol identified If allowed user will be successful to bypass Proxy and protocol detection User is successfully tunneled to Wi-Free application server and able to surf www.facebook.com © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  22. 22. Ineffective ways to block Anonymity Vendor Do not consider anonymity risks as Organizational risk Frequently releasing applications – Updated database – with longer time duration – longer response time to patch the newly released proxy applications © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  23. 23. Cyberoam protecting privacy © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  24. 24. Cyberoam approach towards risks of anonymity Consider Anonymity risks as Organizational Threat Dedicated resources for Application research and identify new vulnerabilities Identify emerging threats and zero-day vulnerabilities Post vulnerabilities to global bodies Release signatures Cyberoam Threat Research Labs (CTRL) © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  25. 25. Cyberoam approach towards risks of anonymity Cyberoam Security Center • Malware analysis • Signature updates Cyberoam Security Center Antivirus Signatures Web Categories IPS Signatures Auto-updated security intelligence Dynamic threat monitoring and response © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  26. 26. Cyberoam protecting privacy User (Layer-8) Deep Packet Inspection & Application Filtering Protocol detection Proxy Firewall PORT IP & MAC User Mark is using Wi-Free application that is tunneling http traffic through port 80 Identifies Application Identifies Protocol Identifies Port Wi-Free application Identified that tunnels http traffic HTTP protocol Port 80 X X √ √ Cyberoam Network Security Appliance © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  27. 27. Cyberoam’s advance application detection model Packet-based scanning  Inspects single packet to identify application  Fails to create correlation among multiple packets to identify application Flow-based scanning  Inspects multiple packets to identify application  Inspects as aggregated information in the form of flow  Flows provide information and patterns about network connection Combination of both Rules and Behavior based inspection eliminates chances of any security escape © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  28. 28. Application Visibility & Control © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  29. 29. Application Visibility & Control Industry leading coverage for Visibility & Control over 2000+ key applications  Support for Business & Collaboration applications  Dedicated research team to continuously update Application signature database © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  30. 30. Comprehensive database of anonymity applications Control over combination of Bandwidth Time User or User Group Application or Application Category © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  31. 31. Proactive protection model Eliminates the need for manual intervention by administrators to update policies for new applications or applications versions added to the list Select P2P Applications Set Action Block all future P2P applications without adding applications manually © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  32. 32. Protection against Phishing and Fraudulent websites © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  33. 33. Experience Cyberoam Link: http://demo.cyberoam.com Credentials: guest /guest Get a 30 day FREE Evaluation of Cyberoam Virtual appliance © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com
  34. 34. Thank you © Copyright 2013 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com

×