log

user

By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext. Which file do you have to clean to clear the password?

By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext. Which file do you have to clean to clear the password? Option 1 : .bashrc Option 2 : .bash_history Option 3 : .profile Option 4 : .XSession-log 1. .bashrc The .bashrc file may be a script file that’s executed …

By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext. Which file do you have to clean to clear the password? Read More »

Perform-MSSQL-Forensics

Perform MSSQL Forensics

Perform MSSQL Forensics in this SQL server is a Relational Database Management System and is being widely adopted by various organizations to store data associated with the applications. This includes sensitive data related to the web application and users’ accounts in the web application. MSSQL forensics take action when a security incident has occurred and detection and analysis of the malicious activities performed by criminals over the SQL database file are required. A forensic investigator …

Perform MSSQL Forensics Read More »

Different-Types-of-Web-Log-Analyzer

Different Types of Web Log Analyzer

In this article explain Different Types of Web Log Analyzer which is used in forensic investigation. 1. Deep Log Analyzer The Deep Log Analyzer is a web analytics solution for small and medium size websites. It analyzes web site visitors’ behavior and gets the complete website usage statistics in easy steps. Features: It provides website statistics and web analytics reports presentation with interactive navigation and hierarchical view It analyzes logs from popular web servers, such …

Different Types of Web Log Analyzer Read More »

What-is-Apache-web-server-Architecture-in-Forensic-Investigation

What is Apache web server Architecture in Forensic Investigation?

Apache web server Architecture in Forensic Investigation in this the apache web server comprises of a modular approach. It consists of two major components, the Apache Core and the Apache Modules. The Apache Core deals with basic functionalities of the server, such as allocating the requests, maintaining and pooling the connections, etc., while the Apache Modules, which are simply add-ores (used for extending the core functionality of the server), looks after other functions, such as …

What is Apache web server Architecture in Forensic Investigation? Read More »

Understand-IIS-Web-Server-Architecture-in-Forensic-Investigation

Understand IIS Web Server Architecture in Forensic Investigation

Understand IIS Web Server Architecture in Forensic Investigation in this article Internet Information Server ON, a Microsoft-developed application, is a Visual Basic code application that lives on a Web server and responds to requests from the browser. It supports HTTP, HTTPS, FTP, FITS, SMTP, and NNTP. An IIS application uses HTML to present its user interface and uses compiled Visual Basic code to process the requests and respond to events in the browser. IIS for …

Understand IIS Web Server Architecture in Forensic Investigation Read More »

Introduction-to-Web-Application-Forensics

Introduction to Web Application Forensics

Introduction to Web Application Forensics in this the Web applications are programs that exist on a central server permitting a user, who visits a website via the Internet, to submit and retrieve data to and from a database. A web application makes a request through a web server. When the server responds to the request, the web application generates documents of the response for better client/user service. The web documents generated by web applications are …

Introduction to Web Application Forensics Read More »

Gathering-Evidence-from-an-IDS

Gathering Evidence from an IDS

Gathering Evidence from an IDS in this the monitoring network traffic is of prime importance. Organizations install IDSes to monitor intrusions. To capture network traffic, first configure the IDS. However, this is not sufficient as a source of evidence, because the 1DS is incapable of performing integrity checks on log files. In a network investigation, preserving digital evidence is difficult, as the data displayed on screen will remain only for few seconds. The Windows HyperTerminal …

Gathering Evidence from an IDS Read More »

Sample DHCP Audit Log File

Sample DHCP Audit Log File in this DHCP server during a network allocates IP address to a computer during its begin. Therefore, the DHCP server logs contain information regarding the systems that were assigned specific IP addresses by the server, at any given instance. Investigators can examine these logs during forensic examinations. Now DHCP administrators can easily access this data using the built-in logging mechanisms. The DHCP activity log are often read during a text-based …

Sample DHCP Audit Log File Read More »

Analyzing-Firewall-Logs

Analyzing Firewall Logs

Analyzing Firewall Logs provides insight in to the security threats and traffic behavior. In depth analysis of the firewall security logs provides critical network intelligence about attempts to breach security and attacks like virus, trojan, denial of service, etc. From the Network Objects tree, double-click the Security Management Server or Domain Log Server. The General Properties window opens. In the Management tab, select Logging & Status. From the navigation tree, click Logs.  is a simple and free online …

Analyzing Firewall Logs Read More »

Analyzing-Router-Logs-in-Network-Forensic-Investigation

Analyzing Router Logs in Network Forensic Investigation

Analyzing Router Logs in Network Forensic Investigation, in this the investigator collects the logs of a router to examine and determine the details such as IP addresses and the protocols. Redirection of the logs to syslog server is done in the following mariner: #config terminal Logging 192.168.1.1 During any network hacking, or unauthorized access scenarios, all the logs pertaining to the attack will be stored in the compromised device, which may be the router/switch, database, IDS, …

Analyzing Router Logs in Network Forensic Investigation Read More »