Crimes and P2P Networks

By on Jan 10, 2007 in Featured, Internet, Security | 0 comments

P2P networks are intended to connect hosts that are connected to the Internet in order to interchange files directly, this method, technically, has a nice and smart idea behind it, but it takes the control away for authorities and digital content owners. One of the most discussed cases of P2P crimes is violation of intellectual properties rights, books, multimedia and software are subjects of this type of crimes. With a P2P network, one can search and find other peers that have or pretend having files that he or she needs. Searching the net reveals that there are many cases versus P2P companies and developers, such as GRANT T. STANLEY [CyberCrime.gov, 2006]. Distributing malware, viruses, worms and exploits are other important issues which its complexity is completely different from intellectual property issues. Computer literates know that downloading files might contain malwares that...

Email information leakage investigation

By on Jan 3, 2007 in Featured, Internet, Security | 0 comments

Precautionary actions: In order to prevent more information leakage, all incoming e-mails are forwarded to a temporary alias e-mail address. Afterward, one of the IT personnel is assigned to feed the mailbox with fake and unreal information that look real by which we can keep the criminal watching the mailbox. Digital evidence collection/reduction and collection: In this phase, all SMTP connections for mail relay, POP, IMAP and web connections that try to access this specific mail box should be recorded and logged, since we can not distinguish between different mailboxes while TCP connections are being intercepted, we need to recover contents of all TCP packets coming and leaving the mail server, after information recovery, we need to filter unwanted data and keep the necessary data. In order to intercept the packets we can use Ethereal in bottleneck of the network or on the mail...

Useful foundstone tools

By on Dec 12, 2006 in Security | 0 comments

Dump Firefox AutoComplete Data: This program is used to dump all stored forms in FireFox browser, I am used to work with FireFox and usually keep non-important in form auto complete database of the FireFox. Besides, it sometimes, keeps the search engine forms, this might be used in cases which we need to know if the suspect searched for a specific topic, and this might give us some clues about it. I found some interesting information from my AutoComplete data, I partially collect them and described them below: Hi peter Fwd: Ploter-Role-PaperFwd: Price-ListFwd: Re: HiFwd: liste gheymate khaghaz plotter roli......Re: Anti-Spam FeaturesRe: Anti-Spam Features Follow-upRe: Re: Anti-Spam Featuresaz tarafe man !!!nice to hear from you :-test As you can see, subjects of e-mails that I have sent so far are stored within this XML code, besides, if I know which webmail system uses “Subj” as name...

Compression tools used in forensics

By on Dec 12, 2006 in Featured, Security | 0 comments

The size of information collected from disk might be big enough to not fit within our media during seizure of information. Therefore we need to compress the information in the way that the decompressed information would be identical to the original. A variety of compression algorithms implemented each of which has its own cons and pros, to answer the question, I’d like to categorize compression methods two lossless and lossy methods. With lossless methods the exact copy of the information can be retrieved from the compresses file. Software such as WinZip, PKZIP, gzip, bzip2, ARC, RAR, WinRAR and many others are of such programs. Lossy methods are usually used to preserve network or storage resources. There are many types of information that can be compressed in this way, for instance, images are always stored in a compressed format, Videos, Audios and streamed information like VoIP...

Companies specializing in computer forensics software or services

By on Nov 26, 2006 in Security | 0 comments

There are two types of companies in computer forensics field, first, those who are producing software and hardware tools, second, those who provide services. Nonetheless, there are other companies that they produce tools but they have their own team to handle digital evidence collect information from digital/computer systems. I found three companies that provide various services, so I couldn’t produce tabular comparison, they nonetheless work in forensics field, and this is common between them. X-Ways Software Technology AG1, this company produce a software named WinHex which is specialized tool for analyzing and working with raw information within memory or hard disk. Besides many technical features, it’s empowered by some forensics tools and extra features that can help forensics examiners to extract information from a digital media, such as files, disks or memory of the computers....

Pin It on Pinterest