SCP Syntax Tutorial

The scp command is available on UNIX based systems (including Linux and Mac OS) and allows files to be copied to, from, or between different hosts. It uses secure shell or ssh for data transfer and provides the same authentication and same level of security as ssh.

Here you’ll find a document outlining the syntax required when using the scp command.

Firefox Add-on Tutorial

Here you will find a tutorial explaining how to download, install and customise an Add-on on the Firefox web browser.

Click the Firefox logo below for the tutorial in PDF format.

The new version of Firefox (v.57 Quantum – released November 18 2017) will look slightly different but the functionality and installation of add-ons remains principally the same.

ff

Web Page Certificates

Https is the secure version of the http protocol for connecting to web-servers.

Websites that use the https (hyper text transfer protocol secure) protocol provide an encrypted connection between your device and the web-server hosting the page you have requested.

7

However, just because you type in https://amazon.co.uk in to your browser bar for example, does not necessarily mean you are connected  to the real amazon.co.uk website.

This is because the address amazon.co.uk is converted to the IP address of the web-server hosting the page  by a service known as the Domain Name System or DNS.

This works like a phone book, so you type in a web address you want to visit and your DNS looks up the number or IP address of the appropriate web-server and retrieves the web page from the appropriate web-server for you.

If the DNS has been compromised or hijacked in anyway, when you type in https://amazon.co.uk, you are sent to the IP address of a rogue website that appears to be and looks like the real amazon.co.uk site.

The connection to the rogue server is still using https and displays a padlock icon but the attacker will have access to your data.

You can ensure that you are on the correct web page by examining  the servers Secure Socket Layer (SSL) Certificate the genuine version of which can only be displayed by the real amazon.co.uk web-server.

Follow these simple steps. The Firefox browser is used here, but all browsers will allow you to view the certificate of a connection using https:

Type amazon.co.uk in to your browers location bar

1

Your browser will connect to the web-server provided by the DNS and display a padlock icon. Notes in grey, Firefox has added https://www to the address you typed. Its in grey to clearly show what has been added.

2

Click on the padlock icon

3

Click ‘More Information’

4

Click ‘View Certificate’

5

The SSL certificate will open. Check that the web address against Common Name (CN) is the same as the address in the location bar in the browser. If it is, you are connected to the real amazon.co.uk website with a secure https connection and your data is safe.

If the Common Name (CN) displayed differs in any way to what is in the location bar on your browser, there is a problem and you should not trust the website.

6

NB – The Common Name (CN) entry on the certificate only needs to match the domain of the website you have visited.

For example:

https://www.amazon.co.uk/gp/prime/pipeline/landing/ref=nav_prime_try_btn

is fine, because the domain matches the Common Name (CN) in the certificate.

You may see messages like the ones below if  the web address does not match the Common Name (CN) in the certificate

https

picture2

picture1

Other browsers may display the padlock icon in a different location:

8

Hashing Tutorial

Click the fingerprint logo for a PDF tutorial document on hashing digital evidence in investigations.

You’ll need the Hash My Files software by Nirsoft for this tutorial. You can download  it for free by clicking here, if you don’t already have it.

digital_fingerprint580-300x156

Facebook Search Techniques

Facebook search tools are developing all the time.

Facebook Graph Search is a ‘Semantic’ search tool provided within Facebook. This tool allows the user to search Facebook using natural language or phrases.

So, for example, you can search Facebook for ‘people who work at British Airways’ by typing this phrase in to the Facebook search field.

However, some of the functionality of Graph Search has changed recently, so here we will look at a straightforward method for you to use to enhance your Facebook searching using built in features.

You will need a Facebook account and you will need to be logged in to use the techniques discussed here.

If you want to use Facebook Graph Search in full, you will need to set your Facebook language  to English (US) on a computer, by clicking the ‘settings’ tab and then ‘Languages’.

langfb

The simplest way to use Facebook Graph Search is to simply type is your search term into the Facebook search box – for example – ‘photos posted by Jo Ellis‘ or ‘places checked in by Jo Ellis’

2015-01-15_10-40-54-1024x60

Remember to select the ‘Places’ tab, in this case, as we are looking for places.

2015-01-29_09-32-05

This may provide the desired result,  but there is another method if this fails.

The first thing you will need is the unique Facebook ID of the person, group or organisation you are interested in.

Method 1

To do this to use the socmint.tools website.

In Facebook, find your subjects Facebook profile page and click on their name, in the profile. This sanitises the Facebook profile URL in the browsers URL bar.

Copy the full URL of your subjects Facebook page from the URL bar.

Open socmint.tools in a new tab and click on option 2 ‘Find Facebook ID’

Paste the Facebook URL it into the search box.

fbid1

The subjects unique Facebook ID will be displayed. Copy it and close the tab.

fbid2

So, the unique Facebook ID of Jo Ellis is 100006229980571

Once you have obtained your subjects unique Facebook ID, click on option 3  at socmint.tools ‘Graph Search’

Paste the unique Facebook ID against the desired search criteria and click the associated button.

Results will be displayed in a new browser tab.

Facebook entities such as groups, communities and organisations also have a unique Facebook ID which can be located in the same fashion.

If you receive the error below, try method 2.

You will find that results returned will depend on the privacy settings of your subject.

However, also look at your subjects profile to ensure all of the available data has been returned.

Remember that available information from Facebook profiles can be limited by the privacy settings of the subject.

Method 2

For the second method of obtaining the unique Facebook ID you will need to:

  • right click on a blank area of your subjects Facebook page
  • select ‘View Page Source’ which reveals the pages HTML script
  • search the script that appears for the term ‘profile_id’ by using  ctrl + f – enter the term profile_id in the search box and clicking highlight all. Don’t press enter.
  • The first occurrence will be followed by the Facebook ID of your subject

jo9

Facebook often change their interface, settings and features – more details about Facebook privacy settings can be found here.

Here is a link to a website called stalkscan.com that conducts graph searches for you, just enter the Facebook URL of the subject in the search box.

Other online Facebook Graph Search Tools are available here and here

Finally, check out this excellent post by Paul Myers at Research Clinic