Internet Investigations

Internet Investigations

1.1. What is a Computer Network?
1.2. Benefits of Computer Networking
1.3. Purpose of Computer Networking

• Data Sharing
• Resource Sharing
• Application Sharing

1.4. Computer Network Architecture

• Peer to Peer Architecture
• Client Server Architecture

1.5. Computer Network Components

• Hardware Components
• Networking Devices
• Software Components

1.6. Types of Computer Networks
1.7. Types of Topology
1.8. Transmission Modes
1.9. The OSI Model
1.10. How data flows through the OSI model
1.11. TCP/IP Model

• Addresses in TCP/IP
• Physical Address (MAC Address)
• IP Addresses
• Binary System
• Binary to Decimal Conversion
• Decimal to Binary Conversion
• How IP address works?
• IP address classes
• Private IP Addresses
• Subnet Mask
• Subnetting
• The IP packets

1.12. TCP / UDP and Ports

• Transmission Control Protocol (TCP)
• User Datagram Protocol (UDP)
• How TCP and UDP work
• Ports

1.13. Extension protocols and network applications

• Address Resolution Protocol (ARP)
• Dynamic Host Configuration Protocol (DHCP)
• Internet Control Message Protocol (ICMP)
• Virtual Local Area Network (VLAN)
• Uniform Resource Locator (URL)
• Domain Name System (DNS)
• Hyper Text Transfer Protocol (HTTP)
• HTTP flood DDoS attack

1.14. Wi-Fi

• How Does Wi-Fi Work?
• Wi-Fi Radio Spectrum
• 802.11 Networking Standards
• Wi-Fi Security Protocols

1.15. Firewalls

• What is a firewall?
• How does a firewall work?
• Types of firewalls

1.16. Intrusion Detection Systems (IDS)

• What Is an Intrusion Detection System?
• Types of Intrusion Detection Systems

1.17. Intrusion Prevention Systems (IPDS)

• What Is an Intrusion Prevention System?
• Types of Intrusion Prevention Systems
• Differences Between IDS and IPS

1.18. Authentication and Authorization

• Role-Based Access Control (RBAC)
• Attribute-Based Access Control (ABAC)
• RBAC vs. ABAC

1.19. VPN
1.20. SIEM
1.21. International Standardization Organizations

(1) ISO
(2) IEEE
(3) IANA
(4) ICANN

2.1. What is OSINT?
2.2. Open-Source Information Categories
2.3. OSINT Types
2.4. Benefits of OSINT
2.5. Challenges of Open-source Intelligence
2.6. OSINT Tools

• OSINT Framework
• Tinfoleak
• Aware-Online
• Technisite
• UK.OSINT

2.7. Search Engines
2.8. Advanced Search Engine Techniques
2.9. Meta Search Engines
2.10. People Search
2.11. Image Search
2.12. Reverse Image Search
2.13. EXIF Data
2.14. Extracting Exif Data from a WordPress Website
2.15. FTP Search
2.16. Data Compromised Repository Websites
2.17. Geolocation and Maps

3.1. Definition of Social Media
3.2. Types of Social Media

• Collaborative Projects
• Blogs and Microblogs
• Location-Based
• Content Communities
• Social Networking Sites
• Virtual Gaming Worlds
• Virtual Social Worlds
• Dating Sites

3.3. Types of Personal Information

• Basic Demographics
• Social Connections and Associates
• Location Data
• Behavior Patterns
• Posted Content

3.4. Finding Information on Social Media

• Search Engines Techniques
• Privacy-Oriented Search Engines
• National Search Engines
• Archive’s Wayback Machine
• Search Anonymously
• Create a Fake Profile
• Use Pretexting
• Other Techniques
• Preserving Social Media Evidence

4.1. Mirror Target Web Site
4.2. Extract the Links
4.3. Check the Target Website’s Backlinks
4.4. Discover Subdomains
4.5. Extract Other Data
4.6. Monitor Website Updates
4.7. Check the Website’s Archived Contents
4.8. Check Default Passwords
4.9. WHOIS Lookup

5.1. What is an e-mail?
5.2. What is e-mail forensics?
5.3. Basic Components of an e-mail
5.4. Parts of an e-mail
5.5. Working and Protocols of E-Mail

• How does e-mail work?
• How does e-mail server work?
• SMTP (Simple Mail Transfer Protocol)
• POP3 (Post Office Protocol)
• IMAP (Internet Message Access Protocol)

5.6. Detailed e-mail architecture

• Responsible Actor Roles

 User Actors
 MHS Actors
 Administrative Actors

• Identities

 Mailbox
 Domain Name
 Message Identifiers (Message ID & ENVID)

• Services and Standards

 Message Data
 Message User Agent (MUA)
 Message Store (MS)
 Mail Submission Agent (MSA)
 Message Transfer Agent (MTA)
 Mail Delivery Agent (MDA)

5.7. E-mail Headers

• What purpose do email headers serve
• E-mail Headers Fields
• X-Headers

5.8. E-mail Investigation

• Obtain a search warrant
• Examine e-mail messages
• Copy and print e-mail messages
• View the e-mail headers

 Viewing an Email Header on Gmail
 Viewing an Email Header on Microsoft Outlook
 Viewing an Email Header on Mozilla Thunderbird
 Viewing an Email Header on iCloud Mail

• Analyze the e-mail headers
• Trace E-mail

 Check E-mail Validity
 Examine the originating IP Address
 Trace back web-based e-mail

• Acquire e-mail achieves

 Content of e-mail archives
 Server Storage archives (MS Exchange, IBM Notes, Novell GroupWise)
 Forensic Acquisition (PST, server level, deleted)

• Examine e-mail logs

 System Logs
 Network equipment logs
 Examining Linux e-mail server logs
 Examining Microsoft Exchange e-mail server logs
 Examining Novell GroupWise e-mail server logs

• Email forensic tools

6.1. Web Categories
6.2. Surface Web versus Deep Web
6.3. Evolution of Hidden Web
6.4. Deep Web
6.5. Dark Web
6.6. Tor
6.7. Cybercriminal Activities in Dark Net
6.8. Dark Web Content Analyzing Techniques
6.9. Extracting Information from Dark Web Contents
6.10. Dark Web Forensics

7.1 Instant message services
7.2 How IM services work
7.3 Chat rooms
7.4 Internet Relay Chat
7.5 Nickname
7.6 Channels
7.7 Malicious code distribution
7.8 Direct Client to Client (DCC) chat
7.9 File server
7.10 Investigative considerations for IM Services, Chat Rooms, and IRC

8.1 File Transfer Protocol
8.2 Peer-to-Peer
8.3 Investigative considerations for file sharing networks
8.4 Complex P2P scenario—proxy server

9.1 Bulletin Board Services
9.2 Message boards
9.3 Listservs
9.4 Newsgroups
9.5 Investigative uses of bulletin boards, message boards, listservs, and newsgroups