IP numbers allocated to AmazonAWS, the Amazon Web Services (EC2) service, were then observed. The next IPs accessed were in the range of 74.125.0.0–74.125.255.255 (which are registered to Google) and indicate Google Analytics services. Certificates were observed from VeriSign/Thawte services. When accessing Dropbox accounts using the client software or a web browser, a session with an IP in the range 199.47.216.0–199.47.219.255 (registered to Dropbox), was first established on Port 80, and then a session with an IP in the range 199.7.48.0–199.7.63.255 or 199.16.80.0–199.16.95.255 on Port 80 then Port 443, which is registered to VeriSign/Thawte. Network traffic was seen on TCP Port 80 (HTTP) and 443 (HTTPS) only.
Analysis of the network traffic capture files was undertaken using Network Miner v1.0 and Wireshark Portable 1.6.5 to determine what data remnants were available when Dropbox is used in the circumstances of the research. Network traffic capture is a potential source of relevant information and is a process available to a range of government agencies which have the legal authority to undertake this type of monitoring and interception of data ( Kisswani, 2010).
0 kommentar(er)
