• Home
  • Risk Assessment
  • Digital Forensics
  • Surveillance Equipment and Software
  • Network Monitioring
  • Contact Us
    • Our Clients
  • Attorneys
  • Risk Management
  • Private Investigators

    •  

       
    Call Us Today
    866-279-6295
    Network Surveillance Solutions For:

  • Retail
  • Education
  • Corporate
  • Facitilities

    • E-Detective- Internet Forensics & Crime Investigation Appliance

    E-Detective is a one-way interception machine installed on a network to trace network crime. By copying the contents of the network communication to a collection system, E-Detective avoids any interuptions in the normal operation of the network. The collection system filters out data not approved by a court of law. The data can be saved on the equipment for investigation and legal purposes.

    I. Front-end Sensor
    The Front-end sensor seperates network packets for specific IP addresses, which not only can be set in accordance with a user's demand but also can provide a packet retrieval and decoding system for packet recording and protocol decoding.The Front-end sensor has two optical ports and two 10/100/1000Mbps ports.


    Front-end Sensor for E-Detective

      1- Network packets and the conditions for seperating IP addresses can be set according to the user's demand including; designation of IP address, Protocol, Domain name, MAC address, and port number to be recorded. These conditions can target a source address and/or destination address.
      2- Partial Match can be used to set the conditions of an IP address and specific protocol. For example:
          a. Value 10.255.254.18
          b. Range 10.255.*.*
      3- Packets can be saved in advance to individually seperate IP, protocol, port number, domain name, and MAC address according to flow command.
      4- Packet retrievel and decoding systems can be linked without affecting file transfer.
      5- All packet network layers can be transferred for troubleshooting.
      6- An input port doesn't get assigned an IP address.



    II. Packet Retrieve and Encoding System

    This system includes packet recording, decoding, retrieve, and export. Specifications are as follows:
     (1) Packet Recording
      1. Network communciation can be linked to authenicate front-end sensors so that packet recording can be performed without affecting file transfer.
      2. The 10/100/1000mbps rate for packet recording must be provided under different network environments.
      3. Packets with tcpdump must be provided to save in accordance with minute, hour, day, and size.
      4. Packet format is standardized and exported with .tcpdump for reading of other software, such as Ethereal.
      5. A graphic user interface (GUI) is provided to burn packet files to CD media.


     (2) Packet Encoding and Retrieve
      1. The contents of the original packet can be retrieved.
      2. An interface is provided to import files with .tcpdump and decodes the contents of the packet.
      3. Protocol packets are decoded as follows:
              a. Web browser and e-mail (HTTP/URL) including; Yahoo, Hotmail, Hinet,          Seednet, URL, PCHome,Sina, and Yam. Decoding of contents and attached          files.
              b. Post Office Protocol/Simple Mail Transfer Protocol (POP3/SMTP): When a          sender sends an e-mail with confidential attachments, the e-mail address will          be displayed during monitioring of receiver's information. Decoding of          receiving and senders e-mail address, passwords, mail content (including          headers), and attached files.
              c. File Transfer Protocol (FTP): Decodes account number, password, and file          restoration.
              d. Remote Login (Telnet): Decodes account number, password, and content.
              e. Instant Messaging (IM): Includes MSN 5.0, 6.0, 6.1, 7.0, 7.5, Yahoo          Messenger, ICQ, and AOL Messanger.
              f. MSN and Yahoo VOIP/Web Cam: conversion restoration along with resolution          of source and destination address.

      (3) Decoding Export
        1. A user can retieve and export the results of packet decoding according to IP,     communication date, type, and content (text retrieve)
        2. Each export condition condition can be exported to one directory including     website files for decoding.
        3. A CD burning program is provided to record the export directories. "Portable     Server" is used to burn the CDs.

     
      Hardware Specifications for Front-end Sensor

     1. Intel Pentium 4 Processor 3.2GHz or higher
     2. 2 or more DIMM sockets
     3. 2 or more PCI slots
     4. 4GB or more of main memory
     5. 2 USB ports
     6. 2 IDE 200GB or higher Hard Drives
     7. VGA Card: 64MB or higher
     8. Built-in speakers
     9. Ethernet Card: 2 optical NIC or greater
     10.Thernet Card: 2 10/100/1000Mbps Ethernet     ports (Intel Pro/100 MT Dual Port Server Adapter     PCI-X)
     11.CD Burner: 52/24/52x or Faster
     12.19" Rack- compliant with industrial standards
    		   Packet Retrieve and Encoding System Host

     1. Intel Xeon 3.2GHz Processor of higher
     2. Motherboard:
        (1) Support for Intel Xeon 3.2GHz or higher
        (2) 2 DIMM sockets or greater
        (3) 3 or more PCI slots
     3. Main Memory: 2 GB or more
     4. 2 USB ports
     5. 2- 200 GB or greater Hard Drives
     6. VGA Card: 64MB or higher
     7. Built-in Speakers
     8. Ethernet: 2 10/100/1000 Ethernet Ports
     9. CD Burner: 52/24/52x or Faster
     10.Cooling Fan
     11.Power Supply: 400w or more
     12. 19" Rack-compliant with industrial standards

    Click here to request a quote

    		  

     

     

    Copyright 2007 High Tech Crime Institute Incorporated.
    All rights reserved
    Florida Private Investigation License A2500245
    Site Design- Zalex International, Inc.