Internet Evidence Finder Report

Total Page:16

File Type:pdf, Size:1020Kb

Internet Evidence Finder Report Patrick Leahy Center for Digital Investigation (LCDI) Internet Evidence Finder Report Written and Researched by Nick Murray 175 Lakeside Ave, Room 300A Phone: 802/865-5744 Fax: 802/865-6446 http://www.lcdi.champlin.edu July 2013 IEF Report 6/28/2013 Page 1 of 33 Patrick Leahy Center for Digital Investigation (LCDI) Disclaimer: This document contains information based on research that has been gathered by employee(s) of The Senator Patrick Leahy Center for Digital Investigation (LCDI). The data contained in this project is submitted voluntarily and is unaudited. Every effort has been made by LCDI to assure the accuracy and reliability of the data contained in this report. However, LCDI nor any of our employees make no representation, warranty or guarantee in connection with this report and hereby expressly disclaims any liability or responsibility for loss or damage resulting from use of this data. Information in this report can be downloaded and redistributed by any person or persons. Any redistribution must maintain the LCDI logo and any references from this report must be properly annotated. Contents Introduction ............................................................................................................................................................. 5 Prior Work: .......................................................................................................................................................... 7 Purpose and Scope: ............................................................................................................................................. 7 Research Questions: ............................................................................................................................................ 7 Methodology and Methods ..................................................................................................................................... 7 Reference Set: ................................................................................................................................................... 10 1 Software ......................................................................................................................................................... 10 2 Equipment ...................................................................................................................................................... 11 2.1 Write Blocker ......................................................................................................................................... 11 Results ................................................................................................................................................................... 11 IEF Report ......................................................................................................................................................... 12 Chat ................................................................................................................................................................... 13 AIM ............................................................................................................................................................... 14 Google Talk ................................................................................................................................................... 14 ICQ ................................................................................................................................................................ 14 MIRC ............................................................................................................................................................. 14 ooVoo ............................................................................................................................................................ 15 Skype ............................................................................................................................................................. 15 Trillian ........................................................................................................................................................... 17 Yahoo Messenger .......................................................................................................................................... 17 Cloud ................................................................................................................................................................. 18 Dropbox ......................................................................................................................................................... 18 IEF Report 6/28/2013 Page 2 of 33 Patrick Leahy Center for Digital Investigation (LCDI) Flickr .............................................................................................................................................................. 19 Google Docs .................................................................................................................................................. 19 Google Drive ................................................................................................................................................. 20 Google Drive Desktop App ........................................................................................................................... 20 Skydrive ......................................................................................................................................................... 21 Email ................................................................................................................................................................. 22 Gmail Fragments ........................................................................................................................................... 22 Gmail Webmail.............................................................................................................................................. 23 Hotmail Webmail .......................................................................................................................................... 23 Yahoo Webmail ............................................................................................................................................. 24 Mobile Backups................................................................................................................................................. 24 iOS backup .................................................................................................................................................... 24 Web History ...................................................................................................................................................... 24 Google Chrome.............................................................................................................................................. 24 Firefox ........................................................................................................................................................... 25 Internet Explorer ............................................................................................................................................ 26 Opera ............................................................................................................................................................. 26 Safari .............................................................................................................................................................. 27 Peer to Peer........................................................................................................................................................ 27 torrent File Fragments ................................................................................................................................... 27 Ares search keywords .................................................................................................................................... 27 Emule Search Keywords ............................................................................................................................... 28 Limewire/Frostwire ....................................................................................................................................... 28 Social Networking ............................................................................................................................................. 29 Bebo ............................................................................................................................................................... 29 Facebook Chat ............................................................................................................................................... 30 Facebook Pages ............................................................................................................................................. 30 Google+ ......................................................................................................................................................... 30 LinkedIn......................................................................................................................................................... 30 MySpace .......................................................................................................................................................
