Internet Investigations
1.1. What is a Computer Network?
1.2. Benefits of Computer Networking
1.3. Purpose of Computer Networking• Data Sharing
• Resource Sharing
• Application Sharing1.4. Computer Network Architecture
• Peer to Peer Architecture
• Client Server Architecture1.5. Computer Network Components
• Hardware Components
• Networking Devices
• Software Components1.6. Types of Computer Networks
1.7. Types of Topology
1.8. Transmission Modes
1.9. The OSI Model
1.10. How data flows through the OSI model
1.11. TCP/IP Model• Addresses in TCP/IP
• Physical Address (MAC Address)
• IP Addresses
• Binary System
• Binary to Decimal Conversion
• Decimal to Binary Conversion
• How IP address works?
• IP address classes
• Private IP Addresses
• Subnet Mask
• Subnetting
• The IP packets1.12. TCP / UDP and Ports
• Transmission Control Protocol (TCP)
• User Datagram Protocol (UDP)
• How TCP and UDP work
• Ports1.13. Extension protocols and network applications
• Address Resolution Protocol (ARP)
• Dynamic Host Configuration Protocol (DHCP)
• Internet Control Message Protocol (ICMP)
• Virtual Local Area Network (VLAN)
• Uniform Resource Locator (URL)
• Domain Name System (DNS)
• Hyper Text Transfer Protocol (HTTP)
• HTTP flood DDoS attack1.14. Wi-Fi
• How Does Wi-Fi Work?
• Wi-Fi Radio Spectrum
• 802.11 Networking Standards
• Wi-Fi Security Protocols1.15. Firewalls
• What is a firewall?
• How does a firewall work?
• Types of firewalls1.16. Intrusion Detection Systems (IDS)
• What Is an Intrusion Detection System?
• Types of Intrusion Detection Systems1.17. Intrusion Prevention Systems (IPDS)
• What Is an Intrusion Prevention System?
• Types of Intrusion Prevention Systems
• Differences Between IDS and IPS1.18. Authentication and Authorization
• Role-Based Access Control (RBAC)
• Attribute-Based Access Control (ABAC)
• RBAC vs. ABAC1.19. VPN
1.20. SIEM
1.21. International Standardization Organizations(1) ISO
(2) IEEE
(3) IANA
(4) ICANN
2.1. What is OSINT?
2.2. Open-Source Information Categories
2.3. OSINT Types
2.4. Benefits of OSINT
2.5. Challenges of Open-source Intelligence
2.6. OSINT Tools• OSINT Framework
• Tinfoleak
• Aware-Online
• Technisite
• UK.OSINT2.7. Search Engines
2.8. Advanced Search Engine Techniques
2.9. Meta Search Engines
2.10. People Search
2.11. Image Search
2.12. Reverse Image Search
2.13. EXIF Data
2.14. Extracting Exif Data from a WordPress Website
2.15. FTP Search
2.16. Data Compromised Repository Websites
2.17. Geolocation and Maps
3.1. Definition of Social Media
3.2. Types of Social Media• Collaborative Projects
• Blogs and Microblogs
• Location-Based
• Content Communities
• Social Networking Sites
• Virtual Gaming Worlds
• Virtual Social Worlds
• Dating Sites3.3. Types of Personal Information
• Basic Demographics
• Social Connections and Associates
• Location Data
• Behavior Patterns
• Posted Content3.4. Finding Information on Social Media
• Search Engines Techniques
• Privacy-Oriented Search Engines
• National Search Engines
• Archive’s Wayback Machine
• Search Anonymously
• Create a Fake Profile
• Use Pretexting
• Other Techniques
• Preserving Social Media Evidence
4.1. Mirror Target Web Site
4.2. Extract the Links
4.3. Check the Target Website’s Backlinks
4.4. Discover Subdomains
4.5. Extract Other Data
4.6. Monitor Website Updates
4.7. Check the Website’s Archived Contents
4.8. Check Default Passwords
4.9. WHOIS Lookup
5.1. What is an e-mail?
5.2. What is e-mail forensics?
5.3. Basic Components of an e-mail
5.4. Parts of an e-mail
5.5. Working and Protocols of E-Mail• How does e-mail work?
• How does e-mail server work?
• SMTP (Simple Mail Transfer Protocol)
• POP3 (Post Office Protocol)
• IMAP (Internet Message Access Protocol)5.6. Detailed e-mail architecture
• Responsible Actor Roles
User Actors
MHS Actors
Administrative Actors• Identities
Mailbox
Domain Name
Message Identifiers (Message ID & ENVID)• Services and Standards
Message Data
Message User Agent (MUA)
Message Store (MS)
Mail Submission Agent (MSA)
Message Transfer Agent (MTA)
Mail Delivery Agent (MDA)5.7. E-mail Headers
• What purpose do email headers serve
• E-mail Headers Fields
• X-Headers5.8. E-mail Investigation
• Obtain a search warrant
• Examine e-mail messages
• Copy and print e-mail messages
• View the e-mail headers Viewing an Email Header on Gmail
Viewing an Email Header on Microsoft Outlook
Viewing an Email Header on Mozilla Thunderbird
Viewing an Email Header on iCloud Mail• Analyze the e-mail headers
• Trace E-mail Check E-mail Validity
Examine the originating IP Address
Trace back web-based e-mail• Acquire e-mail achieves
Content of e-mail archives
Server Storage archives (MS Exchange, IBM Notes, Novell GroupWise)
Forensic Acquisition (PST, server level, deleted)• Examine e-mail logs
System Logs
Network equipment logs
Examining Linux e-mail server logs
Examining Microsoft Exchange e-mail server logs
Examining Novell GroupWise e-mail server logs• Email forensic tools
6.1. Web Categories
6.2. Surface Web versus Deep Web
6.3. Evolution of Hidden Web
6.4. Deep Web
6.5. Dark Web
6.6. Tor
6.7. Cybercriminal Activities in Dark Net
6.8. Dark Web Content Analyzing Techniques
6.9. Extracting Information from Dark Web Contents
6.10. Dark Web Forensics
7.1 Instant message services
7.2 How IM services work
7.3 Chat rooms
7.4 Internet Relay Chat
7.5 Nickname
7.6 Channels
7.7 Malicious code distribution
7.8 Direct Client to Client (DCC) chat
7.9 File server
7.10 Investigative considerations for IM Services, Chat Rooms, and IRC
8.1 File Transfer Protocol
8.2 Peer-to-Peer
8.3 Investigative considerations for file sharing networks
8.4 Complex P2P scenario—proxy server
9.1 Bulletin Board Services
9.2 Message boards
9.3 Listservs
9.4 Newsgroups
9.5 Investigative uses of bulletin boards, message boards, listservs, and newsgroups