archives

Network Forensics

This category contains 10 posts

Man In The Middle Attack: Forensics

Yes, that’s right! Mr. Upset did not post ‘I am hating my new job’ as it appears in Figure 2, instead he wrote ‘I am loving my new job’. Then how did it happen and who did it? This article aims at addressing these questions. We fabricate a case where a person is an object … Continue reading

Analysis Of iOS Notes App

As part of my third year studying Digital Security,Forensics & Ethical Hacking at GCU, I took part in a group research project to study the artifacts created when using the notes app on an iPad Mini, and if they could be used as evidence. This post is really just going to explain what I did, … Continue reading

Cyber Security Challenge in Scotland

Towards the end of August, I was part of the team who were offered to help out and participate at an exciting event held at Glasgow Caledonian University. The event ran over five days with each day varied in content and different challenges. In this post I aim to give a rough breakdown of each … Continue reading

From iPhone to Access Point

Introduction A wireless Access Point (AP) is a device that allows wireless devices to connect to internet using Wi-Fi. With the remarkable increase in number of wireless devices the number of APs has also increased drastically to serve the Wi-Fi needs of these devices. We have APs at home, offices, airports, public hotspots. Any clue … Continue reading

Book Review: Mastering Windows Network Forensics & Investigations

Mastering Windows Network Forensics and Investigations¬†fills an interesting niche not well addressed in the pantheon of digital forensics resources.¬† The material is well suited for beginning and intermediate forensic examiners looking to better understand network artifacts and go beyond single-system forensics.¬† I highly recommend it for system administrators looking for a different perspective on network … Continue reading

Introduction to Penetration Testing – Part 3a – Active Reconnaissance

Apologies in advance, this is a bit of a connective blog entry – this is a big topic, and it needs some scene setting, basic understanding and several weeks worth to get the most out of it. We live in a connected world now – my other half was showing me a washing machine with … Continue reading

Introduction to Penetration Testing – Part 2 – The Discovery Phase – Passive Reconnaissance

PenTest, like forensics, is almost as much an art as it is a science – you can only be taught so far, technical techniques and tools are all very well, but you really need a mind that can think sideways and approach a task from as many angles as possible. The ex-LE forensicators have this … Continue reading

An Introduction to Penetration Testing – Part 1

In an earlier article, many moons ago (Sorry Jamie !), I stated my opinion that Forensics and Security were opposite sides of the same coin. I’ve felt very strongly that my skills as a Security Consultant have only been strengthened and expanded by the experiences I’ve gained with Forensics, both as part of the Forensic … Continue reading

Web History Visualisation for Forensic Investigations

Web History Visualisation for Forensic Investigations Sarah Lowman (1) and Ian Ferguson (2) (1) – sarah@lowmanio.co.uk (2) – University of Abertay I.Ferguson@abertay.ac.uk Abstract. Current tools for analysing web history often produce large amounts of data. This data is usually presented in a tabular format, which makes it difficult for forensic investigators to spot patterns and … Continue reading

How to Create an Open Source Network Forensics Appliance

By Ondrej Krehel Chief information security officer at Identity Theft 911 okrehel@IDT911.com IntroductionEncryption and anti-forensics attacker techniques are commonly encountered in incident response investigations, while the power of network forensics intelligence is often overlooked by busy IT and legal departments. Compromised networks only occasionally capture network incident data sets for further analysis, but when they … Continue reading

Follow

Get every new post delivered to your Inbox.

Join 669 other followers