Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Looking for a Windows Forensics book

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    @EC_gh0

    I did read of an interesting case at the beginning of last year regarding a paedo ring in Glasgow, Scotland.Apparently these guys didn't know each other IRL but had set up a fake e-mail account that they were using as a sort of "dead letter box" to exchange their filth. Each of them knew the userid and password of the fake account, so could access it, and send attachments to it. Basically like sending a test e-mail to yourself.

    The case developed when one of the paedos had computer trouble and took his kit to a repair shop, where a technician discovered the material he had on it and informed the police.

    They had a look, and noticed an e-mail account that didn't seem related to the owner of the PC. They decided to monitor it and see where the traffic was coming from and going to.

    As soon as they saw that most of the traffic was the account apparently mailing itself, they realised what must be going on. It was relatively trivial to trace from e-mail provider to ISPs to ISP account holder.

    All but one of them didn't know about proxies and the one who did was quite sly. They also didn't know much about international law, and the fact that CP is illegal in many countries whose law enforcement authorities would not normally co-operate. So a proxy may well not protect you........just get you a longer sentence

    This guy connected to someone else's unprotected WiFi node and did his dirty deeds from there.

    Strathclyde police (Glasgow) checked this out, and quickly concluded that the owner's router was being used as a proxy.

    Now, this is just a wireless connection to a router, so there is no audit trail. [Most people over here use a router that is provided free by their ISP/Telco, so there are very limited logging and security features, to cut costs]

    Strathclyde Police are a very resourceful and forward thinking outfit IMO (although I have only worked with them on fraud cases) and someone thought of re-checking the evidence (logs).

    They found that one of the connections to the paedo e-mail account ( a single instance) came from a major employer in the city. Not much good as you didn't see the actual device connected (even assuming he used his own, rather than slide into a videoconferencing room or whatever), and there were no useful logs still saved by the company.

    But! taking the circular area of probability of the WiFi node's reception and matching that to the employee list of the large corporation gave just one hit............and guess what he had on his hard drive?

    It only takes one mistake huh? But I don't really regard it as computer forensics rather than good, honest, police work.

    Might I recommend this site as an interesting source of technological news?

    http://www.theregister.co.uk/

    Cheers,


  2. #12
    Junior Member EC_gh0's Avatar
    Join Date
    Mar 2010
    Posts
    9
    @nihil, I read that one all the time (theres a few of my angry comments on there posted as an anonymous coward lol), there's also:
    http://www.hackernews.com/breaking-news/

    And being in the UK I've got the BBC world news ticker hot-linked to firefox with all the latest breaking news 24/7, todays interesting topics include.

    Apple's rival HTC urging an iPhone ban, Microsoft Office 2010 taking aim @ google Docs & last but not least U.S to give 1.5m to falun gong internet freedom group!

    LMFAO @ Apple & HTC, there going after each other because Apple sued them over there OS saying they'd stolen bits from OS X, humph, not like apple stole bits from FreeBSD. We don't hear of FreeBSD screaming, they stole bit's of our OS, we're suing them for everything thats not COCOA based, but perhaps they should!

    It's just Apple getting Anal over there touch screen technology, whilst there at it why not sue every manufacturer with a touch screen, samsung & alcatel to name but a few... Is X-Term found in Apple utilities folder made by Apple?
    Last edited by EC_gh0; May 13th, 2010 at 08:43 AM.

  3. #13
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    This is another one I use:

    http://www.securitynewsportal.com/

    It is a sort of news compendium of IT security news articles from loads of different sources. Like The Register, it is very much up to the minute.

    There used to be a problem if you had BT as your ISP, as the site frequently used to block their IP range "due to bot and script kiddie activity". I had a word with the site admin and there have been no problems since. Good site for a wet and windy weekend when the garden doesn't exactly beckon

    "Banning iPhones"..............hell! I thought Apple had already done that with their prices?

  4. #14
    Junior Member EC_gh0's Avatar
    Join Date
    Mar 2010
    Posts
    9
    Thats why I use a 29.99 One Touch from Alcatel, it's cheaper than what they offer has memory of over 2 Gb, camera, webcam, voice memo, modem etc...

    Gotta love companies that embrace open standards developer.apple.com

    Then a few years later find someone has taken a portion of there code and copied there idea (improving on the idea) and are just so quick to jump on the band wagon screaming "YOU CANT DO THAT, THATS MINE!!" LoL

    Someone should take away there rights to use X11 that would fix there wagon!

  5. #15
    Banned
    Join Date
    Jan 2008
    Posts
    605
    sony promptly announced its next generation of consoles would be Linux unfriendly.
    Actually it was a feature in the console to install another operating system. They disabled the feature during one of their updates. The problem is that during the initial launch they not only advertised it as a feature but they also proclaimed "this isn't just a console.. its a computer".

    This opened the doors to a double-wammy. They're currently being sued for beaking their contract by getting rid of advertised features. But since they also proclaimed it to be a computer instead of a console, all of the familiar computer abuse and misuse acts will apply to them aswell.

    http://ia331218.us.archive.org/2/ite...226894.1.0.pdf

Similar Threads

  1. August security hotfixes
    By mohaughn in forum Microsoft Security Discussions
    Replies: 1
    Last Post: August 9th, 2005, 07:37 PM
  2. suse is crap on finding cdrom
    By rajunpl in forum Operating Systems
    Replies: 43
    Last Post: July 1st, 2004, 07:30 AM
  3. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  4. Operating System Selection
    By TheFiend in forum Miscellaneous Security Discussions
    Replies: 30
    Last Post: June 14th, 2003, 11:08 PM
  5. OS History and other info.
    By Remote_Access_ in forum Security Archives
    Replies: 9
    Last Post: January 12th, 2002, 03:02 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •