Security Basics mailing list archives
RE: Computer forensics to uncover illegal internet use
From: "Beauford, Jason" <jbeauford () EightInOnePet com>
Date: Tue, 30 Aug 2005 10:38:48 -0400
It might be beneficial to drop a keylogger on the machine and record data that way. Another neat idea is to put an NTOP box between your gateway and your network. It will record all outgoing/incoming traffic and correlate IP's and MAC addresses. However this will not help you if the employee is not longer employed with your company. If your are doing a forensic investigation you should STOP right where you are and DD image the drive. You should not be doing any work on the actual drive itself. It might be beneficial to resubmit your inquiry to the forensics forum. JMB =| -----Original Message----- =| From: Edmond Chow [mailto:echow () videotron ca] =| Sent: Tuesday, August 30, 2005 10:27 AM =| To: security-basics () securityfocus com; Beauford, Jason =| Cc: Edmond Chow =| Subject: RE: Computer forensics to uncover illegal =| internet use =| =| Good morning Jason, =| =| Thank-you to you and all who responded to me with =| their ideas. I am wondering if there are any =| reference books available that would guide me through =| an investigation of this sort? I am dealing with a =| case involving the viewing of child pornographic =| websites so I want to be careful to follow reference =| guidelines of some sort so that I don't end up in jail myself! =| =| Any help that you can provide in the form of links to =| articles and/or books on this subject would be =| greatly appreciated. =| =| Regards, =| =| =| Edmond =| =|
Current thread:
- RE: Computer forensics to uncover illegal internet use McHenry, Glenn CTO1 (Aug 30)
- Re: Computer forensics to uncover illegal internet use Greg Stiavetti (Aug 30)
- <Possible follow-ups>
- Re: Computer forensics to uncover illegal internet use Mike Sweeney (Aug 30)
- RE: Computer forensics to uncover illegal internet use James McEachern (Aug 30)
- RE: Computer forensics to uncover illegal internet use Beauford, Jason (Aug 30)
- RE: Computer forensics to uncover illegal internet use Edmond Chow (Aug 30)
- Re: Computer forensics to uncover illegal internet use Jason Coombs (Aug 30)
- RE: Computer forensics to uncover illegal internet use CJI Support (Aug 30)
- RE: Computer forensics to uncover illegal internet use Bob Radvanovsky (Aug 31)
- RE: Computer forensics to uncover illegal internet use CJI Support (Aug 30)
- RE: Computer forensics to uncover illegal internet use Brunner, Mark (Aug 30)
- RE: Computer forensics to uncover illegal internet use Beauford, Jason (Aug 30)
- Re: Computer forensics to uncover illegal internet use Dave Aronson (SecBasics) (Aug 30)
- RE: Computer forensics to uncover illegal internet use Craig, Tobin (OIG) (Aug 30)
- RE: Computer forensics to uncover illegal internet use Steve.Cummings (Aug 30)
- RE: Computer forensics to uncover illegal internet use Sadler, Connie (Aug 30)
- RE: Computer forensics to uncover illegal internet use dave kleiman (Aug 31)
- RE: Computer forensics to uncover illegal internet use Robinson, Sonja (Aug 30)
- RE: Computer forensics to uncover illegal internet use Robinson, Sonja (Aug 30)
- RE: Computer forensics to uncover illegal internet use Robinson, Sonja (Aug 30)
- Re: Computer forensics to uncover illegal internet use Jason Coombs (Aug 30)
- RE: Computer forensics to uncover illegal internet use dave kleiman (Aug 31)
(Thread continues...)