Analysis of Data Remaining on Second Hand ADSL Routers

In theory, an ADSL router can provide an additional layer of security to a wired and wireless network through; access control, wireless encryption, firewall rule sets, and network event logging. An ADSL router may also contain the users’ usage habits and broadband account credentials. However, end-users may be unaware of the intricacies of the security measures available and the potentially confidential information stored on their device. As a result a second hand ADSL router may contain a wealth of user-specific information if not wiped and disposed of in a secure manner. This paper shows the data that was acquired from a selection of second hand ADSL routers purchased during the first quarter of 2011. From the data acquired and analyzed, individuals are not removing their personally identifiable information and are leaving confidential data which may lead to detrimental outcomes if misused. The paper also shows that end-user applied security on these devices was alarmingly low. Thus many consumers may fall victim to new and emergent Internet based crimes if the full security capabilities of their ADSL router are not applie

Fireguard - A Secure Browser with Reduced Forensic Footprint

Fireguard is a secure portable browser designed to reduce both data leakage from browser data remnants and cyber attacks from malicious code exploiting vulnerabilites in browser plug-ins, extensions and software updates. A browser can leave data remnants on a host PC hard disk drive, often unbeknown to a user, in the form of cookies, histories, saved passwords, cached web pages and downloaded objects. Forensic analysis, using freely available computer forensic tools, may reveal sensitive and confidential information. A browser’s capability to increase its features through plug-ins and extensions and perform patch management or upgrade to a new release via a software update provides an opportunity for an attacker to embed malicious software and subsequently launch a cyber attack. Fireguard has been implemented using both Mozilla Firefox and the storage and protection capabilities of the Mini-SDV, a secure Portable Execution and Storage Environment (PESE). In this paper the design and development of Fireguard is discussed. The requirement for a secure PESE and the functionality of the Mini-SDV is presented. An overview is given of the motivation for the development of Fireguard. The reasons Firefox was selected and the Firefox structure and security vulnerabilities are summarised. The implementation approach adopted is discussed and the results of an analysis of the Firefox implementation are presented. The Mini-SDV configuration for Fireguard and an outline of the concept of operation is given. The changes made to Firefox to implement Fireguard as a browser that reduces the opportunity for data leakage and cyber attack, and minimises its forensic footprint are discussed. The paper concludes by considering the strengths and limitations of the Fireguard implementation

Introductory Computer Forensics

INTERPOL (International Police) built cybercrime programs to keep up with emerging cyber threats, and aims to coordinate and assist international operations for ?ghting crimes involving computers. Although signi?cant international efforts are being made in dealing with cybercrime and cyber-terrorism, ?nding effective, cooperative, and collaborative ways to deal with complicated cases that span multiple jurisdictions has proven dif?cult in practic

Deploying a secure Windows operating system and applications.

Many businesses have poor IT infrastructure and are in need of a major overhaul. University of Louisville Properties (ULP), in particular, needed the ability to share files between staff, backup data, secure data, and eliminate viruses and malware. Along those lines, ULP was looking for a secure, stable, reliable, and most importantly, a costeffective Microsoft solution to their IT woes. For consistency and reliability, a Symantec Ghost image was created of such a system. This system was created using Windows XP Professional, Microsoft Office 2003, Symantec Client Security, and Microsoft Sysprep. The image was deployed to all ULP computers, creating the exact environment for which they were looking. Each user began logging in with a user name and password, which alone increased security significantly. A file server was implemented so that data could be centralized and shared among staff members. In addition, a backup system was implemented that automated the backup process to cover all PCs including the central file server. Also, Microsoft Sysprep enabled one image to be distributed to multiple hardware platforms, which reduced image creation time drastically. Symantec Client Security added the antivirus and firewall components needed to control network traffic, viruses, and malware. These changes eliminated the problems that ULP faced and allowed the staff more functionality in their IT environment. With data redundancy, file security, and system reliability, the staff now enjoys a care-free computing experience for very little cost