«

Computer forensics

How do you identify the ultimate source of a spam type message?...
name, address, telephone

On 9 May 2006 14:54:45 -0700, ""
<> wrote:

>Computer forensics
>
>How do you identify the ultimate source of a spam type message?...
>name, address, telephone

You need a crystal ball, otherwise you dont.
--
Jim Watt
http://www.gibnet.com

wrote:
> Computer forensics
>
> How do you identify the ultimate source of a spam type message?...
> name, address, telephone

Not at all.

As best you may find the system that has been hacked to relay the spam.
Then you can call them, they will ignore you, then you can call the
Brazilian CERT, which will happily receive your request and don't do
anything.

Beware: anything except the last Received-header is potentially faked.

On 9 May 2006, in the Usenet newsgroup alt.computer.security, in article
< .com>, wrote:

>Computer forensics

Sorta

>How do you identify the ultimate source of a spam type message?...
>name, address, telephone

Source of the spam message? Usually some zombie box, that your mail server
shouldn't be accepting mail from - that's what blocklists are for. If it
is email, learn to read the headers:
http://www.stopspam.org/email/headers.html
Spam on Usenet is similar - but use the "Path:" header, rather than the
"Received:" headers trail.

Benefactor of the spam? You _could_ trace the powdered plastic dog dung
that the spammer is trying to sell, but why bother? All you are doing is
confirming that yours is a valid mail address that wishes to receive even
more spam. And a free clue - most spammers are using throwaway domain
registrations, and concealing services.

Posting from .us - OK, if the spam involves a _federal_crime_ or involves
more than US$5,000 damage/loss _to_you_alone_ then contact the FBI.
Otherwise, ignore it, or consider

news.admin.net-abuse.email Discussion of abuse of email systems.
news.admin.net-abuse.misc Network facility abuse, including spamming.
news.admin.net-abuse.sightings Sightings of net abuse. (Moderated)
news.admin.net-abuse.usenet Discussion of abuse of the Usenet system.

Old guy

wrote:

> Computer forensics
>
> How do you identify the ultimate source of a spam type message?...
> name, address, telephone
>

Feed the IP from the header into SamSpade.

As others have noted, it is almost impossible. It is not that hard to set up a
mailing server and have it send anonymous email. Spammers have been perfecting
this on a massive scale for years, and often use hijacked individuals PC's or
hacked mail relays to send their spam.

wrote:
> Computer forensics
>
> How do you identify the ultimate source of a spam type message?...
> name, address, telephone
>

forensic
http://www.m-w.com/dictionary/forensics
Function: noun
1 : an argumentative exercise

2 plural but singular or plural in construction :
the art or study of argumentative discourse
http://www.m-w.com/dictionary/forensics



Related phrases:
http://www.google.com/search?q=define%3A+forensics
computer forensics
national forensics league
cyber forensics
ethical forensics

Definitions of forensics on the Web:
* In document management terms,
forensic work is comprised of:
Recreating deleted or missing files from hard drives

Validating dates
and logged in authors / editors of documents

Certifying key elements of documents and/or hardware
for legal purposes
http://www.docuwaresolutions.co.uk/glossary.asp

* Forensics or forensic science is the application of
science to questions which are
of interest to the legal system
as well as social sciences such as archaeology.
http://en.wikipedia.org/wiki/Forensics


Definitions of computer forensics on the Web:
* Computer Forensics is the use of specialized techniques
for recovery, authentication, and analysis of electronic
data when a case involves issues relating to
reconstruction of computer usage,
examination of residual data,
authentication of data by technical analysis or
explanation of technical features of data and computer
usage. ...
http://www.krollontrack.com/legalresources/glossary.asp

* The investigation of a computer system or any device that
contains a processor and memory in order to determine who,
what, where, when and how such digital devices temporary
or persistent storage to another device.
http://www.wetstonetech.com/page/page/1972572.htm

* Computer forensics deals with the science of determining
computer-related conduct - the who, what, when, where, and
how of computer and technology use.
http://www.tecrime.com/0gloss.htm

* Computer forensics is the process of investigating data
processing equipment-- typically a home computer, laptop,
server, or office workstation-- to determine if the
equipment has been used for illegal, unauthorized, or
unusual activities.

It can also include monitoring a network
for the same purpose. ...
http://en.wikipedia.org/wiki/Computer_forensics


Definitions of cyber forensics on the Web:
* The application of scientifically proven methods to
gather, process, interpret, and to use digital evidence to
provide a conclusive description of cyber crime
activities.

Cyber forensics also includes the act of making digital
data suitable for inclusion into a criminal investigation.

Today cyber forensics is a term used in conjunction with
law enforcement, and is offered as courses at many
colleges and universities worldwide.
http://www.wetstonetech.com/page/page/1972572.htm
http://www.google.com/search?q=define%3A+forensics