Transcript ch 13 File

Computer Security
Fundamentals
by Chuck Easttom
Chapter 13 Cyber Detective
Case study from chapter 12

Jane Doe is the network administrator
responsible for security for a small defense
contractor. Her company does handle some lowlevel classified material. She has implemented a
strong security approach that includes the
following:
■ A firewall has all unneeded ports closed.
■ Virus scanners are placed on all machines.
■ Routers between network segments are secured.
■ All machines have the operating systems patched monthly.
■ Passwords are long, complex, and change every 90 days.

What other recommendations would you make to Jane Doe?
Explain the reasons for each of your recommendations.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
2
Chapter 13 Objectives




Find contact information on the web
Locate court records on the web
Locate criminal records on the web
Use Usenet newsgroups to gather
information
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
3
Introduction

Preceding chapters have examined these
topics:



Identity theft
Hacking
Investigating potential employees
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
4
Introduction (cont.)

Identity theft



Criminals use a small amount of information
to garner more.
Look at Internet techniques for finding
additional information.
Security personnel need to know how this is
done to defend against it.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
5
Introduction (cont.)

Hacking


Obtain information to social engineer or to
guess passwords.
Investigating potential employees


Calling references may not be enough.
Hiring a private detective may be
impractical.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
6
Introduction (cont.)

Network administrators in particular must be
investigated.


The network cannot keep out the person who
set it up.
Information about his past from a source other
than supplied references may affect the hiring
decision.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
7
Introduction (cont.)

The Internet is a valuable investigative tool.



Useful for finding out about potential
employees, babysitters, and so forth.
Much of the information is free.
States have court records online.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
8
Introduction (cont.)

Information is a two-edged sword.




An innocent person may use it for legitimate
investigations.
A less scrupulous person may use it for identity
theft or stalking.
Invasion of privacy has ethical, moral, and
legal ramifications ‫تداعيات‬.
Practice searches on your own name unless
you have written consent.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
9
General Searches

Search to find addresses, phone numbers, or
e-mail addresses







www.yahoo.com
www.infobel.com
www.smartpages.com
www.theultimates.com/white
www.bigfoot.com
www.whowhere.com
www.switchboard.com
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
10
Court Records and Criminal
Checks (cont.)

Civil court records



Civil issues, as well as crimes, may make a
person unsuitable for a particular job.
No centralized Web site for these issues.
Many states and Federal courts offer online
records, for example:

www.oscn.net/applications/oscn/casesearch.asp
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
11
Court Records and Criminal
Checks (cont.)

Other resources

The National Center for State Courts


The Law School at Emory University


www.ncsconline.org/
www.law.emory.edu/FEDCTS/
Public record finder

www.freeprf.com/
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
12
Court Records and Criminal
Checks (cont.)

Other resources

Pacer


The Boost


www.pacer.psc.uscourts.gov/
www.theboost.net/court_records/
State public access

ctl.ncsc.dni.us/publicaccess/
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
13
Court Records and Criminal
Checks (cont.)

Other resources




Prison searches
 www.ancestorhunt.com/prison_search.htm
Federal prison records
 www.bop.gov
Public records
 www.searchsystems.net/
United Kingdom public records
 www.pro.gov.uk
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
14
Usenet






Newsgroups on many subjects.
Use Google “Groups” option.
Anyone can post anything .
Search for potential employees.
Can be an important investigative tool.
Information must be verified elsewhere.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
15
Overview





What is Usenet?
Articles & Distribution
Servers
Newsgroups
Binary Content & Retention Time
What isn’t Usenet?



It isn’t a computer network
It isn’t the internet
It isn’t a large bulletin board system (BBS)
What is Usenet?




Computers communicate through protocols
This is how Usenet is possible
Different from the TCP/IP protocol
Developed in 1980 at the University of North
Carolina and Duke University
Articles



Must include a header and body
Similar to email
Rules for distribution
Article Distribution

Any message contributed
gets sent out and copied to
all servers

The articles are distributed
to every Usenet server
(180,000 as of 1994)
Wikipedia.org

Assigned to a newsgroup
Usenet Servers



Information is decentralized
Similar to a Peer to Peer network (Server
to Server)
Today information is sent through the
internet
www.top1000.org/
Newsgroups








comp.*: computer-related discussions
humanities.*: Fine arts, literature,
and philosophy
misc.*: Miscellaneous topics
news.*: Discussions and
announcements about news (meaning
Usenet, not current events)
rec.*: Recreation and entertainment
sci.*: Science related discussions
soc.*: Social discussions
talk.*: Talk about various
controversial topics
Wikipedia.org
Flooding Algorithm



Used in Usenet and peer-to-peer file sharing
systems
Each node acts as both a transmitter and a
receiver
Each node tries to forward to every neighbor
except the source node
Binary Content



Convert file into 8-bit ASCII values
Restricted to specific newsgroups
Split into segments because of article size
restriction
Wikipedia.org
Parity Files



Used for data recovery
Forward error correction
Allows for verification of data to recover
corrupt or lost data
Retention ‫ استبقاء‬Time



Storage for each group is limited
Retention time started out small
Public servers often have small retention
times
Usenet Traffic


Traffic has increased over time
Most of this is binary content
Wikipedia.org
ISP’s and Usenet


Many offer a Usenet server
Ones that don’t often offer access from
another provider
Who Owns Usenet?



No one controls Usenet
Loose collection of administrators
The software distributes Usenet articles to
every server that’s willing to accept them
Newsreaders



Program used to navigate Usenet
Many newsreaders may access the server at
a time
Newsreaders may do different tasks
Future of Usenet



Not well known among new internet users
Reliant on administrator’s donated disk space
Cost of storage is dropping as Usenet
demand is growing
Importance of Usenet




Precursor ‫ نذير‬to web forums
Internet culture was born on Usenet
Immense repository of files
HW. Describe how can we use Usenet
services in Palestine if possible
Google groups
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
35
Gathering information a bout a
person

Social networks






Facebook
Twitter
Linkedin
Instgam
Chat rooms
Search engines
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
36
Discussion




How can you use facebook to gather
sensitive information about a person
What makes that easy to collect
How to avoid
What other resources can be used to gather
information about persons in PALESTINE
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
37
Summary

The Internet is a valuable investigative
resource



To hackers and identity thieves
To employers of network administrators as
well as babysitters
Periodically check your own identity to see
what information is available.
© 2012 Pearson, Inc.
Chapter 13 Cyber Detective
38