server

Understand-Web-Applications-Architecture-in-Forensic-Investigation

Understand Web Applications Architecture in Forensic Investigation

Leave a Comment / CHFI, Knowledge Base / By

Understand Web Applications Architecture in Forensic Investigation in this all web applications are executed via a support client, i.e. a web browser. Web applications use a group of client-side scripts, such as HTML, JavaScript, etc., which presents the information, and the server-side scripts, such as ASP, PHP, etc., which handles the hardware tasks such as storing and gathering of the required data, are used by the web application for its execution. In the web application …

Understand Web Applications Architecture in Forensic Investigation Read More »

Introduction-to-Web-Application-Forensics

Introduction to Web Application Forensics

Leave a Comment / CHFI / By

Introduction to Web Application Forensics in this the Web applications are programs that exist on a central server permitting a user, who visits a website via the Internet, to submit and retrieve data to and from a database. A web application makes a request through a web server. When the server responds to the request, the web application generates documents of the response for better client/user service. The web documents generated by web applications are …

Introduction to Web Application Forensics Read More »

Sample DHCP Audit Log File

Leave a Comment / CHFI, Knowledge Base / By

Sample DHCP Audit Log File in this DHCP server during a network allocates IP address to a computer during its begin. Therefore, the DHCP server logs contain information regarding the systems that were assigned specific IP addresses by the server, at any given instance. Investigators can examine these logs during forensic examinations. Now DHCP administrators can easily access this data using the built-in logging mechanisms. The DHCP activity log are often read during a text-based …

Sample DHCP Audit Log File Read More »

Analyzing-Firewall-Logs

Analyzing Firewall Logs

Leave a Comment / CHFI, Knowledge Base / By

Analyzing Firewall Logs provides insight in to the security threats and traffic behavior. In depth analysis of the firewall security logs provides critical network intelligence about attempts to breach security and attacks like virus, trojan, denial of service, etc. From the Network Objects tree, double-click the Security Management Server or Domain Log Server. The General Properties window opens. In the Management tab, select Logging & Status. From the navigation tree, click Logs.  is a simple and free online …

Analyzing Firewall Logs Read More »

Understand-Log-Capturing-and-Analysis-Tools

Understand Log Capturing and Analysis Tools

Leave a Comment / CHFI / By

Understand Log Capturing and Analysis Tools in this article explain different types of log capturing tools and analysis tools which are used in forensic investigation. Log Capturing and Analysis Tools Features: Analysis of log data, including SNMP traps, Windows event logs, W3C logs, text-based logs, Syslog, SQL Servers, and Oracle audit logs Provides specific reports for some of the major compliance acts as well as other standard reports Filter-enabled charts provide access to the important …

Understand Log Capturing and Analysis Tools Read More »

Centralized-Logging

What is Centralized Logging?

Leave a Comment / CHFI / By

Centralized Logging is defined as a gathering of the computer system logs for a group of systems in a centralized location. All network logs are stored on a centralized server or computer, which helps administrators perform easy backup and retrieval. It allows the administrator to check logs on each system on a regular basis. It is used to efficiently monitor computer system logs with the frequency required to detect security violations and unusual activity. Centralized …

What is Centralized Logging? Read More »

Understand-Log-File-Accuracy

Understand Log File Accuracy

Leave a Comment / CHFI / By

Understand Log File Accuracy in this during forensic investigation, log files provide a valuable source of evidence. Since these log files act as evidence in court, investigators should ensure that the files are accurate. Without following certain guidelines while collecting and preserving the log files, they will not be acceptable as valid evidence in the court. Therefore, investigators should follow the above mentioned steps to maintain the log file accuracy. Log Everything Configure the web …

Understand Log File Accuracy Read More »

Introduction-of-Windows-Forensics

Introduction of Windows Forensics

Leave a Comment / CHFI / By

Windows Forensics, include the process of conducting or performing forensic investigations of systems which run on Windows operating systems, It includes analysis of incident response, recovery, and auditing of equipment used in executing any criminal activity. In order to accomplish such intricate forensic analyses, the investigators should possess extensive knowledge of the Microsoft Windows operating systems. This module will discuss about collecting volatile and non-volatile information; performing windows memory and registry analysis; cache, cookie, and …

Introduction of Windows Forensics Read More »

Understand-Microsoft-Authentication

Understand Microsoft Authentication

1 Comment / CHFI, Knowledge Base / By

Understand Microsoft Authentication in this article When users log in to the Windows pc, a series of steps is performed for user authentication. The Windows OS authenticates its users with the help of 3 mechanisms (protocols) provided by the Microsoft. SAM database Windows uses the sam info to manage user accounts and passwords within the hashed format (one-way hash). The system doesn’t store the passwords in plaintext format however stores them in hashed format in …

Understand Microsoft Authentication Read More »