IP Address Tracking Methods And Techniques For E-Mails By PTLB

An Internet Protocol Address (IP Address) is the starting point for not only initiating communications across the Internet but also to trace back the same to a particular Computer System. Of course, an IP Address is not always as it seems to be and there may be instances of IP Address Spoofing where the IP Address is forged to mislead the Traceability exercise. This is also the reason why an IP Address should not be the exclusive criteria to arrest and convict an accused.

Nevertheless, tracing the “Real Culprit” essentially involves the exercise of IP Address Tracing as the first step. In this article I would discuss some of the issues connected with tracking of IP Address from an E-Mail. The scope of this article is not to explain how to obtain E-Mail Headers but to discuss how to “Interpret” E-Mail Headers. So I would presume that you are aware of the procedure to obtain E-Mail Headers from your respective E-Mail Clients. Reading of Anonymity and Traceability in Cyberspace (PDF) by Richard Clayton would be a good idea in this regard.

Generally, the details of IP Address can be found in Log Files, in the Received Header fields of an E-Mail, in Tcpdump Traces, by Pinging or doing a Whois Query of a Website, etc. Once the IP Address has been ascertained, it is imperative to Track who is using the concerned IP address.

With Static IP Addresses the problem of Tracking a person is comparatively easy. However, Dynamic IP Addresses keep on changing with every use. It is absolutely essential to “Correlate” the details of such Dynamic IP Address with “Exact Time” as well as concerned “Log Entries”. Further, IP Spoofing must also be kept in mind though it is primarily used for Distributed Denial of Service Attacks (DDOS).

However, the threat of “Spoofed E-mail Headers” is real and a special care must be taken while analysing E-Mail Headers as they may carry “Spoofed Information”. Mutual Authentication and Correlation of the E-Mail Header Information is required to reach a “Conclusive Decision” in this regard.

So before analysing the E-Mail Headers for relevant IP Address, one must ensure that there is no case of E-Mail Spoofing. In E-Mail Spoofing the sender of the E-mail forges the sender address and other parts of the E-Mail Header are altered to appear as though the email originated from a different source. This is possible when the Simple Mail Transfer Protocol (SMTP) fails to provide any Authentication and this allows sending of Spoofed E-Mails.

E-Mails generate “Received Headers” as they travel from different host and so by reading them in order, you can reconstruct the original source of the E-Mail. However, reading E-Mail Header fields to ascertain true IP Address of the sender requires good working knowledge in this regard. The most common and trusted method in this regard is to analyse the Headers from “Top to Bottom” till the “Chain of Coherence” is broken by a suspicious or forged entry. The “Last Trusted Received Header” field may tell you the IP Address of the sender of E-Mail. So instead of jumping directly to the last E-Mail Received Header in all cases to ascertain the IP Address of the sender it would be appropriate to work downwards though the First Header fields to the last and assess their “Integrity”.

In cases of Spoofed E-Mails, the “Last Received Header Rule” may not apply. In order to know the Authenticity of Headers of such Spoofed E-Mail, one must perform both “Reverse Lookup” and “Forward Lookup” of the IP Addresses in the E-Mail.

Another aspect to be noted is that in case of GMail generally it may not be possible to ascertain the IP Address of the sender of an E-Mail because Google puts the IP Address of its own Servers while a Gmail account holder sends an E-Mail. You have to get a “Court Order” to force Google to disclose the IP Address of the sender. However, if someone sends you an E-Mail from the GMail account using a client like Thunderbird, Outlook or Apple Mail, you may still find the “Originating IP Address”.

Finally, basic level “Alertness” is also essential on the part of Law Enforcement Agencies and their Technicians. For instance, Lakshmana Kailash K of India spent 50 days in Indian Jail because the Police/Internet Service Provider (ISP) made an “Apparent but very Common Mistake” while providing details of the person who used the IP Address that resulted in the commission of the offense.

The Indian Police and ISP were confused with what I call “AM/PM Syndrome” and did not bother to check the “Exact Time” of the commission of the crime. Mistakes like these have no space in the Cyber Forensics and Cyber Law fields.

While ascertaining the IP Address of an E-Mail all these factors must be kept in mind. Automatic Scripts/Software are good for ascertaining the IP Address but the end result originating out of such Automatic Scripts/Software must be “Corroborated” with manual inspection. I would share more on this issue in my subsequent articles.

