If you are visually impaired or blind, you can visit the PDF version by Pressing CONTROL + ALT + 4
You need a JavaScript-enabled browser to view this Publication
Please follow these steps to view the Publication:
Enable JavaScript in your browser
Refresh this page
Best regards
Zmags
<br /> The Quarterly Magazine for Digital Forensics Practitioners<br /> DATA THEFT<br /> Jonathan Grier explains how to carry out an investigation, when<br /> no artefacts exist, using his stochastic forensics approach<br /> A TARANTULA CHINESE<br /> CELL PHONE ANALYSIS KIT<br /> WIN!<br /> MAY 2012<br /> ISSUE 11<br /> 02<br /> 9 772042 061127<br /> Issue 11 / £14.99 TR Media<br /> / REGULARS / FROM THE LAB / INTRODUCING / Book Reviews<br /> robservations, 360, Image Metadata for Cyber Warfare & INCLUDING The Basics<br /> news, irq & more… Effective Data Mining Covert Channels of Digital Forensics<br /> <br /> EDITORIAL<br /> A<br /> recent news article about flying<br /> cars set me to thinking about the<br /> <a title="DFM11 - Online page 1" href="http://viewer.zmags.com/publication/c5e68b7d?page=1"> The Quarterly Magazine for Digital Forensics Prac</a> <a title="DFM11 - Online page 2" href="http://viewer.zmags.com/publication/c5e68b7d?page=2"> </a> <a title="DFM11 - Online page 3" href="http://viewer.zmags.com/publication/c5e68b7d?page=3"> EDITORIAL A </a> <a title="DFM11 - Online page 4" href="http://viewer.zmags.com/publication/c5e68b7d?page=4"> </a> <a title="DFM11 - Online page 5" href="http://viewer.zmags.com/publication/c5e68b7d?page=5"> CONTENTS / DIGITAL FORENSICS MAGAZINE </a> <a title="DFM11 - Online page 6" href="http://viewer.zmags.com/publication/c5e68b7d?page=6"> / NEWS NEWS EnCase Version 7 released with ext</a> <a title="DFM11 - Online page 7" href="http://viewer.zmags.com/publication/c5e68b7d?page=7"> are current claims stating that the ISPs use the </a> <a title="DFM11 - Online page 8" href="http://viewer.zmags.com/publication/c5e68b7d?page=8"> </a> <a title="DFM11 - Online page 9" href="http://viewer.zmags.com/publication/c5e68b7d?page=9"> LET ME IN An outline of how incident responders c</a> <a title="DFM11 - Online page 10" href="http://viewer.zmags.com/publication/c5e68b7d?page=10"> / FEATURE Figure 2. Sticky Keys p</a> <a title="DFM11 - Online page 11" href="http://viewer.zmags.com/publication/c5e68b7d?page=11"> Figure 4. Ophcrack successfully cracking Windows </a> <a title="DFM11 - Online page 12" href="http://viewer.zmags.com/publication/c5e68b7d?page=12"> / FEATURE / Inception While the concept of usin</a> <a title="DFM11 - Online page 13" href="http://viewer.zmags.com/publication/c5e68b7d?page=13"> </a> <a title="DFM11 - Online page 14" href="http://viewer.zmags.com/publication/c5e68b7d?page=14"> / ROBSERVATIONS ROBSERVATIONS Is Anti-Virus re</a> <a title="DFM11 - Online page 15" href="http://viewer.zmags.com/publication/c5e68b7d?page=15"> / Bad habits we included and commonly see in m</a> <a title="DFM11 - Online page 16" href="http://viewer.zmags.com/publication/c5e68b7d?page=16"> / LEAD FEATURE INVESTIGATING DATA THEFT WITH S</a> <a title="DFM11 - Online page 17" href="http://viewer.zmags.com/publication/c5e68b7d?page=17"> / Solve an Easier Problem The mathematician Georg</a> <a title="DFM11 - Online page 18" href="http://viewer.zmags.com/publication/c5e68b7d?page=18"> / LEAD FEATURE COPYING A LARGE FOLDER CREATES W</a> <a title="DFM11 - Online page 19" href="http://viewer.zmags.com/publication/c5e68b7d?page=19"> / Saved by Stochastic Forensics So far, I was tac</a> <a title="DFM11 - Online page 20" href="http://viewer.zmags.com/publication/c5e68b7d?page=20"> / LEAD FEATURE / Q&A Does a cutoff cluster prove</a> <a title="DFM11 - Online page 21" href="http://viewer.zmags.com/publication/c5e68b7d?page=21"> </a> <a title="DFM11 - Online page 22" href="http://viewer.zmags.com/publication/c5e68b7d?page=22"> / FEATURE WPS INSECURITIES & FALSE PROPHETS T</a> <a title="DFM11 - Online page 23" href="http://viewer.zmags.com/publication/c5e68b7d?page=23"> / WPS is a Good Idea! So far, WPS would seem to b</a> <a title="DFM11 - Online