Forensic computer assignment PDF

Title	Forensic computer assignment
Author	marry jones
Course	Computer Crime and Forensic Science
Institution	Trent University
Pages	5
File Size	59.6 KB
File Type	PDF
Total Downloads	42
Total Views	131

Preview

CLICK TO PREVIEW PDF

Summary

Download Forensic computer assignment PDF

Description

Trent University COIS/FRSC 2750H WEB Summer 2019 Assignment 2

1 a)

4 5 2 0 2 2 2 1 4 6 5 5 1 4 8 5 = original credit card number 8 5 4 0 4 2 4 1 8 6 10 5 2 4 16 5 =doubled every other number starting with the 15 th number far right and Brought down every other original number. 8 5 4 0 4 2 4 1 8 6 1 5 2 4 7 5 = each digit that when doubled the sum was greater than 9, I added the wo digits together. Got the new set of digits. Then I added all the new digits together, which equals 66, which made the credit card number invalid. To make it a valid credit card number, I added 4 to make 70 added 4 to the check digit which equals 9. 4 5 2 0 2 2 2 1 4 6 5 5 1 4 8 9 = original credit card number with only the check digit changed. Original credit card number is Valid now.

b)

5 4 4 6 4 5 8 7 2 5 8 4 7 9 0 8 = original credit card number

10 4 8 6 8 5 16 7 4 5 16 4 14 9 0 8 = doubled every other number starting with the 15 th number far right and Brought down every other original number. 1 4 8 6 8 5 7 7 4 5 7 4 5 9 0 8 = each digit that when doubled the sum was greater than 9, I added the two digits together. Got the new set of digits. Then I added all the new digits together, which equals 88. Then I minus 8 to equal 80. Then I minus 8 from the check digit which would equal 0 5 4 4 6 4 5 8 7 2 5 8 4 7 9 0 0 = original credit card number is valid now only changing the check digit.

c)

4 2 1 9 2 3 4 1 7 2 3 4 2 0 3 4 = original credit card number

8 2 2 9 4 3 8 1 14 2 6 4 4 0 6 4 = doubled every other number starting with the 15 th number far right and Brought down every other original number. 8 2 2 9 4 3 8 1 5 2 6 4 4 0 6 4 = each digit that when doubled the sum was greater than 9, I added the

two digits together. Got the new set of digits. Then I added all the new digits together, which equals 68, which made the credit card number invalid. To make it a valid credit card number, I added 2 to make 70 add 2 to the check digit which equals 6 4 2 1 9 2 3 4 1 7 2 3 4 2 0 3 6 = original credit card number with only the check digit changed. Equals Valid credit card number

d)

6 9 3 3 7 2 5 9 2 3 9 0 3 5 7 5 = original credit card number

12 9 6 3 14 2 10 9 4 3 18 0 6 5 14 5 = doubled every other number starting with the 15 th number far right and Brought down every other original number.

3 9 6 3 5 2 1 9 4 3 9 0 6 5 5 5 = each digit that when doubled the sum was greater than 9, I added the two digits together. Got the new set of digits. Then I added all the new digits together, which equals 75, which made the credit card number invalid. To make it a valid credit card number, I minis 5 to make 70 minis 5 to the check digit which equals 0

6 9 3 3 7 2 5 9 2 3 9 0 3 5 7 0 = original credit card number with only the check digit changed. Equals Valid credit card number

2. a) On whois I can see the Domains name, Domains status, Registrants ID, Registrants Name, Registrants full Address, Registrants phone number and email address, Administrations Name, Admins full Address, phone number and email address. DNSSEC unsigned. With this information Bad guys can do a lot of damage to both the organization and the Administration. The bad guys could send Phishing emails, they could send it through text to the Administration guy. Whatever information they would get through the phishing emails they could put that together with the information they already have from the whois page and they could obtain even more personal information. They could redirect the site, so when people click on the mint site it brings them somewhere else. Even having the admins address, the bad guys could stalk the administration person. They could take over his Identity. Good guys could get the address of the organization and telephone number, for legal information.

