by Chetan Gupta, NII Consulting
Have you ever received an anonymous email and wondered who it was from? Ever conducted business via email and wanted to know if the other party is who they say they are? As you can imagine, the uses for this type of investigation are endless. Not only is it possible to find the sender of the anonymous email but it is also possible to locate the sender
Read the full article »
by Chetan Gupta, NII Consulting
Everyday millions of people surf the web using popular web browsers such as Microsoft Internet Explorer (IE) or any one from the Firefox/Mozilla/Netscape family. A very important step in computer forensics is investigating the web usage of the suspect. This information is useful in everything from examining company policy violation to detecting corporate espionage. Examining a suspect’s web browsing history could provide critical clues to solving the case.
Each of these browsers saves the web browsing activity in their own unique formats. The Internet activity data related to a specific browser could be found in different locations according to the Operating System used by the suspect. In this article, we look at the various tools and techniques available for investigating one of the most widely used browsers: Internet Explorer.
Read the full article »
by K. K. Mookhey, NII Consulting
e4
It’s late at night, and the phone rings. This had better be a world-changing revolution. But it’s something weirder. A client in East Asia informs us that his systems are behaving most abnormally. Before one can gather one’s senses, the information begins to flow:
“The primary trading systems, which offer web-based trading are down”
The panic in his voice is unmistakable. But this statement could mean many things, so we probe further.
Read the full article »
by Chetan Gupta, NII Consulting
Evidence Collection is the heart and soul of the Forensics process. It becomes even more important if the evidence needs to be produced in a court of law. After the investigator has assessed the situation and determined a response strategy, he would move on to acquire the image of the suspect system. The investigator’s best bet is to have a defined methodology for creating an image in a forensically sound manner. The most difficult part of forensic duplication is having the appropriate cabling and hardware
Read the full article »