Number 280 - September 2006
Internet Forensics
by Robert Jones, reviewed by Charlene Brown, Big Blue and Cousins:
The Greater Victoria Personal Computer Users' Association


   Internet Forensics has instructions about how to dig through dubious websites for useful, buried information, and learn how to track down the people behind those surprisingly inexpensive prescription drug offers and phishing expeditions that find their way into your Inbox. And, importantly, they explain the precautions you should take when exposing your system to the higher inherent risks--especially if you're venturing into this mess with Windows Internet Explorer. This book, in fact, contains many warnings--cunningly identified by a picture of a leg-hold trap.

   Internet Forensics appears to be a thoroughly researched, well-written book, and it is aimed at and intended for the professional developer community.

   Strangely, I didn't get any spam--no big lottery wins, not a word from Nigeria--while I was reading the book. But, wouldn't you know it, they provide an archive of the stuff you can use to test your newfound forensic skills.

   Besides tracking back spam to its source, the book shows you how to safely extract attachments that may contain viruses or spyware. (Apparently, I was scared off by all those leg-hold traps). They go well beyond a routine explanation of the working of dig, whois, and traceroute (built into UNIX and available as shareware for us benighted Windows amateurs).

   You can also learn how to:

   
  • tidy up Source HTML, figure it out, extract links, and compare real and suspect sites
    •    
  • overcome some imaginative forms of obfuscation, such as padded URLs, and every possible type of redirection and imitation of, for example, banking and credit card sites
    •    
  • dig out file history in a Word doc (They have 'metadata' just like web sites. Who knew?)
    •    
  • use Acrobat to mine a PDF for information.


    •    The writer has a 'vision' of how the techniques explained will be used by the 'open source' community who he sees as the guardians of the internet. This is preceded by a section 'Getting in over your head' where he explains why you should not get involved in vigilantism or amateur crusades against child pornography.

       Internet Forensics appears to be a thoroughly researched, well-written book, and it is aimed at and intended for the professional developer community. It also is described as a useful, entertaining guide to internet 'Crime Scene Investigation' for the rest of us everyday users of email and the internet--but, at $55.95 may be a bit pricey for just 'entertaining.'.

       Internet Forensics, by Robert Jones, Publisher: O'Reilly Price: $55.95, 223 pages, ISBN: 0-596-10006-X

       Copyright (C) 1990-2006 by Big Blue and Cousins: The Greater Victoria Personal Computer Users' Association. www.bbc.org
      Number 280 - September 2006