b) The Ping shows how long Packets take to reach a host. It is showing if the Host you are trying to communicate is working. What I can see on it is, how long it took 64 bytes to reach UOIT in ms it took 108, 108, 109, 108 milliseconds and it shows the IP address 205.211.180.33. Packets transmitted 4, packets received 4, packets lost 0 % time 3010. The round trip time took, min 108.776, avg 108.894, max 109.056, mdev 0.346 The IP address is used by hacker to find the DNS, which then the hackers can find the domain name (Hackers Online Club, 2018). With most everyone owning a cell phones it can help the authorities find criminals, and people who are missing. They ping the cellphone and it will show the last cell phone tower the phone of the person had a connection with. Goggle also has an app that everyday people can use to find a lost phone, or to check up where their kids are. It is used the same way, the last place the cellphone had a connection to a cell phone tower, it gives a time and approximately where.

c) What I notice was between United States, Europe and Asia/Pacific is that they all take some same certain hops to get to the destination they are going to. The time in milliseconds that it takes for the data to reach there are very close in time.

d) They all ended continent Asia, country Nepal. Nepal telecom. Even though that two had the same ip address United States 202.45.147.242, Asia/Pacific 202.45.147.242 and one was different, Europe 202.70.79.1 it still ended in Nepal.

e) Each time I tried traceroute the route changed each time, but the destination remained the same, Nepal. It is done for security, so that hackers won’t be able to intercept the data before it reaches its destination. Almost the same as in the “real world” when we change up our routine so others will not know when we exactly get home or which route, we take to go places and come back home. The destination is the same, but the time and route will be different, to keep us safe.

3. a) 7B 5C 72 74 66 31 5C 61 64 65 rtl file b) 25 50 44 46 2D 31 2E 34 0A 25 Pdf file. 25 25 45 4F 46 EOF c)

54 65 73 74 20 66 6F 72 20 53 31 39 20 41 73 73 69 67 6E 20 32 ASCII

d)

CRC 32 There are 8 digits in the CRC- 32 hex checksum. The First 7 are: FE88ACF Tiger (192 bit) There are 48 digits in the Tiger hex checksum. The first 7 are: F9E0654

e) Copied File CRC 32 hex checksum 70FCCBE Copied File Tiger (192 bit) hex checksum D410423 In the CRC 32 hex checksum all digits changed. The Tiger (192 bit) hex checksum all the digits changed. f)

Copied file changed C to c. CRC 32 hex checksum mostly changed 7B370668 Tiger (192) hex checksum totally changed 0A84DA3D3B64B76E501BE3DAF563667760B379C94D82665B

g) Matched it to another JPG file. Changed D4 to D8 in the signature line. Picture of an Airplane flying over the ocean with people on the beach taking a picture of it. Building in the background. h) I opened up corrupted2 file in the Hex tool workshop and I started searching the file and I noticed that near the end of the file it said it was a Microsoft .doc file, but on the extension of the corrupted2 file it had it as a pdf file. So I looked up on line the signatures for doc files and I found that the signature in the Hex tool, was that of a doc file. I then went into windows, clicked off the hide extensions and changed the extension on the corrupted2 file from .pdf to .doc. The picture is of a turtle outside in some shallow water of a beach perhaps. Looks like his head is not totally submerged in the water. His eye looks to be open. There are some bubbles around.

4. a) They could get into my financial account and change bank information, obtain my Social Insurance Number and change my address. They could get into my class schedule withdraw me from classes, from full time to part time. They could get into my email. b) Changing my bank information would be catastrophic. I would not get my OSAP funding to pay for school and I would not get my loan either to live. If I had a refund that was going to be deposited into my account I would not get it. Obtaining my SIN, would be catastrophic they could get other pieces of identity of mine. They could use my identity for all sorts of things and then I would have to prove I did not do the things they did when they stole my identity. Changing my address or having my address would be catastrophic, they also could use my address along with other information they have about me, to obtain more personal information. Obtaining access to my email, would be catastrophic because they

would be pretending to be me writing to people, who believe it is me and the person the hacker has contacted could give them personal information. I think any type of personal theft is catastrophic, especially if not caught in time. If they got into my class schedule and changed my course load from full time to part time, it would be catastrophic because that would affect my OSAP, and I would owe money to OSAP and I could be penalized. c) Email phishing, pretending to be a part of Trent university and asking for you to verify your login information. They could send links in emails that if someone clicks on it, they would download a virus that would send keystroke information back to the hacker. When someone logs on to a public computer and forget to log out of it they could get into your account and change the password. When anyone asks for information through email do not give it, because Trent will not send an email asking you to verify your login information. Do not even send friends your personal information through email, because a hacker could intercept that email and receive the information also or instead of your friend. Do not click on links sent in emails from people you do not know. Do not save login information and do not keep one password for all your on line logins....