Section 1.6. Before You Begin


1.6. Before You Begin

I need to offer a few words of caution before you begin poking around some of the more dubious corners of the Internet.

1.6.1. Viruses, Worms, and Other Threats

Computer viruses and spyware are everyday threats on the Internet. But in actively seeking out and examining dubious web sites, you may be exposing your systems to higher than normal risks. As I describe in Chapter 3, the worlds of spam distribution and computer viruses have already merged in the form of the Sobig virus. This type of threat should not be a problem as long as you take suitable, simple precautions.

A Unix-based operating system, such as Linux or Mac OS X, is the preferred platform from which to investigate dubious web sites and email messages. The Unix environment is less susceptible to computer viruses, with control mechanisms that make it difficult for rogue executables to be installed simply by downloading them.

If you do use a Windows system to follow the techniques and examples given in this book, then you need to take several important precautions. It goes without saying that you need to have good antivirus software installed and running on the system. Not only that, it needs to be kept up to date with current virus definitions. If you are actively exploring web sites, then make sure you scan your system frequently.

The same goes for spyware , which is perhaps even more a problem in the context of visiting web sites. There are some excellent free tools available for finding and eradicating this on Windows computersfor example:


Ad-Aware

www.lavasoftusa.com/software/adaware/


Spybot - Search & Destroy

www.safer-networking.org/en/index.html


Microsoft AntiSpyware

www.microsoft.com/athome/security/spyware/software/default.mspx

Again, you should scan your system frequently with these tools.

Historically, a major vulnerability on Windows systems has been Internet Explorer itself. A series of vulnerabilities have been exposed, exploited, and then patched over the past few years, giving this browser a poor security reputation. Hopefully those problems are a thing of the past, but if that is a concern, then you might want to use Mozilla Firefox (www.mozilla.org/products/firefox/) as an alternate browser.

1.6.2. Ethics

All of the techniques that I describe in the book make use of information that people disclose in the emails that they send and the web sites that they host. That information is readily accessible by anyone who knows where to look.

None of the techniques involve breaking into computers or probing them for vulnerabilities. That crosses the line from legitimate investigation into computer cracking, which in most instances is illegal. I do not, in any way, shape, or form, condone that activity.

But, as with most aspects of life, between these black-and-white extremes lies a gray area where things are not so clear-cut. For example, I have no problem mining a fake bank web site for every piece of information about its creators that I can find. But I would not dream of using those same skills to identify the people involved in, say, a support group for recovering addicts. To me, one target is legitimate and the other is not.

As you work your way through the book and apply the techniques to real emails and web sites, take a moment to consider the ethical implications of what you are doing. Use your powers wisely and stay away from the Dark Side!

1.6.3. Innocent Until Proven Guilty

Whenever they show a telephone number on television, they include 555 after the area code. This is a reserved block of numbers that don't work, which the film companies use to prevent prank calls to regular phone lines. I have taken a similar approach by masking some of the Internet and email addresses that are used in this book.

Throughout the book, you will find many examples of email messages, domain names, URLs, and web pages. These are used to illustrate different techniques, and most are real examples from my Inbox or real sites that I have visited. Most were examples of spam, phishing, or some other dodgy operation, at that point in time. It is important to realize that most web sites that are involved in a scam are short-lived. The chance that any of these sites will still be operational by the time you read this book is minimal. In many of those cases, the specific Internet addresses will have been reassigned to other sites and most will be completely legitimate. Others may represent innocent sites that had been hijacked in order to host a phishing attempt.

You should not make assumptions about the current usage of any specific numeric addresses, hostnames, or web servers that are included in this book.



Internet Forensics
Internet Forensics
ISBN: 059610006X
EAN: 2147483647
Year: 2003
Pages: 121

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net