Data Forensics

Data forensics is one of the sub branches of computer forensics. It is essential to establish legal evidences as found in computers and its storage media. Its primary goal is to give a clear explanation of a digital artifact’s state. Digital artifacts include storage devices, computer systems or electronic documents.

Data forensics are employed for a couple of reasons. It is a significant portion of data recovery for either hardware or software failures. It also helps analyze how an attacker was able to break-in to a system. It is also important to gather information about an employee that a certain organization wants to terminate. Alongside all these reasons, different steps are followed in the database forensics process.

There are several steps involved in the entire forensics process. These are as follows:

• Preparation of the investigator. An investigator must have an ample background of the subject matter. He should be trained enough to know the facets of the process. He validates all data needed by the courts basing on generated reports. Since there are many tools to choose from, the investigator should determine the appropriate tool to be applied for the case.

• Collection of data. The data are gathered in the form of digital evidences. Data forensics make use of tools such as computers, hard drives, CD-ROMs and even cellular phones or digital cameras. The data should be carefully handled to assure that no changes are made. Documentation and the use of reliable tools will help secure the collected data for forensics use.

• Examination. There are two ways by which data are examined. Traditionally, the dead data analysis is employed. This is one method where investigations are performed on hard drives or any data at rest. Currently, the live data analysis is also used. This is helpful when the attacker does not make use of the computer’s hard drive. This is also important if the person makes use of cryptographic storage devices where data intervention may no longer be seen once the computer shuts-off.

Once the data are gathered and examined, the data forensics investigator may report the incident to management or to whoever needs the data. Following these steps require careful scrutiny of the scenario. This will ensure that all legal actions will be imposed on the attacker. In like manner, it will help dictate the punishment to be given to the offender.

Property of RecoverMyPc Inc.
Ara Pekel invites you to visit
RecoverMyPc will give you the Secure Data Recovery that you need. Use our free Online Picture Recovery Tool, Free Software, Software Coupons, and Great Articles to read.

DES and 3DES

Data Encryption Standard (DES) data are encrypted in 64-bit blocks using a 56-bit key. The DES algorithm takes the input through a series of transformations: initial permutation; a complex function, which involves both permutation and substitution operations and depends on a key input; a simple permutation function that switches the two halves of the data; the function is applied again; and a permutation function that is the inverse of the initial permutation takes place. There are five “modes of operation” that have been defined in order to apply DES to a variety of applications. They are Electronic Codebook, Cipher Block Chaining, Cipher Feedback, Output Feedback Counter, and Counter (Cryptography Concepts, 2005).

Triple DES or 3DES involves repeating the DES algorithm three times on the plaintext, using two or three different keys to produce the ciphertext. As stated in the article DES is dead. Long live…Well, um, What, “First it encrypts, then it decrypts and finally it encrypts again” (Moskowitz, 1999). Three DES is now used because it is very resistant to cryptanalysis, serving as an alternative to add security against the potential vulnerability of DES to brute-force attack. Triple DES has been adopted for use in the key management standards ANSI X 9.17 and ISO 8732, along with a number of Internet-based applications, such as PGP and S/MIME (AES, Ciphers, and Confidentiality, 2005). The picture below shows the triple encryption process, as well as show the middle portion of 3DES as a decryption rather than an encryption making it more secure.

A nonce and key distribution center (KDC) shares a secret key or “master” key between each party on a network. The KDC is responsible for generating nonce and keys to be used for a short time over a connection between two parties, known as session keys, and for distributing those keys using the master keys to protect the distribution. The following steps occur:

1. A issues request to the KDC for a session key with B. The message includes the identity of A and B, as well as a unique identifier for the transaction, a nonce, which may include a random number or a counter.

2. The KDC replies with a message encrypted using Ka. Thus, only A can read the message and knows the message originated at the KDC. The message includes:

• The one-time session key, Ks, to be used for the session.
• The original request message, including the nonce, to enable A to match this response with the appropriate request.

In addition, the message includes two items intended for B:

• The one-time session key, Ks.
• An identifier of A, IDA.

These are encrypted with the master key that the KDC shares with B. They are sent to B to establish connection and prove A’s identity.

3. A stores the session key for use in the upcoming session and forwards to B the information that originated at the KDC for B. This information is protected from eavesdropping, because it is encrypted by the master key, Kb. B knows the session key, A’s identity, and that the information originated at the KDC.

4. B then sends a nonce, N2, to A, using a newly minted session key for encryption.

5. Using the session key, A responds with f(N2), where f is a function that performs some transformation on N2 (e.g., adding one) (Stallings, 2003 pgs 214-15).

