1 / 28

ITIS 4250 Computer Forensics

ITIS 4250 Computer Forensics. Chapter 7 Current Computer Forensics Tools. Digital Intelligence UltraKit. www.digitalintelligence.com. Digital Intelligence F.R.E.D. (F orensic R ecovery of E vidence D evice). www.digitalintelligence.com. Digital Intelligence F.R.E.D.D.I.E

dior
Download Presentation

ITIS 4250 Computer Forensics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITIS 4250Computer Forensics Chapter 7 Current Computer Forensics Tools

  2. Digital Intelligence UltraKit www.digitalintelligence.com

  3. Digital Intelligence F.R.E.D. (Forensic Recovery of Evidence Device) www.digitalintelligence.com

  4. Digital Intelligence F.R.E.D.D.I.E Forensic Recovery of Evidence Device (Diminutive Interrogation Equipment)

  5. Digital Intelligence F.R.E.D.D.I.E Forensic Recovery of Evidence Device (Diminutive Interrogation Equipment)

  6. Digital Intelligence FRED L

  7. Digital Intelligence FRED Sr

  8. Digital Intelligence FRED M

  9. DIBS USA

  10. Tasks Performed by Computer Forensics Tools • Acquisition • Validation and discrimination • Extraction • Reconstruction • Reporting Guide to Computer Forensics and Investigations, 2e

  11. Acquisition • Physical data copy • Hardware: Image MaSSter Solo 2 Guide to Computer Forensics and Investigations, 2e

  12. Tasks Performed by Computer Forensics Tools • Acquisition • Validation and discrimination • Extraction • Reconstruction • Reporting Guide to Computer Forensics and Investigations, 2e

  13. Extraction • Recovering data • Data viewing • Keyword searching • Decompressing • Carving • Decrypting • Bookmarking Guide to Computer Forensics and Investigations, 2e

  14. Tasks Performed by Computer Forensics Tools • Acquisition • Validation and discrimination • Extraction • Reconstruction • Reporting Guide to Computer Forensics and Investigations, 2e

  15. Tasks Performed by Computer Forensics Tools • Acquisition • Validation and discrimination • Extraction • Reconstruction • Reporting Guide to Computer Forensics and Investigations, 2e

  16. UNIX/Linux Command-line Forensic Tools • Examples: • SMART • Helix • Autopsy • SleuthKit • Knoppix-STD • The Coroner’s Toolkit (TCT) Guide to Computer Forensics and Investigations, 2e

  17. Using NIST Tools • www.nsrl.nist.gov • www.cftt.nist.gov Guide to Computer Forensics and Investigations, 2e

  18. Validation Protocols • Verify results • Might be asked on the stand, “How did you verify your results?” • Need at least two tools • Well tested • Documented Guide to Computer Forensics and Investigations, 2e

More Related