Description

Game consoles have evolved to become complex computer systems that may contain evidence to assist in a criminal investigation. From networking capabilities to chat, voicemail, streaming video and email, the game consoles of today are unrecognizable from complex computer systems. With over 10 million XBOX 360s sold in the United States the likelihood that a criminal investigator encounters an XBOX 360 is a certainty. The digital forensics community has already begun to receive game consoles for examination, but there is no map for them to follow as there may be with other digital media. XBOX 360 Forensics provides that map and present the information for the examiners in an easy to read, easy to read format.

Key Features

  • Game consoles are routinely seized and contain evidence of criminal activity

  • Author Steve Bolt wrote the first whitepaper on XBOX investigations

Readership

Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.

Table of Contents

Chapter 1 The XBOX 360: Why We Need to be Concerned

Introduction

The XBOX 360

Criminal Uses of the XBOX 360

Poor Man’s Virtual Reality Simulator

Summary

References

Chapter 2 XBOX 360 Hardware

Getting Started with the XBOX 360

Technical Specifications

Hard Drive Disassembly

Summary

References

Chapter 3 XBOX LIVE

Introduction

What is XBOX Live?

Creating an XBOX Live Account and Getting Connected

Summary

References

Chapter 4 Configuration of the Console

Introduction

Getting Started

Network Configuration and Gamertag Recovery

Tour of the Dashboard, Profile Creation, and Gamertag Configuration

Connecting to XBOX Live

Joining XBOX Live

Summary

Chapter 5 Initial Forensic Acquisition and Examination

Imaging the Console Hard Drive

A First Look at the Contents of the Drive

Additional Information Located on the Drive

Summary

References

Chapter 6 Xbox 360 - Specific File Types

XBOX Content

Summary

References

Chapter 7 XBOX 360 Hard Drive

Initial Differences

Examination of the Post-System Updated Drive

PIRS Files After the Initial System Update

CON and LIVE File Examination

New Images Added After the System Update

Other Artifacts

Summary

Chapter 8 Post-System Update Drive Artifacts

Examining the XBOX 360 Hard Drive Using Xplorer360

Getting Started

Xplorer360 and the Post-System Update Drive

Cache Folder

Content Folder

Mindex folder

Summary

References

Chapter 9 XBOX Live Redemption Code and Facebook

Details

No. of pages:
304
Language:
English
Copyright:
© 2011
Published:
Imprint:
Syngress
eBook ISBN:
9781597496247
Print ISBN:
9781597496230

About the author

Steven Bolt

Steven Bolt is currently a Sr. Incident Response and Forensics Team Leader for a global corporation. Previously he worked as a Security Operations Center Manager and as a Computer Forensics Leader, Instructor and course developer at the Defense Cyber Investigations Training Academy. He holds several industry certifications.

Affiliations and Expertise

is a Computer Forensics Leader, and Instructor at the Defence Cyber Investigations Training Academy. He provides instruction and guidance to support the criminal investigators of the DoD and other federal investigators.

Reviews

"A very timely reference for forensic examiners, with a wealth of tools and processes for all aspects of the Xbox console. The author takes a unique approach of not just relaying details, but guiding the reader along a forensic adventure to explore the Xbox 360."--Brian Baskin, Senior Consultant, cmdLabs

"Xbox 360 Forensics is a handy reference and a good introduction…. [T]his book is not a simple step-by-step walkthrough but a very good starting point for the reader’s own forensic investigations."--Computers and Security