Hacker Highschool Security Awarness for teens:8.0 Introduction
Forensics concerns the application of a methodical investigation technique in order to reconstruct a sequence of events. Most people are now familiar with the concept of forensics from TV and films, “CSI ( Crime Scene Investigation )” being one of the most popular. Forensic science was for a long time – and still is really – most associated with Forensic Pathology – finding out how people died. The first recorded description of forensics was on just this subject In 1248, a Chinese book called Hsi DuanYu (the Washing Away of Wrongs) was published. This book describes how to tell if someone has drowned or has been strangled.1 Digital forensics is a bit less messy and a bit less well known. This is the art of recreating what has happened in a digital device. In the past it was restricted to computers only, but now encompasses all digital devices such as mobile phones, digital cameras, and even GPS2 devices. It has been used to catch murderers, kidnappers, fraudsters, Mafia bosses and many other decidedly unfriendly people.
In this lesson, we are going to cover two aspects of forensics (all computer based I'm afraid – no mobile phone stuff here).
1. What people have been up to on their own computer.
This covers
- ...the recovery of deleted files.
- ...elementary decryption.
- ...searching for certain file types.
- ...searching for certain phrases.
- ...looking at interesting areas of the computer.
2. What a remote user has been doing on someone else's computer.
This covers
This covers
- ...reading log files.
- ...reconstructing actions.
- ...tracing the source.
This lesson is going to focus on the tools available under Linux. There are tools that are available under Windows, as well as dedicated software and hardware for doing forensics, but with the capability of Linux to mount and understand a large number of alternate operating and file systems, it is the ideal environment for most forensic operations.
For Download:
For Download:
