Remote Forensic Software. Dr. Michael Thomas DigiTask GmbH, Germany



Similar documents
WHITE PAPER. Gaining Total Visibility for Lawful Interception

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications VIDYO

Credit Card Security

FINFISHER. it intrusion. Remote Monitoring & Infection Solutions FINSPY QUICK INFORMATION

DiamondStream Data Security Policy Summary

Security. TestOut Modules

Portal Administration. Administrator Guide

Overview Servers and Infrastructure Communication channels Peer-to-Peer connections Data Compression and Encryption...

The Benefits of SSL Content Inspection ABSTRACT

Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module

Connecting an Android to a FortiGate with SSL VPN

Preparing for GO!Enterprise MDM On-Demand Service

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

REPORT & ENFORCE POLICY

WHITE PAPER. Managed File Transfer: When Data Loss Prevention Is Not Enough Moving Beyond Stopping Leaks and Protecting

Is Skype Safe for Judges?

In this Profile. USA Tel: Fax:

Security Policy Revision Date: 23 April 2009

Utimaco LIMS Access Points. Realtime Network Monitoring for Lawful Interception and Data Retention

Web-based Instant Messaging

LBSEC.

NTP VoIP Platform: A SIP VoIP Platform and Its Services

This works very well for situations where all computers are within the same LAN and can access both the SQL server and the network shares.

Cyber solutions for the fight against crime

Configuring IPsec VPN with a FortiGate and a Cisco ASA

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

Transition Networks White Paper. Network Security. Why Authentication Matters YOUR NETWORK. OUR CONNECTION.

IBX Business Network Platform Information Security Controls Document Classification [Public]

Joe Davies Principal Writer Windows Server Documentation

Retrieving Internet chat history with the same ease as a squirrel cracks nuts

Employee PC and Server Activity Monitoring Solution

Windows Server 2003 default services

Migration from TDM to IP in Public Safety Environments: The Challenge for Voice Recording

EAGLE EYE Wi-Fi. 1. Introduction

User Guide. Web Chat Gateway. Release 5.0

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Crossing firewalls. Liane Tarouco Leandro Bertholdo RNP POP/RS. Firewalls block H.323 ports

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

IP-based Delivery Network via OpenVPN Provider Handbook

A Model-based Methodology for Developing Secure VoIP Systems

Setup Guide: Server-side synchronization for CRM Online and Exchange Server

AD Image Encryption. Format Version 1.2

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

Controlling SSL Decryption. Overview. SSL Variability. Tech Note

See Criminal Internet Communication as it Happens.

User Guide. Web Chat Gateway. Release 4.0

Security Features 01/01/2014

Phone: Fax: Box: 230

Using a VPN with CentraLine AX Systems

WS_FTP Professional 12. Security Guide

Inspection of Encrypted HTTPS Traffic

Encryption and Digital Signatures

Presented by Philippe Bogaerts Senior Field Systems Engineer Securing application delivery in the cloud

introducing The BlackBerry Collaboration Service

VPN Solutions SECURITY SOFTWARE. Product Information

Special Edition for Loadbalancer.org GmbH

Citrix Application Streaming. Universal Application Packaging and Delivery Breaking Away from Traditional IT

Secure Web Appliance. SSL Intercept

That Point of Sale is a PoS

Top tips for improved network security

How To Secure Your From Being Hacked On A Pc Or Mac Or Ipad (For Free) For A Long Time (For A Long Period Of Time) For Free (For Commercial) For Your Money (For Business) For The Long Term

ReadyNAS Remote White Paper. NETGEAR May 2010

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan

Wireless VPN White Paper. WIALAN Technologies, Inc.

TeamViewer Security Information

SITECATALYST SECURITY

EAGLE EYE IP TAP. 1. Introduction

Useful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important

Application notes for SIPERA UC-Sec 4.0 Remote User Enablement Solution with Avaya Multimedia Communication System 5100 release 4.0 Issue 1.

Electronic Prescribing of Controlled Substances Technical Framework Panel. Mark Gingrich, RxHub LLC July 11, 2006

White Paper DocuWare Cloud. Version 2.0

we secure YOUR network we secure network security English network security

Networks & Security Course. Web of Trust and Network Forensics

Windows Remote Access

Stealth OpenVPN and SSH Tunneling Over HTTPS

Configuring Basic Settings

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

Strong Security in Multiple Server Environments

What is the Barracuda SSL VPN Server Agent?

