Internet Forensics
暫譯: 網路取證

Because it's so large and unregulated, the Internet is a fertile breeding ground for all kinds of scams and schemes. Usually it's your credit card number they're after, and they won't stop there. Not just mere annoyances, these scams are real crimes, with real victims. Now, thanks to Internet Forensics from O'Reilly, there's something you can do about it.

This practical guide to defending against Internet fraud gives you the skills you need to uncover the origins of the spammers, con artists, and identity thieves that plague the Internet. Targeted primarily at the developer community, Internet Forensics shows you how to extract the information that lies hidden in every email message, web page, and web server on the Internet. It describes the lengths the bad guys will go to cover their tracks, and offers tricks that you can use to see through their disguises. You'll also gain an understanding for how the Internet functions, and how spammers use these protocols to their devious advantage.

The book is organized around the core technologies of the Internet-email, web sites, servers, and browsers. Chapters describe how these are used and abused and show you how information hidden in each of them can be revealed. Short examples illustrate all the major techniques that are discussed. The ethical and legal issues that arise in the uncovering of Internet abuse are also addressed.

Not surprisingly, the audience for Internet Forensics is boundless. For developers, it's a serious foray into the world of Internet security; for weekend surfers fed up with spam, it's an entertaining and fun guide that lets them play amateur detective from the safe confines of their home or office.

 

Table of Contents

Preface 
1. Introduction

      What Is Internet Forensics? 

      The Seamy Underbelly of the Internet 

      Pulling Back the Curtain 

      Taking Back Our Internet 

      Protecting Your Privacy 

      Before You Begin 

      A Network Neighborhood Watch 
2. Names and Numbers

      Addresses on the Internet 

      Internet Address Tools 

      DNS Record Manipulation 

      An Example-Dissecting a Spam Network 
3. Email

      Message Headers 

      Forged Headers 

      Forging Your Own Headers 

      Tracking the Spammer 

      Viruses, Worms, and Spam 

      Message Attachments 

      Message Content 

      Is It Really Spam? 
4. Obfuscation

      Anatomy of a URL 

      IP Addresses in URLs 

      Usernames in URLs 

      Encoding the Entire Message 

      Similar Domain Names 

      Making a Form Look Like a URL 

      Bait and Switch-URL Redirection 

      JavaScript 

      Browsers and Obfuscation 
5. Web Sites

      Capturing Web Pages 

      Viewing HTML Source 

      Comparing Pages 

      Non-Interactive Downloads Using wget 

      Mapping Out the Entire Web Site 

      Hidden Directories 

      In-Depth Example-Directory Listings 

      Dynamic Web Pages 

      Filling Out Forms 

      In-Depth Example-Server-Side Database 

      Opening the Black Box 
6. Web Servers

      Viewing HTTP Headers 

      What Can Headers Tell Us? 

      Cookies 

      Redirection 

      Web Server Statistics 

      Controlling HTTP Headers 

      A Little Bit of Everything 
7. Web Browsers

      What Your Browser Reveals 

      Apache Web Server Logging 

      Server Log Analysis 

      Protecting Your Privacy 
8. File Contents

      Word Document Metadata 

      U.K. Government Dossier on Iraq 

      Document Forgery 

      Redaction of Sensitive Information 
9. People and Places

      Geographic Location 

      Time Zone 

      Language 

      Expertise 

      Criminal or Victim? 

      Hardware and Software 
10. Patterns of Activity

      Signatures 

      Searching with Signatures 

      Problems with Simple Signatures 

      Full Text Comparison 

      Using Internet Search Engines for Patterns 
11. Case Studies

      Case Study 1: Tidball 

      Case Study 2: Spam Networks 
12. Taking Action

      What Is Being Done to Tackle Internet Fraud? 

      What You Can Do to Help 

      Getting in Over Your Head 

      Vision of a Community Response 
Index