TELEPHONE:

EMAIL:

NTA Stealth - Internet History Identification Software

Program History

The NTA Stealth™ program is a new and enhanced version of NTI's Net Threat Analyzer (NTA). NTA evolved from another NTI program called IPFilter that was specifically designed for law enforcement use in the late 1990's. IPFilter was essentially a sampling tool that helped in the identification of potential Internet leads and evidence as found in Windows swap/page files. It was intended for use in cases involving the illegal distribution of child pornography over the Internet.

The capabilities of the IPFilter program were expanded by NTI in 1999 to help school police and law enforcement computer specialists identify evidence of hate crimes and bomb making activities by children. The Thurston High School shootings in 1998 in Springfield, Oregon and the Columbine High School shootings in 1999 in Littleton, Colorado made NTI's management aware that school children were using the Internet inappropriately and law enforcement officials needed a better way to deal with Internet related threats and issues tied to children. In both the Thurston and Columbine cases, bomb making information had been obtained by high school age children from Internet sources. As a result, the program logic of the original IPFilter program was modified to identify leads and evidence of Internet-based hate crimes and drug trafficking. When the program became more threat identification-based, the name was changed to Net Threat Analyzer. However, the core functionality of the original IPFilter program remained unchanged. Like the original IPFilter program, NTA was a data sampling tool which relied upon data stored in Windows swap/page files. It could also be used to identify Internet-based leads contained in bit stream backup files created with NTI's SafeBack software but its logic was limited to the processing of files rather than entire hard disk drives.

The events associated with the terrorist attacks in the United States on September 11, 2001 identified the need to update NTA's program logic, once again, to help law enforcement and military computer specialists. As a result, the program logic was updated to also identify Internet-based leads associated with terrorist activities, e.g. E-Mail communications with terrorist related countries and Internet web browsing related to weapons of mass destruction. Like the prior versions of IPFilter and NTA, the upgraded NTA program was also a sampling tool which relied upon data in Windows swap/page files and SafeBack bit stream backup files. This special September 11th release of NTA was covered extensively by the news media. At the time NTI upgraded NTA for use in the War-On-Terror there was an awareness that other improvements needed to be made but those improvements were postponed in the interest of getting something quickly in the hands of U. S. military and law enforcement officials in the fall of 2001.

In April 2004 an enhanced version 6.0 of NTA was released by NTI. It operates at a faster rate of speed than the prior versions of NTA and it adds the capability of processing an entire hard disk drive from the physical access of the hard drive via floppy diskettes and/or USB memory devices. Because of the potentials for covert processing of targeted computer system the new version was code named NTA Stealth™. With the release of the NTA Stealth™ version, NTA was no longer a data sampling tool which was limited to the processing of targeted files. It became an easy to use portable tool which was capable of processing an entire computer hard disk drive from an external storage device, e.g., floppy diskettes, zip drives and USB storage devices. The NTA Stealth™ program was also enhanced to more accurately identify foreign Internet transactions and Internet web browsing of pornography-based Internet web sites. All of the changes and enhancements were made with NTI's probation, parole, law enforcement and school administration clients in mind. Their jobs in the field are difficult and the portability and evidence preservation aspects of the NTA Stealth™ program fit perfectly with their needs. This program has proven to be very effective in monitoring the computer activities of convicted sex offenders and information about that can be found at http://www.forensics-intl.com/mult-pr.html and http://www.forensics-intl.com/art35.html.

The User's Guide for the NTA Stealth™ Program is available on this web site for the benefit of our clients. Click here for the detailed NTA Stealth™ User's Guide.

In November 2003, NTI also released an analysis tool called NTA Viewer which is used to review and analyze the output from the NTA Stealth™ program and also prior versions of NTA. This powerful analysis tool is Windows-based and it is ideal for use in law enforcement investigations, corporate investigations and military operations. It can also be used to analyze the combined NTA output from several different computer hard disk drives in conspiracy investigations which involve multiple individuals, computer systems and hard disk drives. NTA Viewer also facilitates the creation of custom reports to document Internet related findings and it allows for the interactive Internet review of the Internet leads identified by NTA. This feature makes it easy for probation and parole officers to evaluate Internet leads and evidence found on the computers of convicted sex offenders.

Please direct E-Mail to