opinions wanted (computer forensics)
08-02-2011, 18:54
|
#1
|
Guest
Location: newcastle upon tyne
Services: Sky Q silver bundle
Sky Q 2TB box
Sky Q mini box
Sky fibre unlimited
Sky Talk evenings and week
Posts: n/a
|
opinions wanted (computer forensics)
My son has just started a computer forensics degree and has just finished his first asignment ,i understand little of this ,so i wondered if any of the techies on CF would care to give their opinion .I actually found it an interesting read for a not so techie person
http://www.cableforum.co.uk/board/at...1&d=1297190948
|
|
|
08-02-2011, 20:17
|
#2
|
laeva recumbens anguis
Cable Forum Team
Join Date: Jun 2006
Age: 68
Services: Premiere Collection
Posts: 43,472
|
Re: opinions wanted (computer forensics)
A question on the non-technical side.
He has put a bibliography at the end - is this to show his depth/width of background reading, or is it to cross-reference his sources (if so, which referencing system has he been requested to use)?
__________________
Thank you for calling the Abyss.
If you have called to scream, please press 1 to be transferred to the Void, or press 2 to begin your stare.
If my post is in bold and this colour, it's a Moderator Request.
|
|
|
08-02-2011, 20:29
|
#3
|
Guest
Location: newcastle upon tyne
Services: Sky Q silver bundle
Sky Q 2TB box
Sky Q mini box
Sky fibre unlimited
Sky Talk evenings and week
Posts: n/a
|
Re: opinions wanted (computer forensics)
Quote:
Originally Posted by Hugh
A question on the non-technical side.
He has put a bibliography at the end - is this to show his depth/width of background reading, or is it to cross-reference his sources (if so, which referencing system has he been requested to use)?
|
I did ask what were the sources and have they been verified as accurate before he used them and basically the bibliography is to show what his sources were and what he has used as research and also to give credit to the people who wrote them as most are copyrighted ,he was told to use the Harvard system for referencing ,whatever that means ,he seems to know but it's straight over a window fitters head
|
|
|
08-02-2011, 22:34
|
#4
|
laeva recumbens anguis
Cable Forum Team
Join Date: Jun 2006
Age: 68
Services: Premiere Collection
Posts: 43,472
|
Re: opinions wanted (computer forensics)
He probably needs to read up on the usage of Harvard Referencing (or ask one of the Uni Library staff to explain it).
If it helps, here's an example of Harvard Referencing ( from an essay I wrote last year.....)
In the document text
Quote:
This increase in funding had led to a increase in student numbers nationwide of 44% (Times Higher 2010 THES2), and at the University, student numbers had risen from nn,nnn in 1997 (HESA 1997 H1) to nn,nnn in 2008 (HESA 2008 H2), with a growing willingness amongst the Student population to highlight issues they believed needed to be addressed, such as teaching spaces and provision, and the associated infrastructure and support......
.....Burns (Burns 1978) made the distinction between transactional and transformational leadership, and Bass (Bass 1985) expanded on this. Transactional leaders motivate followers by exchanging or withholding rewards for services rendered, whilst transformational leader move followers upwards on Maslow’s Hierarchy (Maslow 1954), from the needs for safety & security to work for higher goals and self-actualising needs.
|
In the Bibliography
Quote:
References
Burns, J. M. (1978). Leadership
Bass, B.M (1985) Leadership and Performance Beyond Expectations
Bass, B.M. (1997) Transformational Leadership: Industrial, Military and Educational Impact
Bass, B.M. & Avolio, B.J. (1993) Improving Organisational Effectiveness through Transformational Leadership
Boulding, K.E. (1989) Three Faces of Power
Maslow, A.(1954) Theory of Human Motivation
Nadler, D.A. & Tushman, M.L (1990) Beyond the Charismatic Leader: Leadership and Organisational Change
Web Pages
THES2 – Times Higher Education Supplement 21st January 2010 - http://www.timeshighereducation.co.uk/story.asp?storycode=410110 – date accessed 1st May 2010
H1 - Higher Education Statistics Agency 1997 - Student numbers, line nn - http://www.hesa.ac.uk/dox/dataTables/studentsAndQualifiers/download/institution9798.csv?v=1.0 Accessed 2nd May 2010
H2 - Higher Education Statistics Agency 1997 - Student numbers, line nn - http://www.hesa.ac.uk/dox/dataTables/studentsAndQualifiers/download/institution0809.xls?v=1.0 Accessed 2nd May 2010
|
You put a short reference to the source author/book/web page/article in brackets next to the quote/reference, and then the full title/year/date accessed in the references section.
