Difference between pages "Using signature headers to determine if an email has been forged" and "LiveDiscover"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Signed mail: - Quick notes on PGP signed and/or encrypted messages)
 
 
Line 1: Line 1:
{{Expand}}
+
'''LiveDiscover™ Forensic Edition''' [http://www.wetstonetech.com/cgi-bin/shop.cgi?view,4]
  
 +
==  ==
 +
LiveDiscover Forensic Edition (FE) is the premier tool for rapid full distributed network assessment and  mapping, which is a critical first step in any digital investigation. Designed for forensic investigators, LiveDiscover FE rapidly scans a range of IP addresses and generates comprehensive forensic reports including easy to view graphs on each located  device within the specified network. With the case management features, investigators can tailor reports and case details,making evidence court ready.  Built-in customization allows for the creation of modified vulnerability scripts making LiveDiscover FE field extensible.
  
== Domain Key Signatures ==
 
  
These headers, included by the mail server, provide a signature of each message. See [[Gmail Header Format]]. The public keys are distributed via [[Domain Name System|DNS]].
+
'''Key Features:'''
  
== Signed mail ==
+
Live forensic network discovery, Live forensic vulnerability assessment, Automatically identify operating systems including Windows, Unix, Linux, Mac, VMS, Novell, and Sunsystems, Remote detection of system status including running services, attached devices, and open shares, Forensically map communication devices, printers and more, Forensic detailed report generation
  
Some other programs can be used by the sender to sign an email message. Programs such as [[PGP]], [[GnuPG]].
 
  
=== PGP Messages ===
+
'''System Recommendations:'''
  
Messages sent using PGP, or its free equivalents such as GnuPG, have the signature in the message body itself. Each message can be signed, encrypted, or both. Encrypted messages begin with the header
+
Microsoft Windows® 2000, XP, Vista, 20 MB free disk space, 256 MB RAM, Pentium® III 1GHz processor
<pre>-----BEGIN PGP MESSAGE-----</pre> followed by some optional headers. The optional headers may include the character set of the decoded message, the program and version that created the message, and an optional comment. The end of the message is noted with <pre>-----END PGP MESSAGE-----</pre> Between these two lines are a series of ASCII characters that represent the encrypted or signed message.
+
  
A signed message has the header <pre>-----BEGIN PGP SIGNATURE-----</pre> at the ''end'' of the signed message followed by the same optional headers as encrypted messages. The signature is usually three lines of ASCII characters.
 
  
== See Also ==
+
'''License:'''
* [[Using message id headers to determine if an email has been forged]]
+
  
[[Category:Howtos]]
+
Single user license, Site licenses are available upon request
 +
 
 +
 
 +
----
 +
 
 +
'''Contact Information:'''
 +
 
 +
1-877-WETSTONE ext. 2
 +
 
 +
www.wetstonetech.com [https://www.wetstonetech.com/index.html]

Latest revision as of 13:10, 6 October 2009

LiveDiscover™ Forensic Edition [1]

LiveDiscover Forensic Edition (FE) is the premier tool for rapid full distributed network assessment and mapping, which is a critical first step in any digital investigation. Designed for forensic investigators, LiveDiscover FE rapidly scans a range of IP addresses and generates comprehensive forensic reports including easy to view graphs on each located device within the specified network. With the case management features, investigators can tailor reports and case details,making evidence court ready. Built-in customization allows for the creation of modified vulnerability scripts making LiveDiscover FE field extensible.


Key Features:

Live forensic network discovery, Live forensic vulnerability assessment, Automatically identify operating systems including Windows, Unix, Linux, Mac, VMS, Novell, and Sunsystems, Remote detection of system status including running services, attached devices, and open shares, Forensically map communication devices, printers and more, Forensic detailed report generation


System Recommendations:

Microsoft Windows® 2000, XP, Vista, 20 MB free disk space, 256 MB RAM, Pentium® III 1GHz processor


License:

Single user license, Site licenses are available upon request



Contact Information:

1-877-WETSTONE ext. 2

www.wetstonetech.com [2]