In conclusion, the above explained how DES works, why 3DES is now used, why the middle portion of 3DES is a decryption rather than an encryption, and explain a nonce and a key distribution center.

Works Cited

Moskowitz, Robert. (1999). DES is dead. Long Live… well, um, what? Network Computing, vol. 10 issue 6. Retrieved October 22, 2005, from, EBSCO Host Research Databas

Stallings, William. (2003). Cryptography and Network Security: Principles and Practice. New Jersey: Pearson Education, Inc.
Joshua Maluchnik, M.I.T., MCP/MCTS
Account Executive
Tranztec Solutions, Inc.

How to Synchronise Your Windows PC to a Time Server

Do you regularly need to correct the time on your PC? The answer is probably “Yes!”. This is because computers have very poor time-keeping hardware. Often, the system clock in a regular PC can drift by minutes each day. However, help is at hand. It is very easy to synchronise the time on your Microsoft Windows computer with one of the most accurate clocks in the world. This article describes how to configure your Windows system to synchronise it’s internal system time with an Internet based ‘atomic time’ reference.

PC’s utilise an internal hardware real-time clock to maintain time. Generally, this hardware clock circuit utilises very low-cost components. This results in poor time-keeping performance. It is not unusual for a computer to loose minutes each day. There are hardware solutions available, which can improve timekeeping, such as more precision crystal oscillators. However, modifying PC’s at board level is not an option for most users. Additionally, accurate time-keeping hardware can be prohibitively expensive. Ideally, a software solution to maintain accurate time is required. This is where the Network Time Protocol (NTP) comes in.

NTP is one of the oldest Internet protocols still in regular use today. Dr David Mills of the University of Dellaware invented it over 25 years ago. He recognised the need to synchronise time critical processes across the Internet. The Network Time Protocol allows client computers to synchronise to an accurate time reference over the Internet. NTP uses the UDP (User Datagram Protocol) over IP (Internet Protocol) to request time from an accurate time reference. It then waits for and accepts a response from the server before updating it’s internal system time with the supplied reference time.

There are many NTP Servers residing on the Internet. Government or educational institutions generally maintain them. A NTP server obtains highly accurate time from an external time reference such as GPS or Radio and maintains this time internally. It then distributes the precise time to network time clients.

The latest Microsoft Windows operating systems, such as XP and Vista, incorporate a SNTP (Simple Network Time Protocol) client. This client can easily be used to synchronise to an Internet or locally based NTP server. The client is configured from the time and date properties applet in the control panel, or by double clicking on the time in the system tray. One of the time properties tabs is labelled ‘Internet time’. On this tab is a field called “Server” which accepts either the IP address or domain name of a NTP time server. Click the “Update Now” button and Windows will attempt to synchronise with the selected time reference. Ensure that the “Automatically Synchronise with an Internet Time Source” option is ticked and Windows will periodically update time from the reference automatically, thus keeping your system clock accurate.

If synchronisation fails then ensure that the supplied IP address or domain name of the NTP server is correct. Alternatively, it may be your firewall that is preventing communication with the time server. NTP operates on UDP port 123, so you must ensure that this port is left open on your firewall. The Windows firewall can be accessed from the Control Panel. To open NTP port 123, open the Windows Security Centre and select ‘Manage Security Settings for Windows Firewall’. From the Windows Firewall applet select the ‘Exceptions’ tab. Click ‘Add Port’ to add an exception to the firewall. Enter a name for the exception, such as ‘NTP port’, and port number ‘123’ and check UDP. Click OK to accept the settings. If you have a separate combined firewall and ADSL router, you may need to refer to your manufacturers documentation to find out how to open a port on the firewall.

To conclude, most computers keep extremely poor time. For many applications that rely on accurate time stamps, this can be entirely unacceptable. However, by utilising the Network Time Protocol, everyone can ensure that their computers system time is kept in sync with the most accurate clock in the world!

Please visit TimeTools website for more information and articles on NTP servers, network time synchronisation and time server solutions.

Quick Diagnosis of a Dead Laptop LCD Display

If you own a laptop computer, sooner or later you are going to be faced with a computer that has a display that has gone dark typically in one of two scenarios. In the most common case the LCD screen is damaged because of some physical event that caused the screen to be cracked or broken. Laptops do not take kindly to being dropped, especially when the case is opened and the accident occurs. In the second case there no physical damage and a malfunction in the video,power or control circuitry has caused the display to malfunction.

In the case of the cracked or physically damaged screen you need to determine if there is other damage to the laptop. The best way to do this is to plug in an external monitor using the video output connector at the rear of the laptop case. If the external monitor works and you see that your applications function then you know that you are looking at a LCD screen repair, and in the event you don’t repair the laptop you can still recover your data. Even if you elect not to repair the laptop this kind of failure is the best of a bad situation because the laptops still functions and you can still recover your data.

