Lecture 5
Lecture 5
O
• When the investigation reveals that the trail of
rn
ot
evidence extends beyond the boundaries of your
enterprise network; and
• When you know you’re over your head.
File System Locations
• SKIP SECTION 8.5 for now
Very Brief Intro to Encryption
• Encryption is a process that translated plaintext/digital
object into unreadable format or digital object
• Encryption uses the concept of a key which is a type of
data that when applied using a specific algorithm will
result in unreadable data
• Symmetric Encryption – decryption is simply a
reverse of the encryption (using the same key)
• Asymmetric Encryption – decryption process is
different from encryption and usually done with
different keys
Digital Signatures
• Electronic method to ensure:
• Data is from who it says it is from
• Data has NOT been altered
• Important for e-commerce transactions
• Works whether or not the document itself is encrypted
Digital Signatures
• Sender builds the signature using a private key
• Recipient decodes the signature using the
sender’s public key
• To ensure no changes to data, messages can be
hashed
• Hashing (somewhat akin to CRC) calculates a
unique value for the document
• Receiver re-calculates the hash and compares to
the received hash
The digital signature process.
Ethics
Very hard to define
Certified professionals are held to a high standards
Should be part of an organizational behavior and culture
Generate guidelines for ethics and Net-ethics
(ISC)2 Code of Ethics
Conduct in accordance with highest moral standards
Not be a party of any unlawful or unethical act
Report any unlawful acts
Support and be active in promoting best information
security practices
Provide competent services to their clients, employees &
community
Be professional
Do not misuse information they have access to
CEI 10 Cs of Computer Ethics - Thou
Shall
I. Not use a computer to harm other people
II. Not interfere with other people’s work
III. Not snoop around in other people’s computer files
IV. Use a computer to steal
V. Use a computer to bear false witness
Computer Ethics Institute 10 Cs of
Computer Ethics - Thou Shall
VI. Not copy or use proprietary software for which you
have not paid
VII. Not use other people’s computer resources without
authorization or the proper compensation
VIII. Not appropriate other people’s intellectual output
IX. Think about the social consequences of the program
you are writing for the system you are designing
X. Use a computer in ways that ensure consideration
and respect for your fellow human
Good Internet Conduct
• Unacceptable and unethical activities:
• Seeks to gain unauthorized access to resources of the
internet
• Destroys integrity of computer based information
• Disrupts the use of the internet
• Wastes resources such as people, capacity and
computers via these actions
• Compromises privacy of users
• Involves negligence in the conduct of internet wide
experiments
References (General)
http://www.dcfl.gov/home.asp
http://www.porcupine.org/forensics/
http://www.cftt.nist.gov/
http://www.computerworld.com/news/special/pages/0,10911,1705,00.html
http://www.itl.nist.gov/div897/docs/computer_forensics_tools_verification.html
http://seattletimes.nwsource.com/html/businesstechnology/
134531230_forensics08.html
http://www.cio.com/archive/030101/autopsy.html
http://www.csoonline.com/read/030103/machine.html
http://www.sans.org/rr/incident/
http://www.saic.com/infosec/computer-incident-management.html
http://www.ey.com/global/download.nsf/International/Computer_Forensics/$file/
computerforensics.pdf
http://www.crazytrain.com/
http://www.htcia.org/
http://www.cops.org/
http://www.securityfocus.com/incidents
Class Work
• Research the following tools. Provide at least 5 of each
• Network vulnerability scanning
• OS vulnerability scanning
• Application vulnerability scanning
• Digital Forensics
• Pretty Good Privacy (PGP) software
• For each tool indicate in a table
• Cost, Available for download and evaluation
• Coverage and what are the requirement to be installed
• Description of the tool and why you like it or not like it
• OS flavor it works on
Class Work
• In not more than ½ page or two slides and
describe the ethical questions concerning
handling of digital evidence
• Based on what you have read so far, how can
you improve on the digital evidence process
• List the types of possible sources of digital
evidence and a description of what they may
have that is relevant
• List at least 10 web sites with digital forensics
services and describe their methodology. Not
more than ½ page or one slide