Posted March 26th, 2009 by admin
by Toufiq Ali, NII Consulting
Before you read further make sure you back up all the original settings of the registry or set create a restore point of your system. I assume reader know what a windows remote terminal service is. If not please refer to http://en.wikipedia.org/wiki/Terminal_Services
In Windows XP when a remote user tries to connect using the Remote Desktop Connection (RDC) client in Windows XP, the local user is disconnected from his current session forcefully. RDC, unlike Terminal Server Services in Windows 2000, Server 2003 and Server 2008, is designed for only one session at a time.. This excerpt aims at making terminal services functionality of multiple user login from Windows server 2000, windows server 2003 etc in Windows XP. This would be very useful in environment where the network admin often troubleshoots problem on the network using RDC.
Keep reading as the hack unfolds to enable concurrent remote desktop connection sessions support in Windows XP using the following patched files. Read the rest of this entry »
Posted January 1st, 2009 by admin
1. Business continuity to get focus over disaster recovery
BCM is a process issue related to building the framework to increase business resiliency and restoration capability, while DR is about building redundancy through infrastructure investments. It is quite likely that new DR site investments might happen fewer than they did in 2008. But I would not advise cutting down on building your BCM capability – even if you are an SME. Each one of your people does need to know what needs to be done when things begin to fail. This does not require huge amounts of investment, but does require common sense, risk assessment, and regular training and awareness.
Counter: Focus on an effective Business Continuity Plan that takes into account at least the following – fire, ISP failure, transportation link failure, and yes a terrorist attack as well.
2. Capital expenditure on security technologies likely to be hit
This is one area that has seen the biggest hit and is likely to continue feeling the impact with new investments simply not happening. So fewer firewall upgrades, fewer adoptions of recently introduced solutions such as Data Leakage Prevention (DLP), Network Access Control (NAC), and others.
Counter: Really look for ROI on your capital expenditure on security technologies. Read the rest of this entry »
Posted December 31st, 2008 by admin
I was recently attending a conference on Business Continuity Management, and happened to attend an enlightening talk given by Mr. Vijay Sethi, CIO of Hero Honda – the world’s single-largest two wheeler company. The focus of the talk was on “Reasons for BCP Failure”, and I believe the points given below are highly applicable to a lot of organizations. With his permission, I am presenting the key ideas presented:
1. Faulty drivers for implementing BCP
A lot of organizations implement BCP because customers demand it, or they need it for ISO 27001 certification, or because their auditors have repeatedly stated so.
2. Not business-centric
A lot of BCPs end up becoming focused purely on IT infrastructure, and are more like Disaster Recovery Plans, rather than comprehensive Business Continuity Plans.
3. No clear owner of the BCM process
The success or failure of the BCM depends on who is the internal driver or champion of the process. Thus the owner of the BCM should be clearly defined. While, the CIO or CTO could be the owner, he must ensure he has a larger business perspective, and more importantly the rest of the organization should not see it as an technology-focused initiative, rather as something that affects all of them. Read the rest of this entry »
Posted January 9th, 2008 by admin
The Directorate of Forensic Science laboratory, Government of Maharashtra Mumbai is holding a forensics awareness week from 7th to 11th Jan 2008.
The Director — Dr.Mrs R.Krishnamurthy is pleased to invite persons from the corporate world especially those who are working in the area of Risk management, frauds detection and In house Investigations to their lab at Kalina (Santa Cruz) to get first hand knowledge of the techniques that the lab is using at present.
All those who are interested in visiting this lab, may contact;
Dr. Mrs. S. R. Krishnamurthy,
Director
Directorate of Forensic Science Laboratories
Maharshtra State
Tel: 022 2667 0760. (direct).
Tel : 022 2667 0758/65 (board).
Posted July 30th, 2007 by admin
From NII Consulting
NII Consulting is glad to announce its fourth hands-on workshop for EC-Council’s “Certified Hacking Forensic Investigator (CHFI)” certificate course. As an Accredited Training Provider (ATP), NII is certified to teach the authorized curricula for security technologies.
The CHFI certification is awarded after successfully passing the EC0 312-49 exam. (The training fees include exam vouchers) Read the rest of this entry »
Posted June 22nd, 2007 by Kush
by Kush Wadhwa, NII Consulting
Are you working as a cyber crime investigator and looking for something which can prove in court of law that there was some pornographic content on the suspect’s machine? Let me help you out in this case.There is a file with a name “thumbs.db” which is automatically generated by Windows XP whenever user views the folder or image in thumbs view or in filmstrip view. Automatic generation of this file is ON by default. Thumbs.db contains a copy of each of the tiny preview images generated for image files in that folder so that they load up quickly the next time you browse that folder. If a user tries to view this file by any image viewer then it will be of no use. For extracting the juicy content from this file, forensic investigator has to understand the header of the thumbs file present in thumbs.db. Let me explain step by step on how to extract useful content from thumbs.db file. Read the rest of this entry »
Posted May 29th, 2007 by Kush
by Kush Wadhwa, NII Consulting
There are times when you don’t have sufficient tools to understand the file system. At that time your knowledge in field of digital forensics will play a crucial role. In this article we will study a volume boot sector format of FAT32 file system and will see how to take out crucial information from it like sectors in particular volume, bytes per sector etc…I will be using Encase to explain this article but users can view their hard disk in any hex viewer like for win hex or xxd in Linux. Just open your hard disk’s fat volume in hex editor and follow the steps to understand it. Read the rest of this entry »
Posted February 5th, 2007 by Kush
by Kush Wadhwa, NII Consulting
Have you ever thought of what happens when you hit the delete button?
Delete: When we simply delete a file we are throwing that file in the recycle bin of that particular volume. For example, if file resides in C:\ drive having FAT32 as file system and we delete a file of C:\ drive then that file will move to C:\Recycled. But if it is an NTFS volume then the file will move to \Recycler\.
Shift+Delete: When we hit Shift+Delete the file will not move to Recycled or Recycler. Instead it will by pass these two folders and will simply be deleted. In such scenarios the user does not have an option to restore a file from these two folders. Read the rest of this entry »
Posted October 7th, 2006 by admin
By, K K Mookhey
At long last there is news that changes will definitely be made to the Indian IT Act, purportedly due to the latest series of BPO scams. These have ranged from employees leaking out customer information to actually transferring customer money into their own bank accounts. Given the list of changes that are being proposed to be made, I seriously doubt it will make a difference. Read the rest of this entry »
Posted August 28th, 2006 by Bhushan Shah
by Bhushan Shah, NII Consulting
Mrs Carol L. Stimmel has taken upon her to start a Computer Forensic Volunteer Project to provide low-cost services to those who cannot assert advantage from our skills.
Here is a bit taken from the press release:-
“As expert members of the international computer forensics community which provides unique and highly desirable services to the legal system, we assume a responsibility to provide services to those in need yet unable to pay. As a result, the Computer Forensics Volunteer Project (CFVP) provides pro bono and low-cost forensic services to individuals and organizations who normally would not be able to take advantage of the distinct litigation advantage provided by these techniques.”
On behalf of NII Consulting I have volunteered to take part in the project and would like to help people who cannot afford such services.