Investigating Server Logs & IP

In many cyber crime cases especially in web defacement analysis of File Transfer Protocol (FTP) and web server logs yields the most crucial evidence – the IP address of the suspect. Website defacement is usually the substitution of the original home page of a website with another page. In most of the web defacement cases the home page of the website is replaced with a pornographic or defamatory page. 

Malicious hackers would attempt to obtain the server passwords by using brute force or dictionary attack. In such type of cases the log documentation of the server for multiple password cracking attempts has to be analyzed in order to identify the IP address of the suspects.  Investigating the server logs would help in identifying the date, time, location, identity etc of the suspect.

A disgruntled employee steals the information from the server and mass mails ot to the victims rivals and also posts it to numerous websites and newsgroups.

Cyber crime investigator must first understand the process of web hosting and the relation between FTP server and Web server, especially from the point of view of a web defacement attack. 


Report an Incident

Send us information about your case, we will respond to you promptly