Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Computer Forensics Dr. Randy M. Kaplan. 2 Browser Forensics.

Published byJeremy Mills Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Computer Forensics Dr. Randy M. Kaplan. 2 Browser Forensics."— Presentation transcript:

1 1 Computer Forensics Dr. Randy M. Kaplan

2 2 Browser Forensics

3 A Source of Evidence Critical Evidence can often be found in a subject’s browsing history Emails Sites visited Internet searches Computer Forensics 3

4 Browsers Two are dominant IE Mozilla (and its derivatives and variants) Computer Forensics 4

5 IE Activity stored in – C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5 Contains Cached pages Images Two other files of interest History without locally cached content C:\Documents and Settings\user\History\History.IE5 Cookies C:\Documents and Settings\user\Cookies Computer Forensics 5

6 Index.dat In each of these directories there is a file named index.dat The relationship between cached web content and URLs is maintained in this file Computer Forensics 6

7 Mozilla Web activity maintained in a file named history.dat File located in – C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\ \history.dat C:\Documents and Settings\user\Application Data\Mozilla\Profiles\ \ \history.dat Computer Forensics 7

8 Mozilla history.dat differs from IE Does not link web site activity to cached web pages More difficult to reconstruct the activity Computer Forensics 8

9 Tools Web Historian A tool used to reconstruct web activity Applicable to – IE Mozilla Firefox Netscape Safari Opera Computer Forensics 9

10 Downloading Web Historian Web Historian can be downloaded from – http://www.download.com/Red-Cliff-Web-Historian/3000- 2653_4-10373157.html Computer Forensics 10

11 Web Historian Computer Forensics 11

12 Web Historian Computer Forensics 12

13 Web Historian Computer Forensics 13 Lots and lost of information produced by Web Historian

14 Web Historian Suppose my wife wanted to know what I have been doing on the Internet (Maybe she wants to make sure I am not spending the kid’s college fund) What evidence in the generated file would give her the kinds of information she is looking for? Computer Forensics 14

15 Web Historian Scan the URL addresses Computer Forensics 15

16 Web Historian Scan the URL addresses Computer Forensics 16

17 Trying Firefox Set WH to Firefox directory What are the results? Computer Forensics 17

18 Trying Firefox Computer Forensics 18

19 Trying Firefox Computer Forensics 19 Very odd because this is my default browser

20 Web Historian Not really clear why WH does not work with Firefox Try alternative Computer Forensics 20

21 Cache View Cache View can be downloaded from – http://progsoc.org/~timj/cv/ Computer Forensics 21

22 Cache View Download and install Computer Forensics 22

23 Cache View Need to point Cache View to the proper directory Computer Forensics 23

24 Cache View Point to the proper directory Computer Forensics 24

25 Cache View Computer Forensics 25

26 Cache View Computer Forensics 26

27 Cache View Computer Forensics 27

28 How To Use? Clearly having a record of someone’s web activities can be used to determine what they have doing For example if a subject was interested in learning how to hack a particular system then accessing web sites to learn how to do this would substantiate this theory Computer Forensics 28

29 How To Use? If a subject uses a web interface for email then we can tell if he accessed it and we can also see what the status of the access was at that time Computer Forensics 29

Download ppt "1 Computer Forensics Dr. Randy M. Kaplan. 2 Browser Forensics."

Similar presentations

1 How To Use a Browser A Module of the CYC Course – Computer Basics 8-28-10.

1 How To Use a Browser A Module of the CYC Course – Computer Basics
Computer Forensics Internet Artifacts.

Computer Forensics Internet Artifacts.
® Microsoft Office 2010 Browser and Email Basics.

® Microsoft Office 2010 Browser and Basics.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Lesson 4: Web Browsing.

Lesson 4: Web Browsing.
Internet Artifacts Dr. John Abraham Professor UTPA.

Internet Artifacts Dr. John Abraham Professor UTPA.
Surfing the Net. Surfing the net Browsers – Internet Explorer, Firefox, others Dissecting URLs Some web page definitions Browser navigation Bookmarks.

Surfing the Net. Surfing the net Browsers – Internet Explorer, Firefox, others Dissecting URLs Some web page definitions Browser navigation Bookmarks.
CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.

CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.
X-Ways Trace Prepared By: Leen F. Arikat Supervisor: Dr. Lo’ai Tawalbeh.

X-Ways Trace Prepared By: Leen F. Arikat Supervisor: Dr. Lo’ai Tawalbeh.
Technology for Computer Forensics by Alicia Castro.

Technology for Computer Forensics by Alicia Castro.
WEB BROWSERS. W EB B ROWSER B ASICS Define: a software application for retrieving, presenting, and traversing information resources on the World Wide.

WEB BROWSERS. W EB B ROWSER B ASICS Define: a software application for retrieving, presenting, and traversing information resources on the World Wide.
The Internet & Web Browsers Business Webpage Design Kelly Seale.

The Internet & Web Browsers Business Webpage Design Kelly Seale.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Jared Cinque Section 6.  Internet tracking is the process of following internet activity backwards from recipient to user through a special type of software.

Jared Cinque Section 6.  Internet tracking is the process of following internet activity backwards from recipient to user through a special type of software.
Spying and security on the Internet Some tricks to know.

Spying and security on the Internet Some tricks to know.
Google Chrome Your Customized Google Buddy April 2012 John Riley and Denise Tate-Kuhler.

Google Chrome Your Customized Google Buddy April 2012 John Riley and Denise Tate-Kuhler.
Computer Concepts 2014 Chapter 7 The Web and E-mail.

Computer Concepts 2014 Chapter 7 The Web and .
The Internet What is the Internet? The Internet is a global web of computers connected to each other by wires, (mostly phone lines). If you look at a.

The Internet What is the Internet? The Internet is a global web of computers connected to each other by wires, (mostly phone lines). If you look at a.
CPSC 203 Introduction to Computers Lab 21, 22 By Jie Gao.

CPSC 203 Introduction to Computers Lab 21, 22 By Jie Gao.
Build a Free Website1 Build A Website For Free 2 ND Edition By Mark Bell.

Build a Free Website1 Build A Website For Free 2 ND Edition By Mark Bell.

Similar presentations

Ads by Google