Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Forensic Downloads
· Forensics Feedback
· Forums
· Recommend Us
· Statistics
· Surveys
· Top 10
· Topics
· Training Reviews
· Web Links
· Your Account

Our Membership

Latest: Guilherme_Ascione
New Today: 0
New Yesterday: 1
Overall: 27250

Computer Forensics
This is a free and open peer to peer medium for digital and computer forensics professionals and students. Please help us maintain it by contributing and perhaps linking to us from your own website.

Recent Posts

 Collaboration with Lawyers?
 seeking project title
 Need help, Forensic research theme for final year
 SD Card Insertion Data
 Mounting encase e01 files then adding them to vmware to view

Computer Forensics World Forums


Pages Served
We received
34050457
page views since August 2004

Security Sources

Firewalls
Cryptography
ISO 17799 ISO 27001
ISO 17799 Toolkit
ISO 27001 & 27000
Disk Analysis
Security Policies

A Community of Computer Forensics Professionals


Computer Forensics World is a growing community of professionals involved in the digital forensics industry. It is an open resource, free for all to access and to use. It strongly encourages the sharing of information and peer to peer assistance.

To support this initiative, a range of interactive facilities are available, including surveys, forums and posting areas for information and papers. Please feel free to use all these features.

As with all user groups and communities, its success ultimately depends upon its members. Greater involvement by larger numbers will always create a more vibrant and useful experience. Please join us...

Forum and Directory Now Open
Computer Forensics and Investigation
Our on-board Discussion Forums are now open, and embrace all aspects of digital and computer forensics. Please do contribute and participate. Equally, we have also added a directory of resources and information for your reference and use.
Posted by Monica on Friday, August 27 @ 11:20:58 EDT (30018 reads)
(Read More... | Score: 3.94)



Computer Forensics Basics: Frequently Asked Questions
Computer Forensics and Investigation
Our latest digital forensics FAQ has now been published:

1. What is Computer Forensics?
There a number of slightly varying definitions around. However, generally, computer forensics is considered to be the use of analytical and investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded.

2. What is the objective of this?
Usually to provide digital evidence of a specific or general activity.

3. To what ends?
A forensic investigation can be initiated for a variety of reasons. The most high profile are usually with respect to criminal investigation, or civil litigation, but digital forensic techniques can be of value in a wide variety of situations, including perhaps, simply re-tracking steps taken when data has been lost.

4. What are the common scenarios?
Wide and varied! Examples include:
- Employee internet abuse (common, but decreasing)
- Unauthorized disclosure of corporate information and data (accidental and intentional)
- Industrial espionage
- Damage assessment (following an incident)
- Criminal fraud and deception cases
- More general criminal cases (many criminals simply store information on computers, intentionally or unwittingly)
- and countless others!

5. How is a computer forensic investigation approached?
It's a detailed science. However, very broadly, the main phases are sometimes considered to be: secure the subject system (from tampering during the operation); take a copy of hard drive (if applicable); identify and recovery all files (including those deleted); access/copy hidden, protected and temporary files; study 'special' areas on the drive (eg: residue from previously deleted files); investigate data/settings from installed applications/programs; assess the system as a whole, including its structure; consider general factors relating to the users activity; create detailed report. Throughout the investigation, it is important to stress that a full audit log of your activities should be maintained.

6. Is there anything that should NOT be done during an investigation?
Definitely. However, these tend to be related to the nature of the computer system being investigated. Typically though, it is important to avoid changing date/time stamps (of files for example) or changing data itself. The same applies to the overwriting of unallocated space (which can happen on re-boot for example). 'Study don't change' is a useful catch-phrase.

7. I am interested in a career in this field. Where do I start?
This is a common question, with many answers. Perhaps a good starting point however is to read the specific section of our Forum: "Digital Forensics: Getting Started". This includes hundreds of posts on this issue.

8. What about training?
Again, there is a specific area of the Forum dedicated to education and training. In addition, we are currently building an entire section comprising first party reviews of formal courses (see left hand panel). Finally, although designed largely for practitioners, the Computer Forensics Toolkit is increasingly being used as a training resource (see top right).


Posted by Monica on Thursday, August 26 @ 13:28:04 EDT (60254 reads)
(Read More... | Score: 4.06)



The Forensics Toolkit
The Computer Forensics Toolkit provides a whole range of items to assist both the beginner and the expert practitioner.

It includes checklists, guides, presentations, essential procedures, and a variety of other useful resources.

It is now documented fully on its own website: Computer Forensics


Survey
How long have you been involved in the forensics industry?

I'm not: I'm just generally interested
Only just started.
A few weeks.
A few months.
1-2 years.
2-5 years
More than 5 years.



Results
Polls

Votes 16326

Educational Sponsor
If you are interested in sponsoring or advertising on Computer Forensics World, please contact us via the feedback form.

A range of opportunities are available.


Who's Online
There are currently, 80 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here


 

TMs property of their respective owner. Comments property of posters. 2007 Computer Forensics Science World.
Digital forensic computing news syndication: Computer Forensics Training News or UM Text
Software is copyrighted phpnuke.org (c)2003, and is free under licence agreement. All Rights Are Reserved.