Source: Cyber Forensics In India

Posted in Uncategorized | Comments Off

Importance Of Cyber Forensics For India By PTLB

Cyber forensics in India is one of the most important fields for effective legal and judicial system of India. Indian Approach towards cyber forensics has been lukewarm so far. It is only now that India has started paying attention to cyber forensics.

There are very few cyber forensics firms and companies operating in India. Cyber forensics is a dynamic field that requires continuous updates and modifications. Thus, cyber forensics companies and firms in India must innovate.

Further, cyber forensics research centers in India must be established to meet the research and development needs of India in the field of cyber forensics. The distance learning courses for computer forensics in India must be encouraged to develop cyber forensics skills in India. The cyber forensic investigation solutions in India are needed to establish cyber forensics procedures and best practices in India.

World over stakeholders are planning to use technology to fight drugs, human trafficking and illicit networks. Cyber forensics can play a crucial role in order to achieve this objective.

Cyber forensics professionals must be aware of the basics of Internet protocol (IP) address system as that is the starting point for all cyber forensics and cyber security related exercises. IP address tracking methods and techniques for e-mails must also be well understood. A special care must be taken of IP address spoofing and its defenses.

There are certain challenges that cyber forensics professionals may face in their day to day affairs. For instance, cyber forensics of hidden Internet is a challenging and daunting task.  Cyber forensics professionals must be well prepared to tackle new and unexplored challenges from cyberspace.

Further, legal and judicial fraternity of India needs scientific knowledge. Police, lawyers and judges must be aware about the basic level knowledge of cyber forensics. Technology laws like cyber law must also be well known to legal and judicial fraternity in India.  While undertaking a trial, the judges in India must realise that IP address should not be the sole criteria for arrest and conviction.

Perry4Law and Perry4Law Techno Legal Base (PTLB) hope that India would consider these aspects and various stakeholders would work collectively in this crucial and much needed direction.

Source: PTLB Blog

Posted in Uncategorized | Comments Off

Cyber Warfare And Indian Response

India has been facing cyber warfare for long. In the absence of adequate cyber security in India, cyber attacks and cyber warfare are posing real danger to India. As on date, India is vulnerable to cyber warfare. As on date we have no cyber warfare policy of India. As on date we have no implementable cyber crisis management plan of India.

If we analyse the cyber security reflections the trend is really worrisome. The cyber law, cyber crimes and cyber security trends by Perry4Law and Perry4Law Techno Legal Base (PTLB) have shown the loopholes of Indian cyber security capabilities.

In these circumstances, cyber warfare against India is going to increase further. We must anticipate the cyber warfare against India and its defenses. In order to achieve that, the cyber security capabilities of India must be strengthened.

According to Praveen Dalal, managing partner of Perry4Law and leading techno legal expert of India, Indian Defense and Security against Cyber Warfare must be strengthened so that Cyber Warfare attacks of highest level can be defended against. The Cyber Warfare Capabilities of India cannot be considered to be effective till it comprises of both Offensive and Defensive Capabilities, opines Praveen Dalal.

Even the prime Minister of India now acknowledged that India must be prepared to meet the challenges arising out of Internet and cyberspace. However, if this acknowledgement is just another speech for another occasion, we may not see any ground level action for another decade or more.

Defending against cyber warfare requires maturity and skills and lots of patience. If India thinks that it can produce cyber warfare experts at the eleventh hour that would be a big blunder. India has to give attention to this aspect right now and then only it may be able to acquire necessary expertise in this regard after some years. I hope good sense would prevail upon Indian government very soon lest it is too late to react.

Source: Cjnews India

Posted in Uncategorized | Comments Off

Cyber Warfare Against India And Its Defenses By PTLB

Cyber Warfare is a concept that is well known at both national and international levels. In one form or other and in lesser degree or more, Cyber Warfare has been accepted as a reality in the present Cyber World. However, Cyber Warfare concept still haunts the international community and till now we have no dedicated Legal Framework for Cyber Warfare at international level.

