Book Review: Mastering Windows Network Forensics and Investigations

by

Mastering Windows Network Forensics and Investigations fills an interesting niche not well addressed in the pantheon of digital forensics resources. The material is well suited for beginning and intermediate forensic examiners looking to better understand network artifacts and go beyond single-system forensics. I highly recommend it for system administrators looking for a different perspective on network security or those interested in designing networks to be forensics-friendly. That said, the topics covered do not fit within the classical definition of network forensics. A more apt title might be Mastering Incident Response Forensics and Investigations

Read more

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
Ryan joins Si and Desi to discuss his research into SS7 hacking and cell phone tracking. As someone passionate about radio technology, Ryan became interested in cell networking and eventually discovered he could intercept calls and texts by building fake cell towers. He learned that phone users have virtually no ability to opt out of their locations and identifiers being commercially available via simple API calls. Ryan hopes to put this knowledge to good use by developing a system to warn domestic abuse shelters if an offender's phone is near by tracking SS7 data. During the technical discussion, Ryan demonstrates querying an API with his own phone number to retrieve subscriber data and location. The hosts consider how individuals could possibly protect themselves from SS7 exploits, such as avoiding SMS authentication. They also discuss Ryan's other projects exploring radio hacking tools and a magazine shining light on digital counterculture topics. 00:00 - Introducing Ryan 01:30 - What is SS7? 05:00 - SS7 attacks 08:05 - Research pathway 14:50 - Ryan's talk at BSides 16:20 - Using data to combat domestic abuse 30:00 - Protection from tracking 36:30 - Ryan's projects 44:15 - HVCK Magazine

Ryan joins Si and Desi to discuss his research into SS7 hacking and cell phone tracking. As someone passionate about radio technology, Ryan became interested in cell networking and eventually discovered he could intercept calls and texts by building fake cell towers. He learned that phone users have virtually no ability to opt out of their locations and identifiers being commercially available via simple API calls. Ryan hopes to put this knowledge to good use by developing a system to warn domestic abuse shelters if an offender's phone is near by tracking SS7 data.

During the technical discussion, Ryan demonstrates querying an API with his own phone number to retrieve subscriber data and location. The hosts consider how individuals could possibly protect themselves from SS7 exploits, such as avoiding SMS authentication. They also discuss Ryan's other projects exploring radio hacking tools and a magazine shining light on digital counterculture topics.

00:00 - Introducing Ryan

01:30 - What is SS7?

05:00 - SS7 attacks

08:05 - Research pathway

14:50 - Ryan's talk at BSides

16:20 - Using data to combat domestic abuse

30:00 - Protection from tracking

36:30 - Ryan's projects

44:15 - HVCK Magazine

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_quPJpAjyDZA

Cell Phone Tracking And SS7 - Hacking Security Vulnerabilities To Save Lives

Forensic Focus 92 minutes ago

Ryan from Oxygen Forensics discusses how to use Oxygen's Android agent to collect Google Chrome data as a third party app on Android devices.

Ryan from Oxygen Forensics discusses how to use Oxygen's Android agent to collect Google Chrome data as a third party app on Android devices.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_gNyq_7llqLA

Extracting Google Chrome Using Android Agent

Forensic Focus 22nd September 2023 3:07 pm

Ryan from the Oxygen Forensic training team discusses a new feature found in Oxygen Forensic Maps.

Ryan from the Oxygen Forensic training team discusses a new feature found in Oxygen Forensic Maps.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_yk_EGG6mR3s

Using The Maps Activity Matrix In Oxygen Forensic® Detective

Forensic Focus 15th September 2023 5:47 pm

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Extracting Google Chrome Using Android Agent
Articles

Extracting Google Chrome Using Android Agent

ByOxygenForensicsSep 25, 2023
Digital Forensics Round-Up, September 21 2023
News

Digital Forensics Round-Up, September 21 2023

ByForensic FocusSep 21, 2023
How To Review Mobile Forensics Evidence With Mobile Device Investigator
Articles

How To Review Mobile Forensics Evidence With Mobile Device Investigator

ByadfsolutionsSep 20, 2023
UPCOMING WEBINAR – The State Of Digital Forensics And Incident Response 2023
News

UPCOMING WEBINAR – The State Of Digital Forensics And Incident Response 2023

ByBinalyzeSep 20, 2023
Using The Maps Activity Matrix In Oxygen Forensic® Detective
Articles

Using The Maps Activity Matrix In Oxygen Forensic® Detective

ByOxygenForensicsSep 19, 2023
New IDC Report: The State Of Digital Forensics And Incident Response 2023
News

New IDC Report: The State Of Digital Forensics And Incident Response 2023

ByBinalyzeSep 18, 2023