O’Reilly Releases “Internet Forensics”
Farnham, UK–It’s a hotbed of fraud, spammers, and identity theft, but,Ã‚Â undaunted, we spend more and more of our time (and money) on the Internet.Ã‚Â Few of us consider the “threats” it proffers to be more than a nuisance,Ã‚Â forgetting that there’s real criminal intent behind them targeting some ofÃ‚Â the most vulnerable members of our society. We overlook the content inÃ‚Â spam messages because we already know them to be scams. But, while weÃ‚Â would never click on a link in an email to update our password and socialÃ‚Â security number for a bank account, many people do. As Robert Jones pointsÃ‚Â out in his book “Internet Forensics” (O’Reilly), we continue toÃ‚Â get spam because there are people making money doing it. ConventionalÃ‚Â wisdom says that you can’t track these people down because the Internet isÃ‚Â so large and it’s so easy to hide one’s identity. But Jones saysÃ‚Â otherwise, and shows readers how to follow the clues the bad guys leaveÃ‚Â behind.
“Internet fraud is at an all time high and showing no signs of slowingÃ‚Â down,” says Jones. And the statistics on these threats are amazing.Ã‚Â “MessageLabs, a company that provides email security services, reportedÃ‚Â that spam accounted for 73% of all email traffic in 2004 and that phishingÃ‚Â scams, that try to con people our of their bank account information,Ã‚Â increased from 250,000 in the first half of 2004 to 4,500,000 by the endÃ‚Â of the year–an 18-fold increase!”
There are several factors behind this seemingly unstoppable growth:Ã‚Â Internet scams don’t cost much to set up, the potential audience is huge,Ã‚Â and the chance of being caught is low. Even if a scammer is caught, theÃ‚Â likelihood of being prosecuted is minimal. But the main motivation, asÃ‚Â Jones repeatedly points out, is that people can and do make money withÃ‚Â these schemes.
Out of curiosity, Jones began looking into various scams that arrived inÃ‚Â his inbox. Being fairly adept at using Unix commands, he started to applyÃ‚Â these to find out where certain web sites were located and was surprisedÃ‚Â at how much information could be uncovered using a few basic techniques.Ã‚Â Anyone can do this, he says; you don’t need to work for the FBI or an ISP.Ã‚Â “There was no single resource that described how to use these tools forÃ‚Â forensics, but clearly a great deal of interest on the web about InternetÃ‚Â fraud. So, I decided to organize these tools and techniques and presentÃ‚Â them to a wider audience in the form of the book.”
“Internet Forensics” presents that tools that the community of InternetÃ‚Â users and developers can use to tackle the problem. “Law enforcement isÃ‚Â making progress, but the scale of the problem is too large for them,”Ã‚Â observes Jones. “If we, as a community, can make it harder for the badÃ‚Â guys to operate, they’ll be forced to either give up or become much moreÃ‚Â sophisticated in their tactics.”
Jones uses the analogy of a Neighborhood Watch: people in a neighborhoodÃ‚Â walk their dogs, chat with each other, and generally keep an eye out forÃ‚Â anything that looks unusual. They’re not organized in any way, but theÃ‚Â simple fact that they’re out there is a serious disincentive to dodgyÃ‚Â characters looking to cause trouble. “The same thing can happen on theÃ‚Â Internet with a bunch of regular people keeping an eye out for trouble.Ã‚Â Collectively, we can make it more difficult for scammers to do business,”Ã‚Â says Jones. “I call it a Network Neighborhood Watch.”
Over and above these noble goals, “Internet Forensics” is a whole lot ofÃ‚Â fun. “At every step you need to use your ingenuity to figure out how aÃ‚Â scam is being set up and, especially, to look for patterns across multipleÃ‚Â scams that act as signatures for the same individuals or groupsÃ‚Â responsible for the scams,” says Jones. “People like solving puzzles likeÃ‚Â this. You get to play the armchair detective.”
“Internet Forensics” is a practical and accessible guide to thisÃ‚Â fascinating field. Learn how the bad guys try to cover their tracks andÃ‚Â the tricks we can use to see through their disguises. The book is packedÃ‚Â with real-world examples explained in detail that show how much you canÃ‚Â find out with ingenuity and a little work–and have fun doing it.
Chapter 4, “Obfuscation,” is available online at:
For more information about the book, including table of contents, index, author bio, and samples, see:
For a cover graphic in JPEG format, go to:
ISBN: 0-596-10006-X, 223 pages, $39.95, ?28.50, 36 ?