Case studies - what would you find useful?
Hmmm. I am corporate FI so all my work is tied to my firm, therefore all the cases are intertwined with the quirkiness of this specific corporate culture…
While I understand your position, I think that is also the reason why there aren't more "case studies" available…not only can some folks not provide them for reasons similar to the above, but others may not provide them b/c doing so would be feeding into a black hole.
I think most of the time we post useful responses, they are "black hole" scenarios.
Yet, we still do.
Even for Jesus only one out of ten returned to be thankful.
I was wondering if you'd had a chance to look at the below…I had posted it in response to your request, "If anyone could provide a good case study on investigating social networks that would be great. "
If you were asked to analyze the system of someone suspected of "cyberbullying" or stalking, I would think that the approach would be something like
1. Get as much information as you can about the activities…user accounts, screen names, etc., of both the suspect and the target. Also look for specific unique words or phrases the suspect may have used. You can also use these to perform Google searches to look for any other possible accounts or screen names.
2. Determine which browser(s) were used, and retrieve and analyze the history and cache.
3. Perform an examination of unallocated space, the pagefile, or any hibernation files to look for indication of activity. This is where EnCase's Search Preview capability is very useful…I've written my own versions of this using Perl, as the technique itself is valuable.
4. Look for indications of smart phone backup files on the system as a secondary source of data.
Yes I did and it was just what I was looking for so thanks alot for that.
Tried looking online but there doesn't seem to be much info available out there about forensics and social networks, or when I found some it wasn't very detailed, so your reply was much appreciated.
I posted a short case study to the Win4n6 Yahoo group last night, and wanted to share this excellent case study written by Andrew Case