page 24" href="http://viewer.zmags.com/publication/c5e68b7d?page=24"> / FEATURE This question can probably be answe</a> <a title="DFM11 - Online page 25" href="http://viewer.zmags.com/publication/c5e68b7d?page=25"> </a> <a title="DFM11 - Online page 26" href="http://viewer.zmags.com/publication/c5e68b7d?page=26"> / LETTERS 360° Your chance to have your say… H </a> <a title="DFM11 - Online page 27" href="http://viewer.zmags.com/publication/c5e68b7d?page=27"> </a> <a title="DFM11 - Online page 28" href="http://viewer.zmags.com/publication/c5e68b7d?page=28"> Cell site analysis Computer forensics Audio vi</a> <a title="DFM11 - Online page 29" href="http://viewer.zmags.com/publication/c5e68b7d?page=29"> / LEGAL EDITORIAL LEGAL EDITORIAL Apple's trad</a> <a title="DFM11 - Online page 30" href="http://viewer.zmags.com/publication/c5e68b7d?page=30"> / LEGAL FEATURE CHINA'S LAWS An overview of Ch</a> <a title="DFM11 - Online page 31" href="http://viewer.zmags.com/publication/c5e68b7d?page=31"> It is important to note that only documenta</a> <a title="DFM11 - Online page 32" href="http://viewer.zmags.com/publication/c5e68b7d?page=32"> / LEGAL FEATURE Article 68 Any document submi</a> <a title="DFM11 - Online page 33" href="http://viewer.zmags.com/publication/c5e68b7d?page=33"> ASSESSMENT VENDOR INDEPENDENCE t</a> <a title="DFM11 - Online page 34" href="http://viewer.zmags.com/publication/c5e68b7d?page=34"> / LEGAL NEWS ALERT LEGAL NEWS ALERT Apple sett</a> <a title="DFM11 - Online page 35" href="http://viewer.zmags.com/publication/c5e68b7d?page=35"> Reviewing the latest sports highlights </a> <a title="DFM11 - Online page 36" href="http://viewer.zmags.com/publication/c5e68b7d?page=36"> / MEET THE PROFESSIONALS MEET THE DF PROFESSIO</a> <a title="DFM11 - Online page 37" href="http://viewer.zmags.com/publication/c5e68b7d?page=37"> I did not want to simply give up. So, I decided t</a> <a title="DFM11 - Online page 38" href="http://viewer.zmags.com/publication/c5e68b7d?page=38"> </a> <a title="DFM11 - Online page 39" href="http://viewer.zmags.com/publication/c5e68b7d?page=39"> </a> <a title="DFM11 - Online page 40" href="http://viewer.zmags.com/publication/c5e68b7d?page=40"> / FEATURE CHINESE CELL PHONES & DIGITAL FORENS</a> <a title="DFM11 - Online page 41" href="http://viewer.zmags.com/publication/c5e68b7d?page=41"> strategy in China, offering hardware packages cal</a> <a title="DFM11 - Online page 42" href="http://viewer.zmags.com/publication/c5e68b7d?page=42"> / FEATURE In some cases, white box phone </a> <a title="DFM11 - Online page 43" href="http://viewer.zmags.com/publication/c5e68b7d?page=43"> developers to focus their efforts on tools that c</a> <a title="DFM11 - Online page 44" href="http://viewer.zmags.com/publication/c5e68b7d?page=44"> </a> <a title="DFM11 - Online page 45" href="http://viewer.zmags.com/publication/c5e68b7d?page=45"> / APPLE AUTOPSY APPLE AUTOPSY The State of Apple</a> <a title="DFM11 - Online page 46" href="http://viewer.zmags.com/publication/c5e68b7d?page=46"> / FEATURE IMAGING AND WRITE BLOCKING ON A MAC </a> <a title="DFM11 - Online page 47" href="http://viewer.zmags.com/publication/c5e68b7d?page=47"> 18.The next screen will ask for case specific info</a> <a title="DFM11 - Online page 48" href="http://viewer.zmags.com/publication/c5e68b7d?page=48"> / FEATURE Raptor Installer B</a> <a title="DFM11 - Online page 49" href="http://viewer.zmags.com/publication/c5e68b7d?page=49"> free tool called disk arbitrator is a free utilit</a> <a title="DFM11 - Online page 50" href="http://viewer.zmags.com/publication/c5e68b7d?page=50"> </a> <a title="DFM11 - Online page 51" href="http://viewer.zmags.com/publication/c5e68b7d?page=51"> / FROM THE LAB IMAGE FORENSICS The challenge w</a> <a title="DFM11 - Online page 52" href="http://viewer.zmags.com/publication/c5e68b7d?page=52"> / FROM THE LAB Exif.Image.Make </a> <a title="DFM11 - Online page 53" href="http://viewer.zmags.com/publication/c5e68b7d?page=53"> Followed by the West / South multiplication </a> <a title="DFM11 - Online page 54" href="http://viewer.zmags.com/publication/c5e68b7d?page=54"> / FROM