Recommended publications
  • Uila Supported Apps
    Uila Supported Applications and Protocols updated Oct 2020 Application/Protocol Name Full Description 01net.com 01net website, a French high-tech news site. 050 plus is a Japanese embedded smartphone application dedicated to 050 plus audio-conferencing. 0zz0.com 0zz0 is an online solution to store, send and share files 10050.net China Railcom group web portal. This protocol plug-in classifies the http traffic to the host 10086.cn. It also 10086.cn classifies the ssl traffic to the Common Name 10086.cn. 104.com Web site dedicated to job research. 1111.com.tw Website dedicated to job research in Taiwan. 114la.com Chinese web portal operated by YLMF Computer Technology Co. Chinese cloud storing system of the 115 website. It is operated by YLMF 115.com Computer Technology Co. 118114.cn Chinese booking and reservation portal. 11st.co.kr Korean shopping website 11st. It is operated by SK Planet Co. 1337x.org Bittorrent tracker search engine 139mail 139mail is a chinese webmail powered by China Mobile. 15min.lt Lithuanian news portal Chinese web portal 163. It is operated by NetEase, a company which 163.com pioneered the development of Internet in China. 17173.com Website distributing Chinese games. 17u.com Chinese online travel booking website. 20 minutes is a free, daily newspaper available in France, Spain and 20minutes Switzerland. This plugin classifies websites. 24h.com.vn Vietnamese news portal 24ora.com Aruban news portal 24sata.hr Croatian news portal 24SevenOffice 24SevenOffice is a web-based Enterprise resource planning (ERP) systems. 24ur.com Slovenian news portal 2ch.net Japanese adult videos web site 2Shared 2shared is an online space for sharing and storage.
    [Show full text]
  • Forescout Counteract® Endpoint Support Compatibility Matrix Updated: October 2018
    ForeScout CounterACT® Endpoint Support Compatibility Matrix Updated: October 2018 ForeScout CounterACT Endpoint Support Compatibility Matrix 2 Table of Contents About Endpoint Support Compatibility ......................................................... 3 Operating Systems ....................................................................................... 3 Microsoft Windows (32 & 64 BIT Versions) ...................................................... 3 MAC OS X / MACOS ...................................................................................... 5 Linux .......................................................................................................... 6 Web Browsers .............................................................................................. 8 Microsoft Windows Applications ...................................................................... 9 Antivirus ................................................................................................. 9 Peer-to-Peer .......................................................................................... 25 Instant Messaging .................................................................................. 31 Anti-Spyware ......................................................................................... 34 Personal Firewall .................................................................................... 36 Hard Drive Encryption ............................................................................. 38 Cloud Sync ...........................................................................................
    [Show full text]
  • Mercy College Student Handbook Each Year and on the College’S Intranet
    STUDENT HANDBOOK 2020-2021 w w TABLE OF CONTENTS MERCY COLLEGE Soliciting or Commercial Activity .................................... 22 A Message from the President .......................................... 2 Mercy College Policies .................................................... 22 History ............................................................................... 3 Code of Student Conduct ............................................... 23 Objectives .......................................................................... 3 Code of Conduct for Residential Life Students ............... 25 Accreditations.................................................................... 4 Residential Area Guest Policy ......................................... 27 Disclaimer .......................................................................... 4 Quiet Hours Policy .......................................................... 28 General Standards of Conduct .......................................... 5 Inspections ...................................................................... 28 Notice of Non-Discrimination ............................................ 5 Fire Safety ....................................................................... 28 Sanctions for Code of Conduct Violations ...................... 29 ACADEMIC SUPPORT AND OTHER COLLEGE SERVICES Student Judicial Process ................................................. 31 Academic Advising ............................................................. 6 Division of Student Affairs ................................................
    [Show full text]
  • Frequently Asked Questions
    Copyright & File-Sharing FREQUENTLY ASKED QUESTIONS WHAT IS COPYRIGHT? BUT I BOUGHT IT. WHY CAN’T I SHARE IT? WHAT CAN I DO TO AVOID COPYRIGHT Copyright refers to the legal rights creators have There is a difference between using and distributing INFRINGEMENT? over the use, distribution, and reproduction of copyrighted materials. Purchasing songs, movies, or Download content from legitimate sources and do original work (music, movies, software, etc.). software from legitimate sources does not give you the not share copyrighted materials online. Uninstall Copyright infringement is the unlawful use of any right to share these materials over the Internet or make P2P applications (e.g., Popcorn Time, BitTorrent, material protected under copyright law. Common copies for others. When you purchase a Peer-to-Peer Vuze), which may be sharing your files without violations include downloading ‘pirated’ copies of (P2P) program (e.g., Frostwire, BitTorrent, Vuze), you your knowledge. Do not share your NetID and copyrighted materials or sharing files not intended only buy the software, not any files you download or password with anyone. Keep your computer for you to distribute. share using this software. up-to-date with the latest security patches and anti-virus software. HOW DO I KNOW IT’S COPYRIGHTED? DOES UMASS IT MONITOR MY INTERNET Assume all materials are copyright-protected CONNECTION? HOW CAN I LEGALLY DOWNLOAD CONTENT? unless you created them or you have received the No. We do not monitor the contents of your computer Services like Amazon, iTunes, and eMusic offer author’s explicit permission to distribute them. All or issue copyright complaints.