Till Harmonised Cyber Warfare Legal Framework emerges, piecemeal efforts would try to fill the void in this regard. Not very late NATO requested Cyber Security cooperation form India. We should not wait for others to develop our own Cyber Warfare Capabilities in India. In fact, Cyber Warfare Policy of India must be urgently formulated and immediately implemented. The same must be part and parcel of India’s National Cyber Security Policy.

Cyber Security in India needs to be strengthened keeping in mind the growing cases of Cyber Attacks and Cyber Espionage attacks against India. Even Cyber Warfare against India is well known and is not new. Ensuring 100% cyber security is next to impossible. However, we can minimise Cyber Attacks. India has remained indifferent towards Cyber Security for long. This resulted in poor Cyber Security Capabilities and Expertise. It is only now that India has paid attention to this crucial field and it is still not too late.

India should definitely step up/accelerate its efforts to strengthen Cyber Security along with Traditional National Security Capabilities. Internet and Hidden Internet has opened new frontiers and unforeseen challenges before India. Internet is increasingly been used to not only propagate Terrorism propaganda but also to recruit new Terrorists.

To tackle Terrorists’ use of Internet, International Cooperation amongst Governments, Organisations, Internet companies and telcos could be helpful. For the time being, Cyber Criminals/Terrorists are one step ahead of various Governments and International Cooperation activities.

New technologies have also caused problems for India. For instance, Voice-over-Internet Protocol (VOIP) is one of the technical challenges that Law Enforcement and Intelligence Agencies across the world are finding difficult to tackle. However, of late strong Encryption usage has emerged as more troublesome that VOIP. Further, VOIP can be intercepted in certain circumstances.

Developing of Cyber Security Capabilities and Expertise is immediately required in India. There is also an urgent need to develop both Preventive and Offensive Cyber Security Capabilities of India. The sooner it is done the better it would be for the National Security of India.

Source: Cyber Security Issues In India

Posted in Uncategorized | 1 Comment

Cyber Forensics Research Centre In India By PTLB

Cyber forensics in India has started gaining momentum. In a similar development, electronic discovery in India (e-discovery in India) has also attracted the attention of Indian community. With the recent interim order of the Supreme Court of India, both litigation and non litigation related legal and para legal services in India can be now practiced by advocates enrolled under the advocate Act, 1961 alone.This means that even cyber forensics services in India and e-discovery services in India cannot be practices by foreign law firms, non Indian advocates based LPO/KPOs, e-discovery and cyber forensics practitioners, chartered accountants firms, etc. Naturally, the demand for cyber forensics and e-discovery professionals would increase in India.

To meet the growing demands of e-discovery and cyber forensics in India, we need to ensure techno legal skills development in India. At Perry4Law and Perry4Law Techno Legal Base (PTLB) we are trying to fill this gap. PTLB provides basic level techno legal trainings and courses through its techno legal e-learning platform. Similarly, Perry4Law Techno Legal ICT Training Centre (PTLITC) provides domain specific and highly specialised techno legal courses and trainings.

Perry4Law, PTLB and PTLITC are also managing the exclusive techno legal cyber forensics research and training centre of India. More details of the trainings and courses of our platforms are available at PTLB Blog. We are also managing the exclusive techno legal online cyber forensics training centre of India.

We are also managing a repository for cyber forensics software in India that is primarily based upon open source culture. The cyber forensics software repository of Perry4Law, PTLB and PTLITC consists of world renowned cyber forensics tools and software. Further, software for cyber security, e-discovery, reverse malware analysis, anti root kits and malware, network security, wireless security, intrusion detection and prevention, etc are also available.

These software and tools are used for providing basic and domain specific trainings and courses of PTLB and PTLITC. For basic level cyber forensics research and training, we use simple and light weight tools and software. For highly specialised trainings and courses we use world renowned open source tools. We hope our initiative would be useful for all concerned.

Source: ICTPS Blog

Posted in Uncategorized | Comments Off

Cyber Forensic Investigation Solutions in India By PTLB

Cyber forensics requires application of both technical and legal mind to a situation. If either of them is missing, the entire purpose of cyber forensics exercise would be frustrated. Cyber forensics also requires a greater degree of care and expertise as compared to electronic discovery whose purposes may be limited in nature.India has a unique cyber culture that requires effective cyber forensics and electronic discovery capabilities. Further, cyber security research and development is also required to be enhanced in India. Companies and firms providing cyber forensics services in India must also innovate so that international cyber threats can be effectively tackled. These companies and firms must also invest in producing world class cyber forensics solutions in India.

