Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Microsoft issues temp fix for serious vulnerability

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion
Register FAQ Community Calendar

opinions wanted (computer forensics)
Reply
 
Thread Tools
Old 08-02-2011, 18:54   #1
martyh
Guest
 
Location: newcastle upon tyne
Services: Sky Q silver bundle Sky Q 2TB box Sky Q mini box Sky fibre unlimited Sky Talk evenings and week
Posts: n/a
opinions wanted (computer forensics)

My son has just started a computer forensics degree and has just finished his first asignment ,i understand little of this ,so i wondered if any of the techies on CF would care to give their opinion .I actually found it an interesting read for a not so techie person

http://www.cableforum.co.uk/board/at...1&d=1297190948
Attached Files
File Type: pdf Criminal and forensic investigations assignment.pdf (404.5 KB, 36 views)
  Reply With Quote
Advertisement
Old 08-02-2011, 20:17   #2
Hugh
laeva recumbens anguis
Cable Forum Team
 
Hugh's Avatar
 
Join Date: Jun 2006
Age: 68
Services: Premiere Collection
Posts: 43,472
Hugh has a golden auraHugh has a golden auraHugh has a golden aura
Hugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden aura
Re: opinions wanted (computer forensics)

A question on the non-technical side.

He has put a bibliography at the end - is this to show his depth/width of background reading, or is it to cross-reference his sources (if so, which referencing system has he been requested to use)?
__________________
Thank you for calling the Abyss.
If you have called to scream, please press 1 to be transferred to the Void, or press 2 to begin your stare.

If my post is in bold and this colour, it's a Moderator Request.
Hugh is offline   Reply With Quote
Old 08-02-2011, 20:29   #3
martyh
Guest
 
Location: newcastle upon tyne
Services: Sky Q silver bundle Sky Q 2TB box Sky Q mini box Sky fibre unlimited Sky Talk evenings and week
Posts: n/a
Re: opinions wanted (computer forensics)

Quote:
Originally Posted by Hugh View Post
A question on the non-technical side.

He has put a bibliography at the end - is this to show his depth/width of background reading, or is it to cross-reference his sources (if so, which referencing system has he been requested to use)?
I did ask what were the sources and have they been verified as accurate before he used them and basically the bibliography is to show what his sources were and what he has used as research and also to give credit to the people who wrote them as most are copyrighted ,he was told to use the Harvard system for referencing ,whatever that means ,he seems to know but it's straight over a window fitters head
  Reply With Quote
Old 08-02-2011, 22:34   #4
Hugh
laeva recumbens anguis
Cable Forum Team
 
Hugh's Avatar
 
Join Date: Jun 2006
Age: 68
Services: Premiere Collection
Posts: 43,472
Hugh has a golden auraHugh has a golden auraHugh has a golden aura
Hugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden auraHugh has a golden aura
Re: opinions wanted (computer forensics)

He probably needs to read up on the usage of Harvard Referencing (or ask one of the Uni Library staff to explain it).

If it helps, here's an example of Harvard Referencing (from an essay I wrote last year.....)

In the document text
Quote:
This increase in funding had led to a increase in student numbers nationwide of 44% (Times Higher 2010 THES2), and at the University, student numbers had risen from nn,nnn in 1997 (HESA 1997 H1) to nn,nnn in 2008 (HESA 2008 H2), with a growing willingness amongst the Student population to highlight issues they believed needed to be addressed, such as teaching spaces and provision, and the associated infrastructure and support......

.....Burns (Burns 1978) made the distinction between transactional and transformational leadership, and Bass (Bass 1985) expanded on this. Transactional leaders motivate followers by exchanging or withholding rewards for services rendered, whilst transformational leader move followers upwards on Maslow’s Hierarchy (Maslow 1954), from the needs for safety & security to work for higher goals and self-actualising needs.
In the Bibliography
Quote:
References
Burns, J. M. (1978). Leadership
Bass, B.M (1985) Leadership and Performance Beyond Expectations
Bass, B.M. (1997) Transformational Leadership: Industrial, Military and Educational Impact
Bass, B.M. & Avolio, B.J. (1993) Improving Organisational Effectiveness through Transformational Leadership
Boulding, K.E. (1989) Three Faces of Power
Maslow, A.(1954) Theory of Human Motivation
Nadler, D.A. & Tushman, M.L (1990) Beyond the Charismatic Leader: Leadership and Organisational Change

Web Pages
THES2 – Times Higher Education Supplement 21st January 2010 - http://www.timeshighereducation.co.uk/story.asp?storycode=410110 – date accessed 1st May 2010
H1 - Higher Education Statistics Agency 1997 - Student numbers, line nn - http://www.hesa.ac.uk/dox/dataTables/studentsAndQualifiers/download/institution9798.csv?v=1.0 Accessed 2nd May 2010
H2 - Higher Education Statistics Agency 1997 - Student numbers, line nn - http://www.hesa.ac.uk/dox/dataTables/studentsAndQualifiers/download/institution0809.xls?v=1.0 Accessed 2nd May 2010
You put a short reference to the source author/book/web page/article in brackets next to the quote/reference, and then the full title/year/date accessed in the references section.

