Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Responding to a Brute Force SSH Attack
Attackers are increasing using brute force to try and break into certain network servers by trying popular and random passwords to the accounts of public-facing SSH servers. Jamie Riden of the UK Honeynet Project describes one such attack and the lessons learned.
Persistence of data on storage media
Jamie Ridden discusses the re-use of storage media and how slack space can prevent sensitive data from being completely removed.
Notes On Vista Forensics, Part Two
In part one of this series we looked at the different editions of Vista available and discussed the various encryption and backup features which might be of interest to forensic examiners. In this article we will look at the user and system features of Vista which may (or may not) present new challenges for investigators and discuss the use of Vista itself as a platform for forensic analysis.
Notes On Vista Forensics, Part One
This article, the first in a two-part series, takes a high level look at what we know now about those changes in Windows Vista which seem likely to have the most impact on computer forensic investigations, starting with the built-in encryption, backup, and system protection features.
Wireless Forensics: Tapping the Air - Part Two
This two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part two focuses on the technical challenges for wireless traffic analysis, advanced anti-forensic techniques that could thwart a forensic investigation, and some legal considerations for both the U.S. and Europe.
Wireless Forensics: Tapping the Air - Part One
This two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part one of this article focuses on the technical details and challenges for traffic acquisition, and provides design requirements and best practices for wireless forensics tools.
Packet forensics using TCP
This article looks at TCP packet forensics and examines why sequence and acknowledgement numbers can be useful during an investigation.
Web Browser Forensics, Part 2
Part 2 of this web browser forensics series looks at reconstructing Mozilla Firefox' cache in order to catch an internal hacker using an administrator's account.
Web Browser Forensics, Part 1
This article provides a case study of digital forensics, and investigates incriminating evidence using a user's web browser history.
A Method for Forensic Previews
This article explains the forensic preview process, whereby a production machine is left as undisturbed as possible while it is evaluated for potential intrusion and compromise.