Upload File

internet artifacts dr. john abraham professor utpa

  • Home
  • Documents
  • Internet Artifacts Dr. John Abraham Professor UTPA
11
Internet Artifacts Dr. John Abraham Professor UTPA

Upload: patience-bailey

Post on 17-Dec-2015

215 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Internet Artifacts Dr. John Abraham Professor UTPA

Internet Artifacts

Dr. John AbrahamProfessor

UTPA

Page 2: Internet Artifacts Dr. John Abraham Professor UTPA

Linux and MAC

• Linux and Mac artifacts are given in chapters 6 and 7

• Students are encouraged to read these chapters.+

Page 3: Internet Artifacts Dr. John Abraham Professor UTPA

Introduction

• Bulk of the user interaction now is through the Internet

• Application specific artifacts created by web browsers provide important evidence

Page 4: Internet Artifacts Dr. John Abraham Professor UTPA

Explorer (IE)• he index.dat file is a database file. • It is a repository of information such as web URLs, search queries and

recently opened files. • Its purpose is to enable quick access to data used by Internet Explorer. • For example, every web address visited is stored in the index.dat file,

allowing Internet Explorer to quickly find Autocomplete matches as the user types a web address.

• The index.dat file is user-specific and is open as long a user is logged on in Windows.

• Separate index.dat files exist for the Internet Explorer history, cache, and cookies.

• The index.dat file is never resized or deleted. A large index.dat file can impair performance.

• Pasco (download) can be used to view.• Malware can make use of WinInet API to infect computers. Entries are

made in index.dat files for the default user or localService accounts.

Page 5: Internet Artifacts Dr. John Abraham Professor UTPA

Favorites

• A user’s favorites can provide info regarding a users movement across the Internet.

Page 6: Internet Artifacts Dr. John Abraham Professor UTPA

Cookies

• Cookies are saved as plain text files• Galleta (download) can display formatted.• The cookie will have creation time and

expiration time, site name and other useful information.

Page 7: Internet Artifacts Dr. John Abraham Professor UTPA

Cache

• Cache is created as a result of a users browsing activities. They are stored in temporary internet files.

• It will contain url location, times and file name.

Page 8: Internet Artifacts Dr. John Abraham Professor UTPA

Firefox

• Mozilla’s firefox is the second most widely used browser.

• Stores history in the SQLite 3 database in Firefox profiles.

• Files of interest: Formhistory.sqlite (contains data filled out to submit forms and webmail subject lines), downloads.sqlite, cookies.sqllite and places.sqlite (users browsing activity).

Page 9: Internet Artifacts Dr. John Abraham Professor UTPA

Firefox (2)

• Cache• Saved session data – if firefox is not

terminated properly, a file named sessionstore.js is created. Used to recover from a crash.

• Bookmarks and backups

Page 10: Internet Artifacts Dr. John Abraham Professor UTPA

Other browsers are skipped

Page 11: Internet Artifacts Dr. John Abraham Professor UTPA

Mail artifacts

• Personal storage table (PST)– Use Outlook to open or there are other tools

available such as http://www.nucleustechnologies.com/pst-viewer.html

• Mbox and maildir– Local mail storage formats used by Linux. Both

formats are plaintext. Mairix is a searching utility.

http://www.nucleustechnologies.com/pst-viewer.html
http://www.nucleustechnologies.com/pst-viewer.html

UTPA APT Summer Pre-Matriculation Program 2014

23-Support Protocols and Technologies Dr. John P. Abraham Professor UTPA

Intro to C# Dr. John P. Abraham UTPA. Background required Thorough C++ programming – If you made an A in 1370/1170 you will do fine with some effort

Texas Tech at UTPA Match Notes

Week 4 UTPA · 2018-01-29 · Week 4 – UTPA 5:30 Today’s agenda Course review Class actions (cont.) Quiz 6:00 Break UTPA elements chart Fee shifting chart Damages chart 6:30 Break

Elementary Probability - UTPA Faculty Web

LINQ AND GENERIC COLLECTIONS DR. JOHN P. ABRAHAM PROFESSOR UTPA

UTPA Business Development & Innovation Group

E-Commerce Types Dr. John P. Abraham Professor, UTPA

UTPA Graduate School Thesis Manual

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA

Starting Your Own Businesspart 1 Dr. John Abraham Professor UTPA

UTPA Procedure for Welds

JAVASCRIPT HOW TO PROGRAM -2 DR. JOHN P. ABRAHAM UTPA

My approach to teach e-commerce Dr. John P. Abraham Professor, UTPA

Gil Penalosa at UTPA

July 24 utpa lori breslow

WPF chapter 15 Dr. John Abraham Professor UTPA. WPF –an introduction WPF provides a single platform capable of handling graphics, audio and video. WPF

Management Function Planning Dr. John P. Abraham UTPA

UTPA Battalion Battle Book

Week1 Architecture - Lecture outline & Assignments Dr. John Abraham UTPA

Internet Applications and Network Programming Dr. Abraham Professor UTPA

21-IP addressing Dr. John P. Abraham Professor UTPA

UTPA – Fall 2011

18-WAN Technologies and Dynamic routing Dr. John P. Abraham Professor UTPA

4-Traditional Internet Applications Dr. John P. Abraham Professor UTPA

UTPA Counseling and Psychological Services University Center 109 381-2574 counseling@utpa

22-Datagram Forwarding Dr. John P. Abraham Professor UTPA

Starting an E-business Dr. John P. Abraham Professor UTPA

UTPA handout

OOP / VB.NET (Chp4) DR. JOHN ABRAHAM UTPA Credit: Partial slides from startvbdotnet.com

UTPA Business Development & Innovation Group

Intro to dot Net Dr. John Abraham UTPA – Fall 09 CSCI 3327

How Computers Work Dr. John P. Abraham Professor UTPA

UTPA Continuing Education Spring 2015 Course Catalog