    [Show full text]
  • Pledge of Compliance of the Information Security Policy of Nagoya University
    For submission Pledge of Compliance of the Information Security Policy of Nagoya University To the Director of Information and Communications Headquarters 1. As a member of the academic community of Nagoya University, I will carefully read the following two documents and hereby pledge to comply with the rules, regulations and guidelines specified therein. a. The Information Security Policy of Nagoya University (*1) b. The Network Usage Guidelines (User Information) of Nagoya University (*2) 2. I promise to take the “e-Learning Training Course on Information Security” (*3) within one month after enrollment. Examinee's number Date: School / Graduate School: Department: Name: Signature: Notice: Users who violate the Information Security Policy of Nagoya University and/or the Network Usage Guidelines (User Information) of Nagoya University may be subject to disciplinary action according to the Nagoya University General Rules, the Nagoya University Student Discipline Rules, etc. Downloading illegally distributed music and/or movie files is an infringement of copyright law. Those who download files illegally will be liable for compensation damages. Nagoya University will prohibit any illegal downloading of files through its computers and/or network. Nagoya University prohibits the use of file sharing software such as Winny, WinMX, Share, Gnutella (Cabos, LimeWire, Shareaza, etc.) and Xunlei. * If the use of said software is required for education or research purposes, prior approval by the Information and Communications Headquarters is mandatory. If users fail to take the “e-Learning Training Course on Information Security” within one month after enrollment or if they do not successfully complete the course, their access to the Nagoya University Portal, Nagoya University Mail, the Information Media System, and the Wireless LAN (NUWNET) will be suspended.
    [Show full text]
  • Illegal File Sharing Notice Notice Is Sent to All Enrolled Students Via Email
    Illegal File Sharing Notice Notice is sent to all enrolled students via email. Sample notification: Do YOU know the risks of illegal file sharing? The Recording Industry Association of America, the Motion Picture Association of America, the TV networks like NBC and ABC and other copyright holders will find you and sue you for illegal file sharing! It has happened to students here on campus, so don’t think that this won’t happen to you! Are YOU ready to pay $3,000 to $5,000 for illegally file sharing music, movies, software, etc.? Copyright law allows a copyright holder to sue someone who violates their rights for up to $150,000 per song, movie or TV episode. Students who have been fined at UWSP settled out of court for between $3,000 and $5,000. No one has that kind of cash just sitting around, so how can you avoid these fines? 1. Do NOT use peer‐to‐peer (P2P) file sharing programs like LimeWire, FrostWire, BitTorrent, Ares or Bearshare. 2. Educate yourself about illegal downloading and file sharing at: http://library.uwsp.edu/guides/Copyright/filesharing.htm 3. Use legal music, video and TV sites listed on this web site: http://www.educause.edu/Resources/Browse/LegalDownloading/33381 Here is what happens if YOU get caught for illegal file sharing on the UWSP campus: If you are a student caught while using our Residential Network, the campus wireless network or the campus wired network such as in a computer lab, you will lose your ability to use the Internet on campus for 7 days for a first offense.