When enterprise mobility strategies are discussed, security is usually one of the first topics

HTTPS Inspection with Cisco CWS

Installing and Configuring vcenter Multi-Hypervisor Manager

SonicWALL PCI 1.1 Implementation Guide

Transcription:

Dr. Michael Thomas DigiTask GmbH, Germany

DigiTask Who we are and what we do Special Telecommunication Systems for Law Enforcement Agencies (LEA) Development of special solutions for the needs of LI Located in the middle of Germany DigiTask has overall experience of many years in LI systems DigiTask is market leader for LI in Germany DigiTask is privately owned and independent 1

DigiTask Main Products Complete LI systems Database supported analysis for telephony real time IP decoding and visualization Integrating multimedia player Supporting ETSI standards Mediation Devices 24/7 support Onsite training WiFi-Catcher Remote Forensic Software 2

Content 1. What intelligence may be lost with today's LI systems? 2. What is Remote Forensic Software? 3. What is provided by the DigiTask solution? 3

1. What intelligence is lost? 1. What intelligence may be lost with today's LI systems? Information that can be gathered but not decoded might be decoded but cannot be gathered is not available even after seizure of equipment 4

1. What intelligence is lost? Instant Messaging Clients encrypted by default: Wikipedia overview of IM lists 55 clients, 34 with out of the box encryption Skype Source: Wikipedia 5

1. What intelligence is lost? External tools for encryption: e.g. SimpLite/SimpPro targets Windows Live Messenger ICQ/AIM Yahoo 6

1. What intelligence is lost? WWW: sensitive data uses HTTPS Online banking E commerce Booking systems Webmail Chat Observable data Remote IP Time and amount of traffic 7

1. What intelligence is lost? E-Mail POP/SMTP use TSL/SSL Local encryption with PGP, GnuPG 8

1. What intelligence is lost? VPN connections between endpoints commercial anonymising VPN e.g. Relakks (Sweden, 5/month) Swissvpn (Switzerland, US$ 5/month) Tor/JAP encrypted traffic changing endpoints 9

1. What intelligence is lost? Nomadic targets travellers suspects seeking open WLANs Tapping internet connections of targets useless Disk encryption software Seizure of equipment useless if password is unknown 10

1. What intelligence is lost? Availability Most of this software is easily available» computer magazines» internet free of cost easy to use Answer to question: Everything may be lost With a few hours effort, today's LI systems can be turned blind and deaf. 11

2. What is Remote Forensic Software? Stealth software installed on computer of target to overcome encryption handle nomadic targets monitor activity for criminal investigations intelligence gathering 12

3. What is provided by the DigiTask solution? 3.1. Additional intelligence Audio data, e.g. from messengers Screenshots Keylogs File search Registry settings Remote shell... (more in track 5) 13

3. What is provided by the DigiTask solution? SSL decryption Keys intercepted in application Keys and encrypted traffic tapped Decoding possible Requires DigiTask LI system 14

3. What is provided by the DigiTask solution? 3.2. Data Analysis Standalone system Immediately deployable Backward channel to target Optional seamless integration in DigiTask LI system No new user interface for operators Correlation of RFS data with conventional LI Interactions with target become impossible Core area of private life 15

3. What is provided by the DigiTask solution? 3.3. Security Protection of data stream Data is AES encrypted Proxies between target and recording server Connection cannot be traced Authenticity of data File transfers are signed Safeguards against manipulations Important for criminal investigation 16

3. What is provided by the DigiTask solution? 3.4. Customization Software may be built according to court order "Forbidden" features removed from software cannot be activated After installation: online update possible Source code of customization archived verifiable by expert witness 17

Conclusion Encryption for every kind of communication easily available Circumvention by means of Remote Forensic Software Standalone operation Integration in LI system Authenticity of data for criminal investigations 18

Further information Presentation in track 2 today: 13:30 DigiTask LI system Life demonstration in track 5 today: 14:30 DigiTask LI system 16:00 Remote Forensic Software Visit our booth in main exhibition hall Arrange presentation at your location Thank you. 19

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information