Hope this helps.
btw, I notice he had put wikipedia as one of his sources - he probably needs to check if this is acceptable at his institution.
__________________
Thank you for calling the Abyss.
If you have called to scream, please press 1 to be transferred to the Void, or press 2 to begin your stare.
If my post is in bold and this colour, it's a Moderator Request.
|
|
|
08-02-2011, 22:41
|
#5
|
Guest
Location: newcastle upon tyne
Services: Sky Q silver bundle
Sky Q 2TB box
Sky Q mini box
Sky fibre unlimited
Sky Talk evenings and week
Posts: n/a
|
Re: opinions wanted (computer forensics)
Quote:
Originally Posted by Hugh
He probably needs to read up on the usage of Harvard Referencing (or ask one of the Uni Library staff to explain it).
If it helps, here's an example of Harvard Referencing (from an essay I wrote last year.....)
In the document text
In the Bibliography
You put a short reference to the source author/book/web page/article in brackets next to the quote/reference, and then the full title/year/date accessed in the references section.
Hope this helps.
btw, I notice he had put wikipedia as one of his sources - he probably needs to check if this is acceptable at his institution.
|
Thanks for the advice Hugh i will get him to check on the use of wiki and have another look at the referencing
I suppose that the use of wiki depends on their source which is usually listed at the bottom of the page
|
|
|
09-02-2011, 10:15
|
#6
|
Inactive
Join Date: Jun 2003
Location: Belfast
Age: 45
Posts: 4,594
|
Re: opinions wanted (computer forensics)
The but about MAC computers doesn't make sense, anything on a network will have a MAC address.
Also the bit below doesn't make sense to me...
Quote:
The static IP address change means that the IP addresses changes every
so often so that a hacker can try to put in the IP address but it won’t be the company’s.
|
|
|
|
09-02-2011, 11:56
|
#7
|
Inactive
Join Date: Jan 2007
Location: Doncaster, S. Yorks.
Age: 42
Services: TV:Sky+, BB:DRL VDSL2 40/10 with Ask4, Phone:Mobile Only
Posts: 2,320
|
Re: opinions wanted (computer forensics)
He means Dynamic IP addressing in that bit about static...looks like he's got confused
And he's spelt "Abstract" as "Abbstract" in the first page
Computery people will pick up stuff like that and get marked down for not using spell-check
|
|
|
09-02-2011, 11:57
|
#8
|
cf.geek
Join Date: May 2008
Location: Wherever i lay my hat!
Age: 54
Posts: 736
|
Re: opinions wanted (computer forensics)
As gazzae states there are a few bits that need amending. Something that could also look good is if he mentioned that the Stuxnet worm used digitally signed files, maybe explain a bit about digital signatures and there uses.
Maybe also state to change the SSID to a unique name, and change the default passwords
He could also expand on the way Anon use DDoS by mentioning the Low Orbit Ion Canon and how this floods a server with hundreds of data packets thus causing it to crash.
Also at the start 2.Introduction should be "without authorisation"
p.s. Forgot to say nice read, well done to the lad...
|
|
|
09-02-2011, 12:01
|
#9
|
Inactive
Join Date: Jan 2007
Location: Doncaster, S. Yorks.
Age: 42
Services: TV:Sky+, BB:DRL VDSL2 40/10 with Ask4, Phone:Mobile Only
Posts: 2,320
|
Re: opinions wanted (computer forensics)
also - "unauthorized" is actually "unauthorised" but spell check wouldn't pick that up, because it's the american spelling 
---------- Post added at 12:01 ---------- Previous post was at 11:57 ----------
Also - on a bit of an addition, he hasn't mentioned NAT (Network Address Translation) in the bit about unauthorised network access part... NAT is important as it separates external IP's from Internal IPs and is a security feature also.
