Knowledge Base

ISO-27001-Annex-12-Operations-Security-infosavvy

ISO 27001 Annex : 12 Operations Security

ISO 27001 Annex : 12 Operations Security in this article explain Operational procedures and responsibilities, Documented Operating Procedures, Change Management & Separation of Development, Testing and Operational Environments. A.12.1  Operational procedures and responsibilities Its objective is to ensure that information processing facilities operate correctly and securely. A.12.1.1  Documented Operating Procedures Control-Operating procedures should be documented and accessed by all users in need. Implementation Guidance- Documented procedures for operating information processing and communications facility activities should …

ISO 27001 Annex : 12 Operations Security Read More »

Perform-MSSQL-Forensics

Perform MSSQL Forensics

Perform MSSQL Forensics in this SQL server is a Relational Database Management System and is being widely adopted by various organizations to store data associated with the applications. This includes sensitive data related to the web application and users’ accounts in the web application. MSSQL forensics take action when a security incident has occurred and detection and analysis of the malicious activities performed by criminals over the SQL database file are required. A forensic investigator …

Perform MSSQL Forensics Read More »

Understand-IP-Address-Locating-Tools

Understand IP Address Locating Tools

Understand IP Address Locating Tools in this article explain types of tools which using for ip address location in forensic investigation. and also explain WHOIS lookup tools. 1. SmartWhois SmartWhois may be a network information utility that permits you to seem up all the available information about an IP address, hostname or domain, name of the network provider, administrator and technical support contact information. It supports Internationalized Domain Names (IDNs) and also fully supports IPv6 …

Understand IP Address Locating Tools Read More »

Different-Types-of-Web-Log-Analyzer

Different Types of Web Log Analyzer

In this article explain Different Types of Web Log Analyzer which is used in forensic investigation. 1. Deep Log Analyzer The Deep Log Analyzer is a web analytics solution for small and medium size websites. It analyzes web site visitors’ behavior and gets the complete website usage statistics in easy steps. Features: It provides website statistics and web analytics reports presentation with interactive navigation and hierarchical view It analyzes logs from popular web servers, such …

Different Types of Web Log Analyzer Read More »

Understand-Web-Applications-Architecture-in-Forensic-Investigation

Understand Web Applications Architecture in Forensic Investigation

Understand Web Applications Architecture in Forensic Investigation in this all web applications are executed via a support client, i.e. a web browser. Web applications use a group of client-side scripts, such as HTML, JavaScript, etc., which presents the information, and the server-side scripts, such as ASP, PHP, etc., which handles the hardware tasks such as storing and gathering of the required data, are used by the web application for its execution. In the web application …

Understand Web Applications Architecture in Forensic Investigation Read More »

Gathering-Evidence-from-an-IDS

Gathering Evidence from an IDS

Gathering Evidence from an IDS in this the monitoring network traffic is of prime importance. Organizations install IDSes to monitor intrusions. To capture network traffic, first configure the IDS. However, this is not sufficient as a source of evidence, because the 1DS is incapable of performing integrity checks on log files. In a network investigation, preserving digital evidence is difficult, as the data displayed on screen will remain only for few seconds. The Windows HyperTerminal …

Gathering Evidence from an IDS Read More »

Investigation-of-Network-Traffic

Investigation of Network Traffic

Investigation of Network Traffic in this Network forensics are often defined as sniffing, recording, acquisition, and analysis of the network traffic and event logs so as to research a network security incident. It allows investigator to examine network traffic and logs to spot and locate the attacking system. Devices connected to network still proliferate; computers, smartphones, tablets etc. because the number of attacks against networked systems grow, the importance of network forensics has increased and …

Investigation of Network Traffic Read More »

Sample DHCP Audit Log File

Sample DHCP Audit Log File in this DHCP server during a network allocates IP address to a computer during its begin. Therefore, the DHCP server logs contain information regarding the systems that were assigned specific IP addresses by the server, at any given instance. Investigators can examine these logs during forensic examinations. Now DHCP administrators can easily access this data using the built-in logging mechanisms. The DHCP activity log are often read during a text-based …

Sample DHCP Audit Log File Read More »