    [Show full text]
  • Downloading Music & Illegal File Sharing
    DOWNLOADING MUSIC & ILLEGAL FILE SHARING Under the Digital Millennium Copyright Act of 1998, California State University, Chico is required to take steps to expeditiously remove or disable access to any copyrighted material being shared illegally from within its network Illegal file-sharing and other copyright violations are a violation of Title 5 of the California Code of Regulations. What is illegal file sharing? Using file sharing programs such as LimeWire, BitTorrent, Ares, and eMule to share or obtain copyrighted music, movies, games, and other software without the permission of the copyright holder is illegal. Organizations such as the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), the Entertainment Software Association (ESA), and others monitor file sharing systems on the Internet. When they discover an instance of illegal file sharing that is originating from within Chico State’s network, they will send an official notice to the University. Upon receipt of this notice, the University must take action to stop copyright infringement from occurring on its network. What are the consequences? If you illegally share copyrighted files: Your ResNet network privileges will be suspended. You may have to pay at least $3,000 in a settlement with the copyright holder! Repeat offenders will face disciplinary action with Student Judicial Affairs. First-time offenders will be directed to a warning web page and will be notified via an email to his/her Wildcat Mail account. It will be your responsibility to follow the instructions on the warning page. Repeat offenders will lose their network privileges indefinitely and face further disciplinary action.
    [Show full text]
  • Connection Manual for Student Residence Hall Network System
    Connection Manual for Student Residence Hall Network System Academic Computing and Communications Center April 1, 2013 This manual describes the use of the Student Residence Hall Network System. You will receive your user name (printed on the back of your student ID card) and password during the university enrollment procedures. Please be aware that you will not be able to use the network system before that. Furthermore, even if you make inquiries beforehand, you will not receive your user name and password. You can find more details about the user name and password at the following URL: https://account.tsukuba.ac.jp/index-e.html (English) Please make sure you respect the important points below before using the Student Residence Hall Network System. □ The use of peer-to-peer file sharing software (Xunlei, Torrent, eMule, Limewire etc.) is strictly prohibited in our university. □ Do not illegally download or upload any kind of copyrighted material. □ Please enroll in the “INFOSS 情報倫理” (“INFOSS information ethics”) course offered by the e-learning system (moodle) of the University of Tsukuba. □ Do not use any wireless LAN device or broadband router in a student residence hall. Such a device may cause other users to lose their network connection (more than 45 problems were caused by such instances in the first half of the last year). □ Please install the antivirus software provided by our university (each student can install this software on one device). □ The Academic Computing and Communications Center cannot offer support on weekends or during the night time. However, a help desk offering support for connecting to the university network is open for a limited time for newly enrolled students (details can be found on the last page).
    [Show full text]
  • Stellar Bitraser File Eraser(2 MB, PDF)
    BITRASER FILE ERASER Wipe Files Beyond Recovery Secure File Erasure Software For Safeguarding Privacy BitRaser File Eraser DIY software for permanent wiping of sensitive files, web browsing history, app & system traces, & deleted files from laptop, desktops, and external storage media. Wipe sensitive files across devices. Ensure data safety! BitRaser File Eraser is a simple & powerful software for safeguarding data through secure wiping of sensitive files on Windows systems. The tool is ideal for anyone who uses a computer and wants to secure themselves from data breach or leakage threats. Erase files & folders Wipe identity Erase web browsing from Windows PC and documents, tax records, history from Chrome, external storage, etc. photos & videos, etc. Mozilla, Safari, etc. Available for: Know more © Copyright Stellar Information Technology Pvt. Ltd. All Trademarks Acknowledged. www.stellarinfo.com BITRASER FILE ERASER WIPES ALL TYPES OF SENSITIVE FILES ERASES ALL DEVICES & DRIVES Erases photos, videos, tax records, social security Wipes Windows PC, USB flash drives, external number, credit card statement, personal health HDD, SD Card & even files stored on servers. records, official documents and more. CLEARS WEB BROWSING HISTORY REMOVES APPLICATION TRACES TRACES Erases browsing history, cookies, temporary files, Removes activity logs, preferences, etc. generated favorites, etc. Supports Chrome, Mozilla, Safari, IE, with use of News apps, Instant Messengers, Email Microsoft Edge, Opera, & SeaMonkey. apps, Peer to Peer apps, & more. ERASES THE DELETED FILES SCHEDULES THE ERASURE TASKS Wipes the deleted files from system by erasing the Allows to preset & run wiping tasks based on time, day unused space freed up after deletion. Secures & frequency. You can choose specific files for wiping against retrieval of sensitive deleted files.