THE LAB · Which new Maltego entities w</a> <a title="DFM11 - Online page 55" href="http://viewer.zmags.com/publication/c5e68b7d?page=55"> </a> <a title="DFM11 - Online page 56" href="http://viewer.zmags.com/publication/c5e68b7d?page=56"> COMPETITION / This issue we have A TARANTULA CHIN</a> <a title="DFM11 - Online page 57" href="http://viewer.zmags.com/publication/c5e68b7d?page=57"> / FEATURE TRAP YOUR OWN BOTNETS Techniques fo</a> <a title="DFM11 - Online page 58" href="http://viewer.zmags.com/publication/c5e68b7d?page=58"> / FEATURE We found that the purpose and t</a> <a title="DFM11 - Online page 59" href="http://viewer.zmags.com/publication/c5e68b7d?page=59"> attacker changed the TCP/IP service parameter for</a> <a title="DFM11 - Online page 60" href="http://viewer.zmags.com/publication/c5e68b7d?page=60"> / FEATURE Modular bots can easily adopt</a> <a title="DFM11 - Online page 61" href="http://viewer.zmags.com/publication/c5e68b7d?page=61"> </a> <a title="DFM11 - Online page 62" href="http://viewer.zmags.com/publication/c5e68b7d?page=62"> / FEATURE COVERT CHANNELS IN NETWORK PROTOCOLS</a> <a title="DFM11 - Online page 63" href="http://viewer.zmags.com/publication/c5e68b7d?page=63"> Tumoian and Anikeev (2005) explain that the </a> <a title="DFM11 - Online page 64" href="http://viewer.zmags.com/publication/c5e68b7d?page=64"> / FEATURE / Timing Channels Eggers and Mallet (</a> <a title="DFM11 - Online page 65" href="http://viewer.zmags.com/publication/c5e68b7d?page=65"> / Covert Channel List The following describes the</a> <a title="DFM11 - Online page 66" href="http://viewer.zmags.com/publication/c5e68b7d?page=66"> / FEATURE / TCP ACK Field The point to note for</a> <a title="DFM11 - Online page 67" href="http://viewer.zmags.com/publication/c5e68b7d?page=67"> / NEXT ISSUE COMING SOON… A roundup of featu</a> <a title="DFM11 - Online page 68" href="http://viewer.zmags.com/publication/c5e68b7d?page=68"> / COURSE WRITE-UP DOCUMENT FORENSICS – A STUDE</a> <a title="DFM11 - Online page 69" href="http://viewer.zmags.com/publication/c5e68b7d?page=69"> </a> <a title="DFM11 - Online page 70" href="http://viewer.zmags.com/publication/c5e68b7d?page=70"> MD5 are recognised as one of the leading digital </a> <a title="DFM11 - Online page 71" href="http://viewer.zmags.com/publication/c5e68b7d?page=71"> / FEATURE CYBER CHAMPIONS – MAKING A DIFFERENC</a> <a title="DFM11 - Online page 72" href="http://viewer.zmags.com/publication/c5e68b7d?page=72"> / FEATURE In tur</a> <a title="DFM11 - Online page 73" href="http://viewer.zmags.com/publication/c5e68b7d?page=73"> Digital ForensicS / magazine BACK ISSUES The Quar</a> <a title="DFM11 - Online page 74" href="http://viewer.zmags.com/publication/c5e68b7d?page=74"> / FEATURE STEGANOGRAPHY SECURITY CONTROLS New </a> <a title="DFM11 - Online page 75" href="http://viewer.zmags.com/publication/c5e68b7d?page=75"> ID Family ID Family AC Access Con</a> <a title="DFM11 - Online page 76" href="http://viewer.zmags.com/publication/c5e68b7d?page=76"> / FEATURE </a> <a title="DFM11 - Online page 77" href="http://viewer.zmags.com/publication/c5e68b7d?page=77"> D.Heightens the level of information system monit</a> <a title="DFM11 - Online page 78" href="http://viewer.zmags.com/publication/c5e68b7d?page=78"> </a> <a title="DFM11 - Online page 79" href="http://viewer.zmags.com/publication/c5e68b7d?page=79"> BOOK REVIEWERS New initiative for practitioners t</a> <a title="DFM11 - Online page 80" href="http://viewer.zmags.com/publication/c5e68b7d?page=80"> / BOOK REVIEWS BOOK REVIEWS The Basics of Digi</a> <a title="DFM11 - Online page 81" href="http://viewer.zmags.com/publication/c5e68b7d?page=81"> Linux and how to create a hacking lab. Using a si</a> <a title="DFM11 - Online page 82" href="http://viewer.zmags.com/publication/c5e68b7d?page=82"> / COLUMN IRQ Is Anti-Virus really dead? Sby Angus</a> <a title="DFM11 - Online page 83" href="http://viewer.zmags.com/publication/c5e68b7d?page=83"> </a> <a title="DFM11 - Online page 84" href="http://viewer.zmags.com/publication/c5e68b7d?page=84"> </a>