Computer Science Homework Help

Write a response 1-2 strong paragraphs for the following discussion board post!

Hello Professor Daniels and Classmates:

Tools That Run on UNIX or Linux and Other Platforms

There are several tools that run on UNIX or Linux. The Unit 4 MUSE lesson mentioned several third-party tools that can be used to either add security or perform security-related functions to a Linux system. These tools include Open secure shell (OpenSSH), FTP over SSL (FTPS), Gnu-PG, Fugu, FileZilla, OpenVPN, Ethereal, and Snort. Some of the Digital Forensics Software Tools include the dcfldd command tool, ProDiscover, and GUI tools, SMART, Helix 3, Kali Linux, Autopsy and Sleuth Kit. Most of these do have similar functions to tools that run on other platforms and some will also function on other platforms as well. Linux also comes with several built-in security commands. According to Nelson, Phillips, & Steuart (2019), the dcfldd tool is can function on UNIX, Linux, and Macintosh OSs; GUI tools can function in both Windows and UNIX/Linux; and there are several other tools that perform similar functions as the tools that run on UNIX or Linux that will run on DOS, Windows, Apple, NetWare, and UNIX systems.

Protection Against Hostile Code or Viruses Provided by UNIX or Linux tools

Many of the UNIX/Linux tools do provide protection against hostile code or viruses, while others provide some protection against hostile code or viruses. There are tools that can be use as supplementary protection for systems during an investigation. According to the MUSE lesson, the Open secure shell (OpenSSH) is the secure open-software solution that should be used in place of remote login and telnet to block against the invasion of hostile code or viruses. The FTP over SSL (FTPS) is a File transfer protocol (FTP) over secure socket layer (SSL) which is used to secure data as it is being transferred. FTP is used remote file transfer, and SSL is used for secure data transfers. SSL provides encryption and authentication for FTP. FTP over SSL is called secure FTP, or FTPS because it is an FTP that uses SSL security. The Gnu-PG is used for encrypting, data signatures, and secure messaging. It consists of a multipurpose key management system and access elements for all kinds of public key directories. The Fugu is a graphical front end to the command-line tool that is used to secure file transfer applications (SFTP). Contrast to FTP, SFTP encrypts the total session of SSL or TLS so that no passwords can be sent in clear-text form, reducing the likelihood of a third-party interference. FileZilla is a cross-platform client that supports FTP, FTP over SSL/TLS (FTPS), and SSH file transfer protocol (SFTP).

The MUSE lesson also mentioned that the OpenVPN is a lightweight SSL VPN. Virtual private network (VPN) is used to create channels between network sections across the Internet. The VPN router acts like a dedicated firewall. It connects to a VPN router on the other side of a public network. The VPN software routes traffic as if segments were united. The software encrypts all traffic-protected LAN. Ethereal is a graphical network analysis tool that has tcpdump functions to writes to files compatible with tcpdump and displays packets in a graphical format. Snort is an intrusion detection system (IDS) that operates in four modes: Sniffer mode, Packet logger mode, Network mode, and Inline mode. Most of Digital Forensics Software Tools like the dcfldd command tool, ProDiscover, and GUI tools, SMART, Helix 3, Kali Linux, Autopsy and Sleuth Kit are used to ensure the examiner’s system does not get invaded by hostile code or viruses through extraction and examination of digital evidence. Most of the Unix and Linux tools are supplementary tools that can be used in combination with each other or other tools (Nelson, Phillips, & Steuart, 2019).

How Investigators Can Best Use This Tool

The Digital Forensics Software Tools can best be used by legal investigators to identify, collect, preserve, examine, and analyze data or digital evidence from computer hard drives or other digital devices that is believed to have been used to commit illegal activity or cybercrimes and may have to be used in a court of law (Brandel, 2008). ProDiscover, SMART, Helix 3, Kali Linux, Autopsy and Sleuth Kit. It is best to use the ProDiscover tool for Bit-by-bit stream imaging on Unix/Linux. SMART is best for analyzing a variety of file systems and Autopsy and Sleuth Kit are best image analysis on Windows devices. I would recommend using the best for analyzing evidence for that particular digital device the evidence is associated with, since certain tools only work on certain systems or devices. When examining digital evidence, investigators should select the tools that is suited for analysis the digital evidence they have collected.

References

Brandel, M. (2008, June 04). Rules of Evidence – Digital Forensics Tools.

https://www.csoonline.com/article/2117658/rules-of-evidence—digital-forensics-tools.html

Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to computer forensics and investigations (5th

ed.). Boston, MA: Cengage.