    [Show full text]
  • What You Need to Know About Copyright Infringement October 2, 2018 Dear Student, the Higher Education Opportunity Act of 2008 Re
    What You Need to Know About Copyright Infringement October 2, 2018 Dear Student, The Higher Education Opportunity Act of 2008 requires all colleges and universities to inform students of the possible consequences of copyright infringement as outlined by the Digital Millennium Copyright Act (DMCA). How the DMCA Affects Wake Forest University The Digital Millennium Copyright Act protects the rights of owners of copyrighted digital material. By providing students online access to the Wake Forest University’s computing network(s), including Internet access, the University is considered an Internet Service Provider (ISP). The DMCA requires an ISP to expeditiously respond to complaints it receives of copyright infringements over its networks. Potential Legal Penalties for Federal Copyright Law Violations Violation of the DMCA can result in severe civil or criminal penalties. University action taken to stop copyright violation, including disciplinary measures, does not protect the individual infringer from civil or criminal prosecution from the copyright owner or the authorities. Illegal Music Downloading Complaints Filed by Entertainment Entities Most copyright infringement cases reported to Wake Forest Information Systems are associated with illegal music downloading. Other common types of copyright infringement cases at Wake Forest involve the illegal downloading or sharing of movies, videos, and software including gaming software. Risks Associated with Illegal File Sharing Using peer-to-peer file sharing programs that share copyrighted material such as music, movies and software put you at risk of obtaining viruses, spyware or other malicious software that can corrupt your computer and damage your data. Peer-to-peer file sharing programs include Popcorn View, Popcorn Time, Vuze, uTorrent, BitTorrent, LimeWire, BitComet, and FrostWire.
    [Show full text]
  • Detecting and Tracing Copyright Infringements in P2P Networks John Mee and Paul A
    Detecting and Tracing Copyright Infringements in P2P Networks John Mee and Paul A. Watters Postgraduate Professional Development Program, Division of Information and Communication Sciences,, Macquarie University NSW 2109, AUSTRALIA <[email protected]> Abstract of the United States Code, and the Copyright Act of 1968 in Australia). Peer-to-Peer (P2P) file trading is a popular Rights are granted over reproduction of works “in medium for copyright infringement. There exists a any form”. The treaty grants any work, by its very misconception in legal and executive circles that this existence, first rights to its author, and as negotiated form of copyright infringement is undetectable and between the subsequent owners thereafter. As such any untraceable. This paper demonstrates how we can file transmitted over a peer-to-peer network has rights detect the majority of copyrighted material for existing applicable to its reproduction. However, there does not P2P networks (FastTrack and Gnutella) using a exist a technical means to determine whether a specific scalable algorithm. instance of reproduction is authorized. Consequently, it is impossible to determine whether 1. Introduction a reproduction (such as a file transfer in a P2P The goal of this study is to provide a technical network) automatically manifests a copyright rebuttal to the legal perception that P2P file sharing is infringement. The burden lies on the copyright holder not traceable or detectable. We hope this assists to identify each specific form of the work (such as a lawmakers, copyright holders and Internet service file), and to assert their exclusive authority to providers to develop technically sound strategies to reproduce it.
    [Show full text]
  • Openbazaar Is a Decentralized Commerce System
    SED 457 Transcript EPISODE 457 [INTRODUCTION] [0:00:00.3] JM: Cryptocurrencies give us a decentralized financial system. OpenBazaar is a decentralized commerce system. A merchant can log on to OpenBazaar and post a listing for an item. For example, a t-shirt that I want to sell for $15. My item listing will spread throughout the OpenBazaar, peer-to-peer network. A shopper can download the OpenBazaar desktop application and see my listing for a t-shirt. The shopper can pay me $15 in Bitcoin and I will send the t-shirt to their address. If I were selling that shirt on Amazon, the corporation would take a cut of that transaction. OpenBazaar has no transaction costs, so users get to save some money. However, users also miss out on the benefits of a corporate marketplace. Amazon makes sure that the seller will send the item to the buyer and makes sure that the buyer pays the seller. On OpenBazaar an escrow system is needed to place money in the hands of a neutral third party until the goods are delivered. Amazon ensures that the distributor sends the item to the customer. On OpenBazaar, users need to figure out how to send those goods to each other. Brian Hoffman was the first developer to start working on OpenBazaar, and the project has grown significantly since his initial commit. OpenBazaar now has buyers and sellers and open source committers, and there’s a clear desire for an open system of commerce. Brian is also the CEO of OB1, a company that provides services on top of OpenBazaar.
    [Show full text]