Own forensic Lab
A forensic analysis aims on securing digital tracks and marks on a computer that was used by someone for committing a crime or was itself a victim of such a deed.
This approach requires a laboratory that carries out testing strictly confidentially and impartially. We can ensure you the confidential treatment of all information and data. If request a lawyer office that cooperates closely with us will give you legal advise with reference to possible legal measures and prospects in case of facts constituting an offence.
Forensic analysis of a server
In particular servers are frequently attacked by hackers, especially if they are connected to the Internet. After a server was manipulated we can use different analysis methods to track and in many cases finally catch the intruder.
Our team is in the position to detect objects on files systems that have been deleted or manipulated, on nearly all servers (Unix and Windows) and PC work stations. In many cases, deleted objects can be restored. Manipulations at the operating system and the system core can be determined and likewise analyzed.
Analysis/achievement goals (examples):
- To detect root kits
- To detect and track manipulations of the operating system files
- To analyze history and log files
- To detect malware (software with malicious intent), such as viruses or trojans
- To detect possibly used security holes that allowed the intruder to get into the system
- Tracking of the intruder’s IP up to providing information about the responsible network administrator (often also possible abroad)
- To deliver an expert opinion (that could be used in court) in cooperation with our lawyer office
Forensic analysis of a workstation
There can be different reasons to analyse a workstation. An example would be a strong suspicion that one of your employees is involved in storing illegal contents on their PC or notebook, or there is suspicious activity on a certain workstation.
This analysis allows you to test whether there is a trojan or a worm on this work station or whether there are back doors (a way of getting into a password-protected system without using the password) or viruses?An analysis helps to clear it up.
An analysis of the file system unearth the truth:
- Illegal contents (pictures, music, films)
- Pirated copies of software without valid license
- Worms, viruses and other malware
Further services in the field of forensic analysis:
The recording of AAA data and parameters of communication, the so called “forensic accounting”, allows you to track illegal attempts to access the system, for example if there is an trojan or worm on the system. Thereby in the enterprise the manipulated job or server is recognized.
Log file evaluation
By analyzing the log files and event log you can determine whether suspicious activity exist, or alternatively, if events have taken place on the machine that could have been caused by an intruder.
If you suspect that someone unauthorized tried to access your company’s data and the forensic analysis has so far not supplied any proofs, we could offer to set up a so called honeypot. The intention of setting up a honeypot is to create some sort of trap to lure a potential intruder into by preparing a computer with calculated security holes. This computer is then specially supervised. If an intruder from inside the company tries to manipulate the data or the computer, this manipulation can be detected and tracked by using special network Tools (HIDS and NIDS).