Cookies

Cookies are data swapped between an HTTP server and a browser such as Mozilla, Netscape, and Internet Explorer to collect information on the client side and recover it afterwards for server use. An HTTP server, when sending information to a client, may send along a Cookie, which the client keeps hold of after the HTTP connection closes.

Cookies have a legitimate purpose. However, they also pose a threat due to the fact that HTTP is a stateless protocol. For example, some Web sites keep track of an individual’s visits and activities by placing information in a cookie file linked with the Web browser. For instance, Amazon, E-bay, car rental companies, and PayPal uses a cookie file to keep track of the purchases and get a better picture of an individual’s interests. Meanwhile Internet browsers store Cookies in a txt file, for example, Internet Explorer stores Cookies in the Windows\Cookies directory, while Netscape stores cookies in a Cookies.txt file. Cookies have information that can help the investigator to understand the Web behaviour of a suspect. To mitigate the threat of Cookies, you can visit the following Web sites and download tools that can help you to view Cookie files:

www.SecureYourself.co.uk www.HoneyJet.co.uk

There are a couple of tools that can be used to view cookies and these include:

CookieSpy – This tool will allow viewing of cookies.txt files Karen’s Cookies Viewer – This tool will also allow you to view cookies.

Today, the  most effective network reconstruction approach is the high interaction honeypot, which emerged as an effective tool for observing and understanding intruder’s motivations, toolkits and tactics. For more information please visit http://www.honeyjet.co.uk.