If the Laptop screen hasn’t been physically damaged, but the screen is still blank, you should still connect an external monitor as described above and determine if the rest of the laptop is functional. In the case where the screen is blank and an external monitor doesn’t work a more expensive diagnosis and repair scenario will probably be your only option.

It is always best to take these basic steps before you get a repair person involved. You should think through your repair options before you are confronted with a potentially costly repair decision.

The author is a computer industry professional in the service and repair industry. His career dates back to the early 1960’s and the early solid state large scale super computers. He has managed services organizations responsible for service of large PC networks and manged repair center operations. He has served on service industry councils of IBM, HP and Compaq. His website is focused on providing information on, and sources for cheap laptop computers.

Building Vs Buying a New PC – An Overview

You’ve come to a point where you need a new computer. Should you head to the local electronics megastore and see what’s on the rack, or should you try and build a system yourself?

First off, you need to ask some fundamental questions. What is your budget? What do you expect from a computer? What will its primary functions be? Do you want it for gaming, or to surf the Web and create documents and spreadsheets? Will you be doing a lot of photo editing and artwork?

These are just some of the things to consider. Also, what kind of money are you willing to spend not only on the computer, but a printer, monitor, security software, separate data storage devices, webcams etc.

We’ll take a stroll down both paths, and I’ll try to keep things as easy to understand as I can, and limit the techspeak, unless it’s unavoidable.

Buying a New System

There are several manufacturers in the computing world, and each one makes several different types of systems. I won’t use brand names, as each company has its own merits, and its own drawbacks. Just remember, a good rule of thumb these days is a new computer system is generally obsolete after a year, sometimes sooner.

Another thing to keep in mind is expandability. A key question to ask is can you upgrade components easily? With some manufacturers, you can only use the parts that they make, such as RAM and power supplies. As time passes, the cost of replacing parts becomes a problem, as well as even being able to find them.

Don’t let these things throw you, however. Many companies are leading edge, and do their best to stay current, if not ahead, of the game. Just be aware that you’ll pay a premium for the newest features, but the cost usually doesn’t pay for itself in the long run.

Always do your homework on a particular system that catches your eye. There is plenty of information available on all the devices and gadgets out there, and if something about a system is suspect or faulty, it won’t take long to be made known to the world.

Also, don’t be shy about grilling a salesperson about features that you don’t understand or have heard bad things about. Rule of thumb on this is: If the salesman can’t answer your questions, don’t be led astray. It’s your investment, and any investment is worth understanding fully.

Building a System

Here’s where things get really interesting. If you’ve never put a computer together, it can seem impossible. However, if you have a small amount of mechanical ability and patience, you’ll find this to be a very rewarding pursuit.

You’ll also get a good understanding of how each component makes up an overall computer, as well as how each one works. I’ve personally built more machines than I can easily count, and each time out it’s always similar, but also very different.

A trip to a bookstore or the ‘Net will get you more than enough information for a complete overview of how a PC is constructed.

One of the main considerations on building your own machine is that you can blow your budget quickly on components. Always try to get the most value for the money you’re willing to spend, and shop around for the best bargains. Again, do your homework and research before heading to the store.

If you’d like to send questions to me, please feel free to visit my Website and I’ll be happy to answer your queries, or point you in the right direction.

Good luck, and happy computing!

New Security Options in Lenovo Notebooks

Due to a growing number of notebook theft cases both manufacturers and normal users are always looking for new ways to protect data on their hard drives. Notebook theft is not a joke especially if you keep on his hard drive personal or confidential business data. The thief can get access to virtually all the information needed for identity theft.

Many peoples to avoid these types of threats chose notebooks with built-in fingerprint readers and encrypts data on their computers. But the Lenovo company proposes completely new solution in notebooks security which intends to put on sale in the coming year. One sms message sent by the owner will be sufficient to disable stolen notebook computer.

Service “Lenovo Constant Secure Remote Disable Feature” will together with devices that support WWAN. The user sending simple text message such as “Lockdown PC” or “PC shut off” will be able to block his computer operation.

At the time of receipt of message your notebook will automatically shuts off and in the case that thief will try to start it again it will completely block your machine. Also there will be message sent to the owner of the notebook informing that his computer was successfully blocked. In the case when the owner will get back his notebook he will be able to unlock his machine via a previously set password.

Introducing this type of security significantly reduce the stress associated with the loss of the notebook and the data contained on his hard drive. And with connection with already existing security features such as fingerprint readers, hard drive encrypting or security chip’s Lenovo notebooks will have the most advanced security features available on the market – says Bob Galush from Lenovo

As for now however it is unknown whether the data contained on a computer’s hard drive will be secure after it will be dismounted from the computer.