On the education front as well we need to do a lot in India. Indian educational system is academic in nature with little scope for professional and vocational studies. The traditional educational system would take decades to reform and we need parallel initiatives in this regard that are free from procedural hassles and bureaucratic hurdles.

Corruption in higher legal education in India is rampant and it needs to be curbed. PhDs in India are dying and if the Indian government does not intervenes immediately; there is no scope and future for cyber forensics education in India as well. Virtual campuses are the solution for corrupt higher education in India and they must be encouraged in India.

At Perry4Law Techno Legal Base (PTLB) we are managing a techno legal e-learning platform that is providing cyber forensics trainings and courses world wide. We are also providing cyber crime investigation trainings in India.

In order to effectuate and strengthen the cyber forensics investigation solutions in India, Perry4Law, PTLB and Perry4Law Techno Legal ICT Training Centre (PTLITC) are also managing the exclusive techno legal cyber forensics tools and software repository of India. It consists of the most advanced cyber forensics tools and software that can be used in a varied of situations.

We are also in the process of developing cyber forensics best practices that would be compatible with Indian requirements. We expect a more pro active and direct role by Indian government in this crucial field that has been ignored for long.

Source: Cyber Forensics In India

Posted in Uncategorized | Comments Off

Power Grids Cyber Security In India And Its Challenges

Cyber security issues in India are diverse in nature and they cover a wide variety of areas. Managing cyber security of different areas requires different outlook and extensive expertise. Some areas require tremendous cyber security expertise whereas others require basic level cyber security capabilities. In any case, cyber security capabilities of India must be strengthened so that it can tackle various forms of cyber attacks.

Critical infrastructure protection in India is one area that requires urgent attention of Indian government. Critical infrastructure includes power grids, satellites, defence installations, atomic plants, etc. Most of these critical infrastructures are managed by supervisory control and data acquisition (SCADA) systems.

SCADA generally refers to industrial control systems (ICS) like computer systems that monitor and control industrial, infrastructure, or facility-based processes. The SCADA systems may involve a human machine interface (HMI), a supervisory system managing the processes, remote terminal units (RTUs) interacting with the supervisory systems, programmable logic controller (PLCs) usable as field devices, etc.

SCADA may be the new cyber attack priority for cyber criminals and rouge nations. We must ensure sufficient cyber protection of SCADA systems in India in general and critical infrastructure in particular.

The recent power blackout in India was massive in nature. Although no hints of a cyber attack upon the critical infrastructure and SCADA system was reported yet this may be a possibility in the future. Further, till now we are not even aware that the recent power outrage was due to poor power infrastructure of India or due to any attack upon the SCADA systems managing the power grids, if any.

India’s power minister Veerappa Moily has constituted a three-member panel to investigate last week’s massive power failures in the country. Now he has added four additional members, including a cyber-security expert in this panel making it a seven member’s panel. It is obvious that India is also not excluding the cyber attack angle as well and is investigating the possibility of any cyber attacks against the power grids of India.

This is a good decision and Perry4Law and Perry4Law Techno Legal Base (PTLB) welcome the same. We also recommend that cyber security of automated power grids of India must be endured.  We hope for the best in this regard.

Source: ICTPS Blog

Posted in Uncategorized | Comments Off

Mobile Banking Cyber Security In India

Cyber security in India is facing many challenges and problems. One of the major problems of cyber security in India is that various stakeholders are not at all interested in ensuring cyber security for their respective organisations. However, the worst part of Indian cyber security initiatives is that Indian government is pushing hard initiatives like mobile banking, mobile commerce, etc without effective and robust cyber security capabilities at place.

For instance, although the Reserve Bank of India (RBI) has mandated for strict cyber security requirements for banks of India yet most of the Indian banks have done nothing in this regard. RBI has also insisted upon ensuring of cyber security of banks in India. In fact, recently RBI warned Indian banks for inadequate cyber security as well. This is resulting in increased financial crimes and cyber crimes in India.

