Presentation is loading. Please wait.

Presentation is loading. Please wait.

Passwords, Encryption Forensic Tools

Published byVictor Jefferson Modified over 9 years ago

Similar presentations

Presentation on theme: "Passwords, Encryption Forensic Tools"— Presentation transcript:

1 Passwords, Encryption Forensic Tools
Forensics4 Passwords, Encryption Forensic Tools

2 Access Control How to Obtain Password Ask for the password
Find password near computer Use social engineering Use personal data to guess password Crack password Use word list Use modified words - hybrid attack Use brute force Use different Operating System to access data

3 Encryption Advantages Disadvantages
Encrypted data can’t be easily read Strong encryption may require years of work to decrypt without the key Disadvantages Encrypted files draw attention to their value If you loose the key, you loose the data For large files, strong encryption may take significant time to decrypt Encryption/Decryption covered in previous course

4 Types of Encryption Substitution Cipher Private Key Public Key
Oldest method Easy to crack Private Key Both sender and receiver use the same key Problem with getting key to receiver Public Key Sender uses receivers public key to encrypt Receiver uses his private key to decrypt There are methods to assure that the message originated from the stated sender and receiver identity is verified

5 Steganography Hide data in picture/sound file by modifying LSB’s of data Free demo program at: steganography-software.html To improve security combine steganography with encryption First encrypt the message, then apply steganography

6 Forensic Software Commercial forensic software is very expensive due to limited market Free forensic software dd – comes with UNIX OS – makes bit level copies dd for Windows Get dd-06beta.zip Unzip to a folder Use dd –list to find how to refer to hard drive Use dd if=<input device> of=<output file> to make copy Use dd if=/device/zero of=<output device> to zero a drive

7 Free Forensic Software
Forensic Tool Kit Imager from -downloads#.UctFozvVCSo Click on FTK IMAGER to download the application Can make forensic copy of entire disk or analyze contents The Sleuth Kit from Click on Download to get the application A collection of command line tools

8 Free Forensic Software
The SANS Investigative Forensic Toolkit (SIFT) A collection of forensic tools that runs as a Vmware Virtual Machine Available at forensics.sans.org/community/downloads Microsoft System Internals available at us/sysinternals/bb aspx Command line tool collection for Windows

9 Forensic Hardware Write Blocker - prevents writes to original hard disk Connects between forensic computer and original hard drive Can also be used between disk copy and forensic computer to assure that the copy is not modified

Download ppt "Passwords, Encryption Forensic Tools"

Similar presentations

WINDOWS FORENSICS FOR INCIDENT RESPONSE CHRISTIAN KOPACSI CISSP CISM CEH CHFI SECURITY+

WINDOWS FORENSICS FOR INCIDENT RESPONSE CHRISTIAN KOPACSI CISSP CISM CEH CHFI SECURITY+
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
OPEN SOURCE TOOLS Dr. Abraham Professor UTPA. Open Source Freely redistributable Provides access to source code End user may modify source code.

OPEN SOURCE TOOLS Dr. Abraham Professor UTPA. Open Source Freely redistributable Provides access to source code End user may modify source code.
An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.

An Introduction to Computer Forensics James L. Antonakos Professor Computer Science Department.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Section 3.2: Operating Systems Security

Section 3.2: Operating Systems Security
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
Guide to Computer Forensics and Investigations Fourth Edition

Guide to Computer Forensics and Investigations Fourth Edition
Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.

Steganography Part 2 – Detection and Research. Introduction to Steganalysis What is steganalysis?  The art of detecting messages hidden by steganography.
Guide to Computer Forensics and Investigations Third Edition

Guide to Computer Forensics and Investigations Third Edition
COS/PSA 413 Day 16. Agenda Lab 7 Corrected –2 A’s, 1 B and 2 F’s –Some of you need to start putting more effort into these labs –I also expect to be equal.

COS/PSA 413 Day 16. Agenda Lab 7 Corrected –2 A’s, 1 B and 2 F’s –Some of you need to start putting more effort into these labs –I also expect to be equal.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Nine Managing File System Access.
13-Jul-15 Getting Ready for Java. 2 What You Need 256 MB of RAM (512 MB or more recommended) 500 MHz Pentium or better Macintosh: must run Mac OS X, preferably.

13-Jul-15 Getting Ready for Java. 2 What You Need 256 MB of RAM (512 MB or more recommended) 500 MHz Pentium or better Macintosh: must run Mac OS X, preferably.
®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.

®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.
Safe Computing and Internet Browsing with Free Software Aosheng Wang ( 王敖生 ) 2014-07-19.

Safe Computing and Internet Browsing with Free Software Aosheng Wang ( 王敖生 )
1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.

1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.
COEN 252 Computer Forensics Forensic Duplication of Hard Drives.

COEN 252 Computer Forensics Forensic Duplication of Hard Drives.
COEN 252 Computer Forensics

COEN 252 Computer Forensics

Similar presentations

Ads by Google