Difference between revisions of "Online resources"
From Forensics Wiki
(Added HoneyNet project) |
(Added Sam Spade) |
||
| Line 6: | Line 6: | ||
* [http://whois-search.com/ WHOIS-Search.com] | * [http://whois-search.com/ WHOIS-Search.com] | ||
| + | |||
| + | The SamSpade web site also offers several WHOIS related searches | ||
| + | |||
| + | * [http://www.samspade.org/ Sam Spade] | ||
== Sample Cases == | == Sample Cases == | ||
Latest revision as of 07:41, 21 April 2007
There are lots of web sites that can provide valuable information for forensic investigators. (This page will probably be broken into categories eventually...)
[edit] WHOIS Queries
The WHOIS Service can be used to find the owner of a domain. Sometimes this is only sufficient to find the registrar for a domain, but even that is a start.
The SamSpade web site also offers several WHOIS related searches
[edit] Sample Cases
One of the most difficult things for new investigators is finding sample cases to work on.
- The HoneyNet Project has several forensics challenges online. These include the "Scan of Month", "The Reverse Challenge," and "The Forensic Challenge." The last one asked entrants to examine a complete RedHat Linux system for information. All of these challenges include complete solutions.
[edit] Web Page Archives
Web page archives can give the investigator a look at what a web page used to look like. The most well known is the Google cache, but here are some others:
- The Internet Archive's WayBack Machine can produce a nicely formatted page showing how a web site looked on certain dates. For example, the history of yahoo.com's homepage gives a nice history lesson. The machine records both main pages and subpages. For example, note the changes in time between Jesse Kornblum's Yahoo! profile.