Hope this helps.

btw, I notice he had put wikipedia as one of his sources - he probably needs to check if this is acceptable at his institution.
__________________
Thank you for calling the Abyss.
If you have called to scream, please press 1 to be transferred to the Void, or press 2 to begin your stare.

If my post is in bold and this colour, it's a Moderator Request.
Hugh is offline   Reply With Quote
Old 08-02-2011, 22:41   #5
martyh
Guest
 
Location: newcastle upon tyne
Services: Sky Q silver bundle Sky Q 2TB box Sky Q mini box Sky fibre unlimited Sky Talk evenings and week
Posts: n/a
Re: opinions wanted (computer forensics)

Quote:
Originally Posted by Hugh View Post
He probably needs to read up on the usage of Harvard Referencing (or ask one of the Uni Library staff to explain it).

If it helps, here's an example of Harvard Referencing (from an essay I wrote last year.....)

In the document text

In the Bibliography
You put a short reference to the source author/book/web page/article in brackets next to the quote/reference, and then the full title/year/date accessed in the references section.

Hope this helps.

btw, I notice he had put wikipedia as one of his sources - he probably needs to check if this is acceptable at his institution.
Thanks for the advice Hugh i will get him to check on the use of wiki and have another look at the referencing

I suppose that the use of wiki depends on their source which is usually listed at the bottom of the page
  Reply With Quote
Old 09-02-2011, 10:15   #6
gazzae
Inactive
 
gazzae's Avatar
 
Join Date: Jun 2003
Location: Belfast
Age: 45
Posts: 4,594
gazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronze
gazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronzegazzae is cast in bronze
Re: opinions wanted (computer forensics)

The but about MAC computers doesn't make sense, anything on a network will have a MAC address.

Also the bit below doesn't make sense to me...
Quote:
The static IP address change means that the IP addresses changes every
so often so that a hacker can try to put in the IP address but it won’t be the company’s.
gazzae is offline   Reply With Quote
Old 09-02-2011, 11:56   #7
haydnwalker
Inactive
 
Join Date: Jan 2007
Location: Doncaster, S. Yorks.
Age: 42
Services: TV:Sky+, BB:DRL VDSL2 40/10 with Ask4, Phone:Mobile Only
Posts: 2,320
haydnwalker has reached the bronze age
haydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze age
Re: opinions wanted (computer forensics)

He means Dynamic IP addressing in that bit about static...looks like he's got confused

And he's spelt "Abstract" as "Abbstract" in the first page

Computery people will pick up stuff like that and get marked down for not using spell-check
haydnwalker is offline   Reply With Quote
Old 09-02-2011, 11:57   #8
Matty_
cf.geek
 
Join Date: May 2008
Location: Wherever i lay my hat!
Age: 54
Posts: 736
Matty_ has reached the bronze age
Matty_ has reached the bronze ageMatty_ has reached the bronze ageMatty_ has reached the bronze ageMatty_ has reached the bronze ageMatty_ has reached the bronze ageMatty_ has reached the bronze ageMatty_ has reached the bronze age
Re: opinions wanted (computer forensics)

As gazzae states there are a few bits that need amending. Something that could also look good is if he mentioned that the Stuxnet worm used digitally signed files, maybe explain a bit about digital signatures and there uses.
Maybe also state to change the SSID to a unique name, and change the default passwords
He could also expand on the way Anon use DDoS by mentioning the Low Orbit Ion Canon and how this floods a server with hundreds of data packets thus causing it to crash.
Also at the start 2.Introduction should be "without authorisation"

p.s. Forgot to say nice read, well done to the lad...
Matty_ is offline   Reply With Quote
Old 09-02-2011, 12:01   #9
haydnwalker
Inactive
 
Join Date: Jan 2007
Location: Doncaster, S. Yorks.
Age: 42
Services: TV:Sky+, BB:DRL VDSL2 40/10 with Ask4, Phone:Mobile Only
Posts: 2,320
haydnwalker has reached the bronze age
haydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze agehaydnwalker has reached the bronze age
Re: opinions wanted (computer forensics)

also - "unauthorized" is actually "unauthorised" but spell check wouldn't pick that up, because it's the american spelling

---------- Post added at 12:01 ---------- Previous post was at 11:57 ----------

Also - on a bit of an addition, he hasn't mentioned NAT (Network Address Translation) in the bit about unauthorised network access part... NAT is important as it separates external IP's from Internal IPs and is a security feature also.

