Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 24 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Digital Evidence on Physical and Data-Link Layers.

Published byPhoebe Lambert Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 24 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Digital Evidence on Physical and Data-Link Layers."— Presentation transcript:

1 Chapter 24 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Digital Evidence on Physical and Data-Link Layers

2 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.1 Old Ethernet configuration (modern configurations are conceptually the same).

3 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.2 Computers on a 10BaseT network plugged into a hub.

4 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.3 Computer A sending data to computer Z.

5 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.4 Ethereal classification of NIC addresses.

6 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FFIGURE 24.5 Summary diagram of TCP/IP separated by OSI layer.

7 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.6 Computers connected at the physical level are vulnerable to eavesdropping.

8 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.7 Ethereal showing packet in “hotmail-02242003. dmp” file containing the keyword “POST,” corresponding to the act of sending the message through Hotmail.

9 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.8 (A) Using the NetIntercept forensic view to examine network traffic and locate important items such as an “HTTP POST.” (B) Using NetIntercept to view the same packet as in Figure 24.7 containing the “POST” keyword.

10 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.9 NetWitness summary view of network traffic.

11 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.10 Hotmail Inbox recovered using Ethereal.

12 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.11 Hotmail Inbox extracted from a tcpdump file and displayed using NetIntercept.

13 Figure 1.1 Copyright © 2011 Academic Press Inc.©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. FIGURE 24.12 MIME-encoded e-mail attachments containing data in a ZIP file extracted from a tcpdump file and displayed using NetIntercept.

Download ppt "Chapter 24 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Digital Evidence on Physical and Data-Link Layers."

Similar presentations

Chapter 20 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Mobile Devices (online only)

Chapter 20 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Mobile Devices (online only)
Chapter 22 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Networks.

Chapter 22 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Networks.
Chapter 17 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Windows Systems.

Chapter 17 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Windows Systems.
Chapter 2 OSI Model and TCP/IP

Chapter 2 OSI Model and TCP/IP
Chapter 13 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.. Investigating Computer Intrusions.

Chapter 13 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.. Investigating Computer Intrusions.
Chapter 16 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Computers.

Chapter 16 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Applying Forensic Science to Computers.
Chapter 21 Network Basics for Digital Investigators ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

Chapter 21 Network Basics for Digital Investigators ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Chapter 18 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of UNIX Systems.

Chapter 18 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of UNIX Systems.
Chapter 19 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Macintosh Systems.

Chapter 19 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Forensic Examination of Macintosh Systems.
Chapter 15 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Computer Basics for Digital Investigators.

Chapter 15 ©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved. Computer Basics for Digital Investigators.
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Chapter 25 Digital Evidence at the Network and Transport Layers

Chapter 25 Digital Evidence at the Network and Transport Layers
Modeling Constraints with Parametrics

Modeling Constraints with Parametrics
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Copyright © 2016 Elsevier Inc. All rights reserved.

Copyright © 2016 Elsevier Inc. All rights reserved.
Chapter 01 Foundations of Digital Forensics

Chapter 01 Foundations of Digital Forensics
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Chapter 41 Work-Related Musculo-Skeletal Disorders

Chapter 41 Work-Related Musculo-Skeletal Disorders
©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.

©2011 Eoghan Casey. Published by Elsevier Inc. All rights reserved.
Chapter 65 - The Hormonal Regulation of Calcium Metabolism

Chapter 65 - The Hormonal Regulation of Calcium Metabolism

Similar presentations

Ads by Google