Computer Forensics has been gaining in popularity as
society increasingly is dependent on technology. While is has been around for awhile, it is still seen as an emerging science.
Computer Forensics uses specialized tools and techniques for
(like FTK toolkits) preserving, analyzing, recovering and authenticating electronic data such as files.
MD5 while a valuable tool for digital forensics, is
is no longer uses today because of its vulnerabilities that hackers can exploit.
MD5 stand for
Message Digest 5 and is a digital hash, that uses 128 bits displayed in Hex. and does a cyclical redundancy check.
Digital evidence can be used for
hacking, narcotics trafficking, murder, data theft, and conspiracy.
Digital evidence can take the form of
hard drives, floppy, zip, jazz drives, CDs, DVDs, Blu Ray, tapes, memory cards, USB sticks, printers and fax machines.
Two key responsibilities of a DFE
is to protect and authenticate.
Digital scientist can usually find
hidden files, deleted files, encrypted files and steganographic files
Malware is a catch all term to describe
malicious software threats and social engineering tools designed to vandalize or compromised computer systems.
Spyware is used to
monitor a user’s activity without their knowledge and sends that information to someone else.
hidden malware that is downloaded by a user unintentionally when they are trying to install a normal program.
If you use encryption on a file, you can
generally prevent someone from trying to circumvent file and folder security.
When someone eavesdrops on a network, they
have the ability to capture and reading data packets as they move across a network
A program virus is a
sequence of code that insert themselves into another executable program.
A network firewall filters packets to prevent unauthorized access by
direction, IP address and TCP or UDP port number.
three properties secure information should have.
Confidentiality, Integrity and availability
Footprinting is the
process of information gathering in which the attacker attempts to learn about the configuration and the networking and security systems.
one or more barriers around the resource such that only authenticated users can gain access.