X hits on this document

PDF document

Hassel Stacy Jr. Dr. Philip Lunsford ICTN4040 601 04/16/06 - page 2 / 8





2 / 8

Stacy 2

online auction fraud, child exploitation/abuse, computer intrusion, death investigation, domestic

violence, economic fraud such as online fraud and counterfeiting, email threats/harassment/stalking,

extortion, online gambling, identity theft, narcotics, prostitution, software piracy and

telecommunication fraud.

Many of these crimes don't go to trial, especially those in business areas, where computer

forensic evidence often evokes out of court settlements. Another reason these crimes may not go to

trial would be “tainting” of forensic evidence. If a computer involved in a crime and its contents

are examined by anyone other than a trained and experienced computer forensics specialist, the

usefulness and credibility of that evidence will be compromised. Always follow this rule if you

suspect you network has been breached and a cybercrime has been committed: If the suspect computer

or computers are off, leave them off, if they are on, leave them on. Contact your local law

enforcement agency. The agency will send and officer and if deemed necessary a trained computer

forensic examiner.

The examiner will use special tools and follow certain evidence collection procedures. The

forensic examiner's tools usually include operating system utilities (for backups, disk manipulation,

string searches, etc.), data recovery software (to thwart file deletion attempts) file viewers and

Hex editors (to perform Win/Mac data conversion and reveal information contents and patterns) and

commercial firewalls (for network sniffing and port scanning during investigations). There are also

packages which provide assistance for forensic examinations, complete with case management

tracking for procedures, reports and billing. These useful forensic products can be can be obtained

from Danny Mares and Company @ www.dmares.com/maresware/linksto_forensic_tools.htm,

from Computer Crime Research Center and from University of Western Sidney's School of Computing

and Information Technology

Document info
Document views15
Page views15
Page last viewedFri Oct 28 16:45:31 UTC 2016