A company that doesn't use NAT, may give each PC an externally accessible IP address, whereas with NAT, you only need one (or a few) external IP addresses, and so all company computers aren't as easily hacked into.
haydnwalker is offline   Reply With Quote
Old 09-02-2011, 12:32   #10
Pog66
Inactive
 
Join Date: Oct 2008
Location: Huntingdon, Cambs
Age: 59
Services: SKY HD+, BT BB
Posts: 586
Pog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant futurePog66 has a brilliant future
Re: opinions wanted (computer forensics)

There also seems to be a bit of a mismatch between the Introduction which mentions
Quote:
concerned about how employees use the wireless networks to illegally download or to commit any other crimes with authorisation, which would in time damage the company’s reputation
Yet the relevant section talks more about "wardriving" which is suggests passers-by accessing the company wifi rather than employees which is a differant subject altogether. Providing strong encryption and access control will inhibit the wardriver but not stop illegal activity from employees who ARE authorised to use it. . I would mention tools to monitor employees access (Ironport being one example) in this section.

Could also do with some of the technical info being tightened up as mentioned about re: MAC addresses and SSID is not strictly the same as a Network name - but that may be just being pedantic! Also talks quite a bit about WEP but little on WPA which is also heavily used.

Not a bad read though!!
Pog66 is offline   Reply With Quote
Old 09-02-2011, 13:14   #11
Paul
Dr Pepper Addict
Cable Forum Team
 
Paul's Avatar
 
Join Date: Oct 2003
Location: Nottingham
Age: 62
Services: Aquiss FTTP (900M), Sky Q TV, Sky Mobile, Flextel SIP
Posts: 29,582
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Paul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered starsPaul is seeing silvered stars
Re: opinions wanted (computer forensics)

He needs to correct this ;

Quote:
Secondly if the company uses MAC computers you can use MAC filtering. It requires all of the MAC address to be inserted manually but it stops all MAC computers with a disallowed MAC address to enter the Wi-Fi.
He seems to be confusing Mac Computers with MAC addresses and filtering - the two "Macs" are not related. One is a brand of PC, the other is low level Network addressing.
__________________

Baby, I was born this way.
Paul is offline   Reply With Quote
Old 09-02-2011, 13:25   #12
Horace
©Beam Software
 
Join Date: Jan 2004
Location: Teesside
Services: BB (200mbit), 1x V6, iPad, iPhone
Posts: 1,411
Horace has reached the bronze age
Horace has reached the bronze age
Re: opinions wanted (computer forensics)

Quote:
To prevent unauthorized access to the wireless network firstly the password should be
changed to more secure types such as PSK, WPA2 or WPA. This is more reliable then
outdated WEP.
Modified to be technically correct using his own wording :

To prevent unauthorised access to the wireless network firstly the wireless encryption type should be changed to more secure types such as WPA2 or WPA. These are more secure than outdated WEP

PSK is not a completely different encryption type which the quoted statement would imply. PSK (pre-shared key) defines how the WPA key itself is distributed. Without going into the complexities of encryption types and radius servers it would be simpler and correct to state WPA2(PSK) or WPA(PSK) using either TKIP or AES encryption.
Horace is offline   Reply With Quote
Old 09-02-2011, 13:58   #13
jamiefrost
cf.geek
 
Join Date: Feb 2004
Services: V+, XL TV and Phone XXL BB
Posts: 812
jamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpackjamiefrost has a very nice sixpack
Re: opinions wanted (computer forensics)

Just general feedback,

He talks about the use of aircrack for WEP and WAP-PSK, then goes on to say the use of WPA_PSK.

'To prevent unauthorized access to the wireless network firstly the password should be changed to more secure types such as PSK, WPA2 or WPA. This is more reliable then outdated WEP.'

Emphasis is mine.

I think he needs to be clear that aircrack is only good against WPA-PSK where the key is short and a dictionary word. The use of long keys with random letters, numbers and symbols effectively stops the use of aircrack to break the WPA-PSK encryption.

Not totally sure but for WPA it only uses a brute force dictionary attack I think.

HTH

JJ
jamiefrost is offline   Reply With Quote
Old 09-02-2011, 16:33   #14
martyh
Guest
 
Location: newcastle upon tyne
Services: Sky Q silver bundle Sky Q 2TB box Sky Q mini box Sky fibre unlimited Sky Talk evenings and week
Posts: n/a
Re: opinions wanted (computer forensics)

Many thanks guys ,there is some good constructive feedback ,i will get him to read through the posts when he gets in from college
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 05:21.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum