[Owasp-cuiaba] [Owasp-natal] RES: [- Usuário Skype - Endereçamento IP exposto -]

Kembolle Amilkar kembolle em owasp.org
Segunda Maio 7 01:41:06 UTC 2012


YEAH!!! Muito legal O video meu caro amigo, compartilhando com galera aqui
já! .... Alias curti duas coisas no video,
1º  o wallpaper do windows na ( vmboX ) heoUHAEOAUHEua  | 2º  som no final
do video, qual nome banda? [  \m/ O.o \m/  ]
para complementar seu video deixo aqui link de como utilizar o skype com o
TOR como você mesmo citou: [
AQUI<http://arstechnica.com/tech-policy/news/2012/04/tor-traffic-disguised-as-skype-video-call-to-fool-repressive-governments.ars?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+Featured+Content%29>].
e algumas indicações de segurança do skype:
http://en.wikipedia.org/wiki/Skype_security | com plugin OTR utilizado no
pidgin segue link: http://www.cypherpunks.ca/otr/ ... visando metodologia
de segurança em voip, temos as seguintes aplicações:

1 – *PGP* (Pretty Good Privacy) is a data encryption and decryption
computer program that providescryptographic
privacy<http://privacy-pc.com/encryption-software-review> and
authentication for data communication. PGP is often used for signing,
encrypting and decrypting texts, e-mails, files, directories and whole disk
partitions to increase the security of e-mail
communications<http://privacy-pc.com/internet-security-suites-software-review>
.

2 – *OTR* (Off-the-Record Messaging) is a cryptographic protocol that
provides strong encryption for instant messaging conversations. OTR uses a
combination of the AES symmetric-key algorithm, the Diffie–Hellman key
exchange, and the SHA-1 hash function. In addition to authentication and
encryption, OTR provides perfect forward secrecy and malleable encryption.

3 – *MAC* (Message Authentication Code) is a short piece of information
used to authenticate a message. The MAC value protects both a message’s
data integrity as well as its authenticity, by allowing verifiers (who also
possess the secret key) to detect any changes to the message content.

4 – *VoIP* (Voice over IP) commonly refers to the communication protocols,
technologies, methodologies, and transmission techniques involved in the
delivery of voice communications and multimedia sessions over Internet
Protocol (IP) networks, such as the Internet.

5 – *ZRTP* is a cryptographic key-agreement protocol to negotiate the keys
for encryption between two end points in a Voice over Internet Protocol
(VoIP) phone telephony call based on the Real-time Transport Protocol (RTP).

Meus parabens mano, ótimo video, me abriu uma visão imensa aqui sobre a
vulnerabilidade em si, vou testar no hacking lab! Forte abraço !

Kembolle Amilkar
#/[ kembolle.com.br ] - Consultoria Segurança da Informação.
#/ [ samurayconsultoria.com.br ] - Chief Security Officer - Samuray
Consultoria.
#/ Systems Analyst | Esp. Information Security | Computer Forensic Expert |
#/ Owasp Chapter Lider Cuiabá - https://www.owasp.org/index.php/Cuiaba
#/ Mobile: [65] 9979-2925  && contato[at]kembolle.com.br.
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://lists.owasp.org/pipermail/owasp-cuiaba/attachments/20120506/c381c232/attachment.html>


More information about the Owasp-cuiaba mailing list