E-Detective Network Investigation Toolkit - NIT (2010) Decision Group .
22
E-Detective Network Investigation Toolkit - NIT (2010) Decision Group www.edecision4u.com
-
Upload
marilynn-floyd -
Category
Documents
-
view
219 -
download
0
Transcript of E-Detective Network Investigation Toolkit - NIT (2010) Decision Group .
E-Detective Network Investigation Toolkit - NIT (2010)
Decision Groupwww.edecision4u.com
Introduction to Network Investigation Toolkit
What are the capabilities of NIT? Interception of Ethernet LAN
traffic through mirror port (or by network tap).
Interception of WLAN traffic (up to 4 different WLAN channels).
Intercept ion of Ethernet LAN HTTPS/SSL traffic by MITM attack.
Intercept ion of WLAN HTTPS/SSL traffic by MITM attack.
Real-time raw data decoding and reconstruction.
Offline raw data decoding and reconstruction.
Forensics analysis and investigation.
Solution for:Lawful Enforcement Agencies (Police Intelligence, Military Intelligence, National Security, Counter Terrorism, Cyber Security, Defense Ministry etc.
NIT Implementation Mode (1)
NIT Implementation Mode (2)
NIT Implementation Mode (3)
NIT Implementation Mode (4)
NIT – Homepage – Status of Operation
Display the current operation mode and status of implementation
IM/Chat(Yahoo,
MSN, ICQ,QQ, IRC,
Google TalkEtc.)
EmailWebmail
HTTP(Link, Content,Reconstruct,
UploadDownload)
File TransferFTP, P2P
OthersOnline Games
Telnet etc.
NIT Internet Protocols Supported
NIT – Homepage – Status of Operation
Top-Down view on Case Results
GUI.
Sample: Email (POP3, SMTP, IMAP)
Sample: Webmail (Read and Sent)
Webmail Type: Yahoo Mail, Gmail, Windows Live Hotmail, Giga Mail
and others
Sample: IM (Yahoo, MSN, ICQ etc.)
Yahoo: Includes file transfer, webcam, voice
call (GIPS Decoder Required)
MSN: Includes file transfer, webcam
Sample: HTTP Link and HTTP Content
Sample: HTTP Video Streaming
Sample: Incomplete Connections
Incomplete connection sessions can be
viewed by binary-text viewer
Search – Free Text (Key Words) and Advanced
Free Text (Key Words Search)
Advanced Search (Conditional
Search)
NIT – System Specifications (1)
NIT – System Specifications (2)
NIT – System Specifications (3)
NIT – System Specifications (4)
References – Implementation Sites and Customers
Criminal Investigation Bureau The Bureau of Investigation Ministry of Justice National Security Agency (Bureau) in various countries Intelligence Agency in various countries Ministry of Defense in various countries Counter/Anti Terrorism Department National Police, Royal Police in various countries Government Ministries in various countries Federal Investigation Bureau in various countries Telco/Internet Service Provider in various countries Banking and Finance organizations in various countries Others
Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.
Decision Group
www.edecision4u.com
