program that listens to all network traffic. It will need WinPcap library to get access to raw network data. WinPcap will be discussed in the next sub-section. Although there are many sniffers for windows platform, windump is free open-source that does not y costanything A and F the syntax almost the same as tcpdump. The second file: WinPcap is an application for packet capture and network analysis. The recovered file was WinPcap version 3.1.Beta3, and the latest version is Beta4. Mr. Lawrence copied/downloaded the file on Oct 27th 2004 16:23:54 and used it last on Oct 28th 2004. Thursday Oct 28, 2004 00:00:00 E:/WinDump.exe (_INDUMP.EXE) Within the network capture log file, I discovered the image called “_capture”. I did further analysis on this log file by viewing its hex value showed that it consisted of Ms. Conley’s email communication to a friend to meet at a coffee shop. Due to the file being in “raw” format, email communications were conducted over the HTTP protocol via hotmail.com, the actual output of the email content is not in readable format. The information contained within the “raw” file is shown below: Time= October 28 th – 11:10AM Login= [email protected]
To= [email protected] Subject= coffee Sure, coffee sounds great. Let's meet at the coffee shop on the corner Hollywood and McCadden. It's a nice out of the way spot. See you at 7pm -Leila This information is indicating that Robert had compromised and taken over Ms. Conley’s email conversations, which is a violation of the federal wiretapping law.
You've reached the end of your free preview.
Want to read all 14 pages?
- Fall '15
- 1966, 1962, 1917, 1941