Digital Forensics & the Internet

The book I read to research this post was digital forensics for network, internet & cloud computing by various authors which is an excellent book which I bought from kindle. Digital forensics is about getting information from digital devices like computers, smartphones & game consoles. In this book they look at networks, the internet in general and cloud networks. More and more companies are using cloud computing & when you consider you can rent the equivalent of a server for around $40 a month you can see why it's so popular. It also takes out the headaches of setting up things like a firewall as your cloud provider takes care of it. Amazon lets you install windows server 2008 or linux on your partition and it functions just like one of your own servers. Rackspace only works with linux. Microsoft has a cloud database called Azure but hasn't embrassed cloud computing as successfully as some other companies. Whether it's cracking passwords or sniffing packets of wireless data the number of programs that can be used in digital forensics is endless. There is a program called Rapier which while it will tell you what's on a computer or network can't be used for digital forensics because it's likely to change some of the data. Forensics use programs like snort, wireshark, tcpdump & md5. Snort and wireshark are packet sniffers. Snort will examine a network while wireshark examines wireless networks. Md5 will make a copy of a hard drive. Tcpdump examines what is on a computer and will produce a dump file. Normally a cloud network will have good security because the provider has to reassure clients they can have peace of mind. It only takes 1 cloud network to get hacked and the provider is in deep trouble. Wireshark has lots of add ons which extend the functionality of the program. Many of the smaller cloud providers use Vmware as it's economical in the space it takes up.