|
|
|
Definition of
computer forensics from New Technologies Inc
|
|
"Computer
Forensics involves the preservation, identification, extraction and
documentation of computer evidence stored in the form of magnetically encoded
information (data)."
|
|
|
|
Forensics is
used for a variety of things including identifying and repairing damage,
identifying the source of the damage in order to eliminate it, and aiding in
legal action. The field of computer
forensics is vast. This presentation
will take an in-depth look into one of the less well known areas, WWW
forensics.
|
|
|
|
WWW forensics
applies to the world of the Internet and Web sites. Specifically, looking at and understanding
your network topology and Web applications topology, including your network
devices such as mail servers, firewalls, ftp servers, and the application
layer, including web servers, application servers, front and back end
servers, databases, and security you have at the application layer.
|
|
|
|
In today's Web
enabled world, Web forensics has become an increasing critical component to
internet security. With 75% of the hacks happening at the application layer,
according to John Pescatore of the Gartner Group, the need to quickly
understand what happened, how it can be prevented or eliminated, and how to
recover from what has been done is receiving growing importance.
|
|
|
