I was recently required to investigate an incident of Internet abuse that led to the discovery that one of our own administrators was a security risk. Though this investigation was triggered by an incidence of "Internet abuse", the tools used and lessons learned are relevant for many types of security incident that require an internal investigation to discover the offender. This essay describes the detection, investigation and various tools used to collect the evidence. Lessons learned from the investigation are included, as well as some useful resources for security investigators s o they can be more prepared when they deal with internal computer security incidents.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
