E-Book, Englisch, 304 Seiten
Bolt XBOX 360 Forensics
1. Auflage 2011
ISBN: 978-1-59749-624-7
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
A Digital Forensics Guide to Examining Artifacts
E-Book, Englisch, 304 Seiten
ISBN: 978-1-59749-624-7
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
XBOX 360 Forensics is a complete investigation guide for the XBOX game console. Because the XBOX 360 is no longer just a video game console - it streams movies, connects with social networking sites and chatrooms, transfer files, and more - it just may contain evidence to assist in your next criminal investigation. The digital forensics community has already begun to receive game consoles for examination, but there is currently no map for you to follow as there may be with other digital media. XBOX 360 Forensics provides that map and presents the information in an easy-to-read, easy-to-reference format.This book is organized into 11 chapters that cover topics such as Xbox 360 hardware; XBOX LIVE; configuration of the console; initial forensic acquisition and examination; specific file types for Xbox 360; Xbox 360 hard drive; post-system update drive artifacts; and XBOX Live redemption code and Facebook.This book will appeal to computer forensic and incident response professionals, including those in federal government, commercial/private sector contractors, and consultants. - Game consoles are routinely seized and contain evidence of criminal activity - Author Steve Bolt wrote the first whitepaper on XBOX investigations
Steven Bolt is currently a Sr. Incident Response and Forensics Team Leader for a global corporation. Previously he worked as a Security Operations Center Manager and as a Computer Forensics Leader, Instructor and course developer at the Defense Cyber Investigations Training Academy. He holds several industry certifications.
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;XBOX 360 Forensics;4
3;Copyright;5
4;Dedication;6
5;Table of Contents;8
6;Acknowledgments;12
7;About the Author;14
8;Chapter 1. The XBOX 360: Why WeNeed to Be Concerned;16
8.1;Introduction;16
8.2;The XBOX 360;16
8.3;Criminal Uses of the XBOX 360;19
8.4;Poor Man’s Virtual Reality Simulator;22
8.5;Summary;22
8.6;References;22
9;Chapter 2. XBOX 360 Hardware;24
9.1;Getting Started with the XBOX 360;24
9.2;Technical Specifications;27
9.3;Hard Drive Disassembly;31
9.4;Summary;36
9.5;References;36
10;Chapter 3. XBOX Live;38
10.1;Introduction;38
10.2;What Is XBOX Live?;39
10.3;Creating an XBOX Live Account and Getting Connected;42
10.4;Creating a Live Account;44
10.5;Summary;47
10.6;References;47
11;Chapter4. Configuration of the Console;50
11.1;Introduction;50
11.2;Getting Started;50
11.3;Network Configuration and Gamertag Recovery;54
11.4;Tour of the Dashboard, Profile Creation, and Gamertag Configuration;63
11.5;Connecting to XBOX Live;64
11.6;Joining XBOX Live;70
11.7;Summary;75
12;Chapter 5. Initial Forensic Acquisition and Examination;76
12.1;Imaging the Console Hard Drive;76
12.2;A First Look at the Contents of the Drive;82
12.3;Additional Information Located on the Drive;97
12.4;Summary;105
12.5;References;105
13;Chapter6. XBOX 360–Specific File Types;106
13.1;XBOX Content;106
13.2;Summary;118
13.3;References;118
14;Chapter 7. XBOX 360 Hard Drive ;120
14.1;Initial Differences;120
14.2;Examination of the Post–System Updated Drive;121
14.3;PIRS Files After the Initial System Update;129
14.4;CON and LIVE File Examination;135
14.5;New Images Added After the System Update;144
14.6;Other Artifacts;149
14.7;Summary;149
15;Chapter8. Post–System Update Drive Artifacts;150
15.1;Examining the XBOX 360 Hard Drive Using Xplorer360;150
15.2;Getting Started;151
15.3;Xplorer360 and the Post–System Update Drive;163
15.4;Cache Folder;176
15.5;Content Folder;184
15.6;Mindex Folder;199
15.7;Summary;200
15.8;References;201
16;Chapter 9. XBOX Live Redemption Code and Facebook;202
16.1;XBOX Live;202
16.2;Redeeming the Prepaid Card;203
16.3;Facebook;205
16.4;XBOX Live Facebook Artifacts;211
16.5;Xplorer360 and Facebook;218
16.6;Summary;230
16.7;Reference;230
17;Chapter 10. Game Play;232
17.1;Gaming;232
17.2;Game Artifacts;234
17.3;Xplorer360 and Game Artifacts;237
17.4;Cache Folder Analysis;239
17.5;XBOX Live Friends;246
17.6;Other Cache Files;247
17.7;Content Folder Changes;249
17.8;Summary;258
18;Chapter 11. Additional Files and Research Techniques;260
18.1;Introduction;260
18.2;Additional Files “player_configuration_cache.dat” and “preferences.dat”;260
18.3;Network Traffic Examination;263
18.4;Network Capture Box;269
18.5;Decompiling XEX Files;270
18.6;Additional Tools Available for Analysis;278
18.7;Summary;283
18.8;Reference;283
19;Appendix A. Tools Used in This Research;284
19.1;Guidance Software’s EnCase v. 6.16.2 (Forensic Application);284
19.2;IDA Pro v. 6 (Used for Decompiling Files and Debugging);284
19.3;X-Ways Forensic v. 15.5 SR 4 (Forensic Application);285
19.4;Wiebetech Write Blockers;285
19.5;Access Data’s Forensic Tool Kit v. 1.70.1 (Forensic Application);285
19.6;wxPIRS (Used to Uncompress PIRS Files);286
19.7;Xplorer360;286
20;Appendix B. List of Products Used to Construct the Off-the-Shelf Capture Box;288
21;Appendix C. Removal of the Hard Drive from the New XBOX 360 Slim and Artifacts Pertaining to Data Migration from One Drive to Another;290
21.1;Data Migration from One Drive to Another, a Short Note;294
22;Appendix D. Other Publications ;296
23;Index;298