The cyber laws and cyber security trends in India 2011 by Perry4Law and Perry4Law Techno Legal Base (PTLB) also proved this point. Even the mobile cyber security in India is missing. In these circumstances, mobile banking in India has become really risky. In fact, mobile banking cyber security in India is almost missing and this has put the customers at grave risks. Mobile banking cyber security is required in India on a priority basis before any mobile banking scheme is launched in India.

Although Internet banking guidelines in India by RBI have been issued yet no such guidelines have been issued by RBI regarding mobile banking so far. Further, it is also not clear who would bear the loss arising out of a banking transaction that is a direct result of a financial or cyber crime. Banks are passing the buck to consumers even when they are at fault by not ensuring sufficient cyber security.

Banks of India are not realising that they are under a legal obligation to ensure cyber law due diligence for their banking transactions. In the absence of cyber law due diligence, it is the responsibility of banks of India to bear any loss arising out of any financial or cyber crime.

Perry4Law and PTLB recommend that banks in India must not only ensure cyber security for their transactions but also adhere to the cyber law due diligence requirements as are mandatory in India.

Source: PTLB Blog

Posted in Uncategorized | Comments Off

India's Cyber Security Challenges

Cyber security issues of India require special attention of Indian government. Indian government has started paying attention to some aspects of cyber security requirements of India. However, we have still to cover a long gap in this direction.

Cyber security challenges in India come from diverse activities and so cyber security in India and its challenges and problems require dedicated efforts by our government. For instance, critical infrastructure protection in India is one of the areas that must be considered on a priority basis. We must also understand the cyber security challenges for the smart grids in India.

Special areas of concern include cyber warfare against India and its defenses, cyber terrorism against India and its defences and solutions, cyber espionage against India and its challenges, solutions and defences, cyber security of Indian satellites and critical infrastructure, etc.

We have no critical ICT infrastructure protection policy of India as well. Sophisticated malware like Stuxnet and Duqu have already proved that critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to diverse range of cyber attacks.

Related fields like mobile banking cyber security in India also need to be analysed in depth. As on date we have no implementable mobile governance in India and mobile governance policy in India. Even cyber security of banks in India is not satisfactory at all. Recently, RBI warned Indian banks for inadequate cyber security. Naturally, exploring the option of mobile banking in India is risky in these situations. This is so because mobile banking cyber security in India is missing and mobile banking cyber security is required in India.

The major problem with Indian cyber security initiatives is that India is launching various projects and initiatives without considering their cyber security aspects. This is a bad policy decision as we are launching projects that are affecting our lives that also without adequate cyber security safeguards.

We need a techno legal cyber security policy of India that can tackle the challenges of present cyber attacks and cyber crimes. Such a cyber security policy of India must consider all the abovementioned aspects in detail and ensure both offensive and defensive cyber security capabilities for India.

Source: ICTPS Blog

Posted in Uncategorized | Comments Off

Cyber Terrorism Against India And Its Defences And Solutions

Cyber terrorism in India is not a new concept. However, for long concepts like cyber warfare, cyber terrorism, etc were not taken seriously by Indian government. Naturally, cyber security in India also could not flourish. The cyber security capabilities of India also could not develop in such circumstances.

Techno legal experts of India have been warning against growing incidences of cyber attacks, cyber crimes, cyber espionages, etc against India. Further, the fact that critical infrastructure protection in India is needed has also been reiterated from time to time.

Sophisticated malware like Stuxnet and Duqu have already proved that critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to diverse range of cyber attacks. The truth is that cyber attacks are affecting Indian critical infrastructure and we are not even aware of the same.

The cyber law, cyber crimes and cyber security trends by Perry4Law and Perry4Law Techno Legal Base (PTLB) have shown the loopholes of Indian cyber security capabilities. It is high time to plug in these loopholes and deficiencies of Indian cyber security capabilities.

Menaces like cyber terrorism and cyber warfare cannot be effectively tackled till we have both offensive and defensive cyber security capabilities. Further, cyber crisis management plan of India must be urgently formulated and effectively implemented so that cyber terrorism can be prevented in India.

These anti cyber terrorism solutions must be implemented by India as soon as possible. Cyber security skills development in India must also be ensured so that we have a skilled cyber security workforce in India.

Source: Cyber Security Issues In India

Posted in Uncategorized | 1 Comment