Marcin Zielezny

Marcin is the writer for blog reporting on the latest new gadgets and gizmos that you can buy in stores.

USB Flash Drive Operating Systems

Did you know that you could get an entire operating system on a flash USB drive? Most firmware in modern PCs allows booting from these drives. That means that a bootable flash drive could allow you to launch an operating system, this is commonly called Live USB and applies mostly to Linux operating systems. However, there is a MS Windows version available and some versions of BSD are also available on flash USBs.

Live USBs are good special purpose or brief tasks like doing an operating system install or disk cloning operation across a network, loading a minimal kernel for embedded operations and maintenance tasks.

A properly configured Windows USB flash drive will allow you to install a version of Windows XP on a drive, with extra software if there’s space. To do this, a special utility is required, as well as a fairly large drive. You will end up with a portable, compact emergency version of your operating system.

Live USBs are more commonly used by Linux operating systems, and are closely related to the now-common live CDs. Like CDs, USBs can be used to help test a distribution, recover data and many other tasks. Live USBs have many of the same limitations and benefits of a live CD. It is, however, easier for a live USB’s data to be changed, since CDs are usually permanently written. That makes it easier to use a live USB as personal storage, allowing a user to carry their preferred applications, operating system and configuration. Sharing a single system between multiple users is much easier in this case.

Live USBs can also provide extra privacy, since the USB device is carried by the user and storage in a safe location is easy. However, the small size of these devices also means that they are easily lost and stolen; making backups and encryption more important for USB flash drive operating systems than normal desktop operating systems.

Since USB drives have no moving parts, they are able to have a faster seek time than optical media and hard drives, this means small programs start faster from USB flash drives than from a live CD or hard disk. However, the low data transfer speeds of some USB devices can make booting from them very slow. In addition, older computers may not have a BIOS that supports booting from USB devices. Booting an operating system from a USB drive may slightly reduce the life of the flash drive.

Carrying your own personal operating system in your pocket can be extremely useful for travellers or people using shared computers. Some sites offer tutorials on simplified flash drive installation for many different distributions of Linux (which is the most popular OS for this purpose). These tutorials mean it is much easier to install, boot and run your preferred distribution, with all your settings and files, from a very small drive. Just be sure you have a large enough drive and that you are using it in a computer capable of booting from the USB port.

Note: USB 2.0 capability greatly speeds things up, as well.

Derek Rogers is a freelance writer who writes for a number of UK businesses. For logo branded promotional flash drives, he recommends

A Kid Friendly Home Computer Business

Using your home computer, make it your business to capitalize on the fact that parents LOVE pictures of their kids; and everything they write, or say, or do.

Your business can print photos on nearly anything with the help of your home computer.

I’m the mom of three children; a 17 year old boy, whose been in every sport that uses a ball since he was four years old, and six and seven year old girls who are junior divas. If you are a parent you know it is true; if you aren’t a parent, trust me when I say that I have spent literally thousands of dollars on photos of my children. Oh,if I had only known that I could be the one benefiting financially from that motherly need to see her children on T-shirts, tote bags, buttons and nearly anything else you can find.

You will need special software and a high quality printer for this endeavor, but if you already have the children, or you know where to find several of them, chances are you have all of the contacts you need for a healthy home business. Your computer does most of the work for you.

Your business can make personalized books with the help of your home computer.

There are several programs for this endeavor. Some require a hefty start up fee but offer a high quality hard backed book. If this is the business you choose I offer an alternative idea with less of a financial investment required. Create a generic children’s story that will work in most situations, and take orders to personalize it. Using your color printer, create a small paper backed book, or even one with a spiral binding if you choose. If you’re really creative; offer, for a fee of course, to use digital photos of the child instead of generic illustrations to further personalize it.

Parents just love this stuff, at least this one did. Three times.

Your home business can offer personalized certificates made on your computer.

Okay, most people have their own home computer and can print their own personalized certificates if they have the software. However, if the parent has more than two children, isn’t crafty or works full time, the probability is that they might use your services because it is a more efficient use of their time. Your goal is to make them realize how much they need it.

If you have children of your own you have the perfect marketing tools. Display little Johnny’s face on everything you might want to produce for the other parents. Give the soccer coach on of the personalized certificate of appreciation that you offer. Have your darling little Mary take her own personalized book for “show and tell, then be ready for the orders to come in, because they will.

Your business can make use of the home computer to create and send the marketing materials, the samples, the finished product and the billing and that is an effective use of your time.
— Andora Henson