Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Mail Investigations [ 10 week ] E-Mail Investigations 2015 second semester.

Published byLorin Lyons Modified over 6 years ago

Similar presentations

Presentation on theme: "E-Mail Investigations [ 10 week ] E-Mail Investigations 2015 second semester."— Presentation transcript:

1 E-Mail Investigations
[ 10 week ] Investigations 2015 second semester

2 Learning Goal We will study how to trace, recover, and analyze messages by using forensics tools designed for investigating and general-purpose tools, such as wireshark, base64 data decoder and HxD.

3 Learing Objectives After learning this class, you will be able to:
• explain the role of in investigations. • describe client and server roles in . • describe tasks in investigating crimes and violations. • explain the use of server logs. • describe some available computer forensics tools.

4 Today’s Activity Step1: Download the class materials at
lecture board at professor’s blog( Step2: Solve the puzzle#2. Step3: Complete your worksheet include the answer’s of puzzle#2. Step4: Upload your worksheet on the Free board at Professor’s blog.

5 Keywords SMTP protocol 587 MIME Data encoding especially Base64
File signature of .docx

6 E-Mail Investigations
evidence has become an important part of many computing investigations, so computer forensics investigators must know how is processed to collect this essential evidence.

7 E-Mail Investigations
Investigating crimes or policy violations involving is similar to investigating other types of computer abuse[남용] and crimes. Your goal is to find out who’s behind the crime or policy violation, collect the evidence, and present your findings to build a case for prosecution[고발] or arbitration[중재].

8 Puzzle#2 Senario After being released on bail, Ann Dercover disappears! Fortunately, investigators were carefully monitoring her network activity before she skipped town. “We believe Ann may have communicated with her secret lover, Mr. X, before she left,” says the police chief. “The packet capture may contain clues to her whereabouts.” You are the forensic investigator. Your mission is to figure out what Ann ed, where she went, and recover evidence including:

9

10 Puzzle#2 mission 1. What is Ann’s address? 2. What is Ann’s password? 3. What is Ann’s secret lover’s address? 4. What two items did Ann tell her secret lover to bring? 5. What is the NAME of the attachment Ann sent to her secret lover? 6. What is the MD5sum of the attachment Ann sent to her secret lover? 7. In what CITY and COUNTRY is their rendez-vous point? 8. What is the MD5sum of the image embedded in the document?

11 Final Output

12 Activity

13 Nothing is final until it's final. , Don't give up so easily
Nothing is final until it's final!!, Don't give up so easily. Call me at any time if you need help. I'll help you can do it.

Download ppt "E-Mail Investigations [ 10 week ] E-Mail Investigations 2015 second semester."

Similar presentations

Section 3.2 Network Forensics TRACKING HACKERS THROUGH CYBERSPACE CASE STUDY : ANN’S RENDEZVOUS.

Section 3.2 Network Forensics TRACKING HACKERS THROUGH CYBERSPACE CASE STUDY : ANN’S RENDEZVOUS.
Version Control Systems Phil Pratt-Szeliga Fall 2010.

Version Control Systems Phil Pratt-Szeliga Fall 2010.
COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.

COS/PSA 413 Day 17. Agenda Lab 8 write-up grades –3 B’s, 1 C and 1 F –Answer the Questions!!! Capstone progress report 2 overdue Today we will be discussing.
Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 E-mail Investigations.

Guide to Computer Forensics and Investigations Fourth Edition Chapter 12 Investigations.
1 What is Electronic Mail Exchanging information via computer networks Electronic mail addresses SMTP (Simple Mail Transfer Protocol) Client/Server based.

1 What is Electronic Mail Exchanging information via computer networks Electronic mail addresses SMTP (Simple Mail Transfer Protocol) Client/Server based.
Computer Concepts 2014 Chapter 7 The Web and E-mail.

Computer Concepts 2014 Chapter 7 The Web and .
OCR Nationals – Unit 1 AO2 (Part 2) – Emails. Overview of AO2 (Part 2) To select and use tools and facilities to download files/information and to send.

OCR Nationals – Unit 1 AO2 (Part 2) – s. Overview of AO2 (Part 2) To select and use tools and facilities to download files/information and to send.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.

Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Demi Leigh.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Demi Leigh.
Computer Forensics CJ 317 Dr. Joe Ciccone – Week 6 RIP – Dep

Computer Forensics CJ 317 Dr. Joe Ciccone – Week 6 RIP – Dep
Lecture Week 3 Application Layer Functionality and Protocols Network Fundamentals.

Lecture Week 3 Application Layer Functionality and Protocols Network Fundamentals.
Social Network Forensic By Xing Liu CSC153 Spring 2009.

Social Network Forensic By Xing Liu CSC153 Spring 2009.
In order to solve a History Mystery you will need to have a Forensic Report, a pencil, and a open mind. Before you begin, let’s take a moment to review.

In order to solve a History Mystery you will need to have a Forensic Report, a pencil, and a open mind. Before you begin, let’s take a moment to review.
Technical Awareness on Analysis of Email Headers.

Technical Awareness on Analysis of Headers.
S.O.S.: An Ocean Adventure. S.O.S. An Ocean Adventure Over the next 4 weeks you will embark on a competitive Ocean Adventure…

S.O.S.: An Ocean Adventure. S.O.S. An Ocean Adventure Over the next 4 weeks you will embark on a competitive Ocean Adventure…
18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ 07458 FORENSIC SCIENCE An Introduction By Richard Saferstein.

18-1 PRENTICE HALL ©2008 Pearson Education, Inc. Upper Saddle River, NJ FORENSIC SCIENCE An Introduction By Richard Saferstein.
E-Mail Investigations 2016 First semester [ 12 week ]-Forensic Analysis of the Windows 7 Registry.

Investigations 2016 First semester [ 12 week ]-Forensic Analysis of the Windows 7 Registry.
Using Using Computers Safely, Effectively and Responsibly.

Using Using Computers Safely, Effectively and Responsibly.

Similar presentations

Ads by Google