Project 2x: CanaryTokens (5 pts. extra credit)
What You Need
Any computer with Web access.
Background
Canary Tokens are email addresses, URLs,
and other objects which can be detected
when they are used. A defender puts them
on servers, among other
data that might be stolen.
If they are used, that indicates that someone
has stolen that data.
Making a Web Bug
In a browser, go to
http://canarytokens.org/generate
Enter these values, as shown below,
replacing YOURNAME with your
own name.
- Web bug / URL token
- An email address you can access
- Web bug from YOURNAME
Click the "Create my Canarytoken"
button.
On the next page, click the
little green icon to copy the token
to the Clipboard,
as shown below.
Click the "Create my Canarytoken"
button.
Testing the Web Bug
Paste the token into a browser and press
Enter to visit that URL.
It's just blank page,
as shown below.
Read the email address you specified.
You get a message titled
"Your Canarytoken was Triggered",
as shown below.
Capturing a Screen Image
Make sure these required items are visible,
as shown above:
- "Canarytoken has been triggered"
- YOURNAME
Capture a whole-desktop image and save it as
"Proj 2x from YOURNAME".
YOU MUST SEND IN A WHOLE-DESKTOP IMAGE FOR FULL CREDIT
Turning in Your Project
Email the image to cnit.50sam@gmail.com with a subject line of "Proj 2x From YOUR NAME", replacing "YOUR NAME" with your real name.
Send a Cc to yourself.
References
How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions
Posted 10-2-17