This paper looks at the investigating terrorist threads via the e-mails. Liaison with the national joint terrorism task force and then form the flying squad with specialized experts than the establishing the watch units to counterterrorism, Formation of communication exploitation section to analyze terrorists’ communication, getting in contact with the interagency terrorist financing operation section to get the finances us the last step.
The steps that will be followed in the examination of e-mails will follow the steps that are used in the investigation of data on a computer hard drive. Securing the device and performing the initial tasks in doing this the legal rights must have been acquired (Nelson Et al. 2005). Cloning of the device and calculating the CRC Checksum. Searching the device manually is the next step so that the original disk is kept in its seized state. Searching the device automatically is the last step.
For the trucking purpose look at received header fields like from, via and by and the identity of the message. On the sender’s IP address look at the computer’s name, the IP-address of the connecting computer and by that gives the name of the server, windows computer name, the time zone, the X-mailer and the X-Originating-IP (Tiesha, 2009).
There are fundamentally two steps that are involved in the course of tracking an e-mail. First get the IP address in the header of the email section, and then look up the location of the IP address (Tiesha, 2009).
The benefits of e-mail log are; elimination of all network all network traffics associated with the spam. Another benefit is the offloading connection management involved in the e-mail gateway running (Kurt, 2007).
The available forensics are; the forensic toolkit, they are used for the cloning, CRC calculations and significant searching capabilities. Others include e-fence and Helix used to boot the computer, password cracking regular expression search and network program analysis. The nuclear forensics uncovers the terrorists themselves. It also reduces the overbuying of the equipments.