A company that doesn't use NAT, may give each PC an externally accessible IP address, whereas with NAT, you only need one (or a few) external IP addresses, and so all company computers aren't as easily hacked into.
|
|
|
09-02-2011, 12:32
|
#10
|
Inactive
Join Date: Oct 2008
Location: Huntingdon, Cambs
Age: 59
Services: SKY HD+, BT BB
Posts: 586
|
Re: opinions wanted (computer forensics)
There also seems to be a bit of a mismatch between the Introduction which mentions
Quote:
concerned about how employees use the wireless networks to illegally download or to commit any other crimes with authorisation, which would in time damage the company’s reputation
|
Yet the relevant section talks more about "wardriving" which is suggests passers-by accessing the company wifi rather than employees which is a differant subject altogether. Providing strong encryption and access control will inhibit the wardriver but not stop illegal activity from employees who ARE authorised to use it. . I would mention tools to monitor employees access (Ironport being one example) in this section.
Could also do with some of the technical info being tightened up as mentioned about re: MAC addresses and SSID is not strictly the same as a Network name - but that may be just being pedantic! Also talks quite a bit about WEP but little on WPA which is also heavily used.
Not a bad read though!!
|
|
|
09-02-2011, 13:14
|
#11
|
Dr Pepper Addict
Cable Forum Team
Join Date: Oct 2003
Location: Nottingham
Age: 62
Services: Aquiss FTTP (900M), Sky Q TV, Sky Mobile, Flextel SIP
Posts: 29,582
|
Re: opinions wanted (computer forensics)
He needs to correct this ;
Quote:
Secondly if the company uses MAC computers you can use MAC filtering. It requires all of the MAC address to be inserted manually but it stops all MAC computers with a disallowed MAC address to enter the Wi-Fi.
|
He seems to be confusing Mac Computers with MAC addresses and filtering - the two "Macs" are not related. One is a brand of PC, the other is low level Network addressing.
__________________
Baby, I was born this way.
|
|
|
09-02-2011, 13:25
|
#12
|
©Beam Software
Join Date: Jan 2004
Location: Teesside
Services: BB (200mbit), 1x V6, iPad, iPhone
Posts: 1,411
|
Re: opinions wanted (computer forensics)
Quote:
To prevent unauthorized access to the wireless network firstly the password should be
changed to more secure types such as PSK, WPA2 or WPA. This is more reliable then
outdated WEP.
|
Modified to be technically correct using his own wording :
To prevent unauthorised access to the wireless network firstly the wireless encryption type should be changed to more secure types such as WPA2 or WPA. These are more secure than outdated WEP
PSK is not a completely different encryption type which the quoted statement would imply. PSK (pre-shared key) defines how the WPA key itself is distributed. Without going into the complexities of encryption types and radius servers it would be simpler and correct to state WPA2(PSK) or WPA(PSK) using either TKIP or AES encryption.
|
|
|
09-02-2011, 13:58
|
#13
|
cf.geek
Join Date: Feb 2004
Services: V+, XL TV and Phone
XXL BB
Posts: 812
|
Re: opinions wanted (computer forensics)
Just general feedback,
He talks about the use of aircrack for WEP and WAP-PSK, then goes on to say the use of WPA_PSK.
'To prevent unauthorized access to the wireless network firstly the password should be changed to more secure types such as PSK, WPA2 or WPA. This is more reliable then outdated WEP.'
Emphasis is mine.
I think he needs to be clear that aircrack is only good against WPA-PSK where the key is short and a dictionary word. The use of long keys with random letters, numbers and symbols effectively stops the use of aircrack to break the WPA-PSK encryption.
Not totally sure but for WPA it only uses a brute force dictionary attack I think.
HTH
JJ
|
|
|
09-02-2011, 16:33
|
#14
|
Guest
Location: newcastle upon tyne
Services: Sky Q silver bundle
Sky Q 2TB box
Sky Q mini box
Sky fibre unlimited
Sky Talk evenings and week
Posts: n/a
|
Re: opinions wanted (computer forensics)
Many thanks guys ,there is some good constructive feedback ,i will get him to read through the posts when he gets in from college
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +1. The time now is 05:21.
|