Computer Forensics: Investigating Wireless Networks and Devices (EC-Council Press)
Language: English
Pages: 128
ISBN: 1435483537
Format: PDF / Kindle (mobi) / ePub
The Computer Forensic Series by EC-Council provides the knowledge and skills to identify, track, and prosecute the cyber-criminal. The series is comprised of five books covering a broad base of topics in Computer Hacking Forensic Investigation, designed to expose the reader to the process of detecting attacks and collecting evidence in a forensically sound manner with the intent to report crime and prevent future attacks. Learners are introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. In full, this and the other four books provide preparation to identify evidence in computer related crime and abuse cases as well as track the intrusive hacker's path through a client system. The series and accompanying labs help prepare the security student or professional to profile an intruder's footprint and gather all necessary information and evidence to support prosecution in a court of law. Investigating Wireless Networks and Devices discusses how to investigate wireless attacks, as well as PDA, i-Pod, i-Phone and BlackBerry forensics.
Digital Archaeology: The Art and Science of Digital Forensics
Governing Insecurity in Japan: The Domestic Discourse and Policy Response
And Jipher to reveal encrypted information. • Use password-cracking tools such as Cain and Abel and Hydra if the information is password protected. • Use various video players to open video files. • Check the last dialed number or coordinates to destinations. • Find out the tools used. • From the analysis, try to discover: • What exactly happened • When the event occurred • Who was involved • How the event occurred Document Everything The forensic examiner must take care that each and every step.
The name of the computer and usernames of all users who have accessed the system while it was mounted. This information can be found with the iPod’s name in several locations. The DeviceInfo file, under a username in the iTunes folder, contains information about the computer with which it was used. This information can be used to verify the ownership of iPods. View the Calendar and Contact Entries iPods also possess limited PDA capabilities. They can be used to store calendar, schedule, and.
Music files Figures 3-14 through 3-16 show how the time stamps on these files are generated. Time Issues Time is an important factor in the investigation process. The iPod has an internal clock, which will create a problem if it changes the file’s creation and modification times. This clock should be tested using the following method: • Set a different date and time on the iPod than that on the computer connected to it. • Connect the iPod to the computer and copy some music files to the iPod.
-usb erase -f to erase a module from the device, even if it is in use • javaloader -usb wipe to wipe the device (low-level format) • javaloader -usb deviceinfo > device.txt to save the device information to a text file (device.txt) • javaloader -usb eventlog > event.txt to save the eventlog to a text file (event.txt) 3. Use the BlackBerry SDK Simulator to emulate a BlackBerry device. ■ In a Web browser, go to http://www.BlackBerry.com/developers/downloads/simulators/ index.shtml. ■ Download.
. . . . . . . . . 3-7 Acquire DeviceInfo File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7 Acquire SysInfo File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8 Recover IPSW File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .