Ann's bad AIM Essay Example | Topics and Well Written Essays - 750 words

Anns bad AIM - Essay ExampleThereafter, the rogue laptop computer disappeared. As a forensic investigator, the Stuff reported this matter to me seeking some help. In this investigation I must therefore bring out who Ann was IM-ing, whatsoever she sent and also recover evidence including the followingIn this investigation I am basic ally dealing with a pcap file and must find a way to extract the breeding in it first before proceeding with the investigation further. Normally there are several ways of extracting information from pcaps. Black Bytes (2012) explores some of the most commonly used four ways to extract the information. First there is the Wireshark http export, in this case a list of all files found in all the http requests are presented. The second rotating shaft is the Wireshark export bytes, with respect to the protocol, you are obliged to drill down in the packed you wish in order to find this. The third one is the Network Miner which mainly focuses on forensics an alysis. The last tool presented by Black Bites is the Chaosreader. It is a tool that analyzes and extracts session information as well as files, it then creates html report that opens in any browser.Then next thing is the identification of Anns entertain IP connection. This is something I already know to be 192.168.1.158, when pcap file is filtered with tshark, we can possibly view the hosts that Ann communicated to. This is achievable through the command tshark -r evidence.pcap -R at the terminal. It is important to wrinkle that Anne communicated with two hosts one being a local host who is indubitably the intruder about the other an internet host. In my case the IP addresses for the hosts resulted from the simulation. In order to find out who the internet host is we use the whos command at the terminal.Ann communicated with someone via the IM program. We could possibly assume that the IM program is an AIM client, a touch that can be