Forums
Main Category
General (Technical,...
index.dat files
 
Notifications
Clear all

index.dat files

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by jonoha 15 years ago
4 Posts
3 Users
0 Reactions
595 Views
RSS
 jonoha
(@jonoha)
Active Member
Joined: 15 years ago
Posts: 7
Topic starter 10/08/2010 6:08 am  

A question came to me at uni today that state how can the information in index.dat file be verified?
I understand that the information within the file can be used in a case to explain as to which computer was used to access the sites, and time it was done. This can then be used to specify more of a timeline of events as to when the visits took place and can work in with the case. However i cannot understand as to how these files can be verified? You can use a viewer such as Index Dat Spy to view the files but cannot think of a way that the information can be verified?

Also if a deletion tool was used to remove the cache files for internet explorer then is there any other way to find information about web browsing or internet activity. In windows this is. Would this be places such as in the windows event viewer. If the cache is removed that would not necessarily delete the browsing history of typed in sites which can be viewed in windows event viewer?

Thanks for any help.


   
Quote
kiashi
 kiashi
(@kiashi)
Trusted Member
Joined: 19 years ago
Posts: 99
10/08/2010 2:56 pm  

Jonoha, I'm not sure if folks on here are going to be continually willing to answer your uni questions for you but maybe we can try to "Teach a man to fish"

What other information is cached on a computer as a result of internet browsing other than just the index.dat itself? Can this be used to show what websites may have been visited and when?

Where does any data on a computer go when it has been 'deleted'? Maybe you could find deleted browsing history here……

What other major component of windows keeps track of settings and the like for software……where might you find 'TypedURLs'? (http//lmgtfy.com/?q=TypedURLs)

Anyway, I hope that leads you in the right direction.


   
ReplyQuote
 samr
(@samr)
Estimable Member
Joined: 20 years ago
Posts: 119
10/08/2010 3:06 pm  

Jonoha

I understand that the information within the file can be used in a case to explain as to which computer was used to access the sites, and time it was done.

It is also important to keep in mind that information in the index.dat file that you are referring to (i.e. when the computer recorded last access to a site) is a recorded time. It doesn't state when the access to the site last occurred, it states when the computer recorded that it occurred. If the computer doesn't have an accurate date and time then it will not reflect the actual time the access occurred.

Kind regards

Sam Raincock


   
ReplyQuote
 jonoha
(@jonoha)
Active Member
Joined: 15 years ago
Posts: 7
Topic starter 21/08/2010 4:42 pm  

Thanks guys i will be looking into it. i have been doing more research and found a couple more ideas on where and what to research so yeah D Looking good. Thanks!


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: