Search results

  1. S

    Computer Forensics in the Midwest (Indiana)

    It depends where you're going in Northern Indiana. If it's South Bend that's ones thing, but Hammond, In is in Chicago's suburbs.
  2. S

    Any Video out there on Computer Forensics?

    If you like iTunes CERIAS has had Marcus Rogers, Brian Carrier, and several other researchers talk on their video podcast. Search for Cerias on iTunes and download for free one to two hour briefings. They're pretty good for state of the science. If you have iTunes this link should take you to...
  3. S

    Evidence Deletion

    brake cleaner works much better than a bomb. Removes the coating from the disks and makes a real mess instantly and fairly (compared to a bomb) quietly.
  4. S

    Computer Investigator v Computer Analyst?

    clarkwgriswold I imagine you're not joking around either and it's just another juvenile slam for some odd reason. You obviously never quite understood what I wrote before. I'll talk slower this time..... University choice is a persons choice and they all have their benefits and issues. But, then...
  5. S

    Computer Investigator v Computer Analyst?

    I won't give you the answer but I'll give you the tools to go get it.... Go to Monster.com and look up "computer analyst" and "computer investigator". That should give you a pretty good idea. Google the terms too that might help.
  6. S

    Online Schools

    Thanks Dennis you nailed it 100 percent. sam
  7. S

    Criminal Records

    I tell my students this: If you've done drugs and not got caught you might get a job. Until they do the background check. If you've done drugs, or have a felony you won't get a job so change majors. Somebody somewhere if not your own blood will out you. If you've ever worn handcuffs it's...
  8. S

    Thesis Ideas...

    Knowing the answers is good, but knowing good questions is better. First when trying to get an idea about research think about everything in questions not topics. "Phishing" is a topic, "Is their a direct correlation between the elderly and phishing?" is a research question. Keeping a research...
  9. S

    Any Video out there on Computer Forensics?

    Blackhat Briefings have some video and audio. But, by no means does that replace course work.
  10. S

    Computer Forensics at Uni in UK

    I believe East London University was working on a Computer Forensics Program.
  11. S

    Online Schools

    Good point Slider. This is an interesting discussion going on here but are you sure a public University is interested in YOUR education? Private schools are not all "for profit", and the profit status is not what students should care about when looking for a school. As undergraduate students...
  12. S

    CHFI vs. ACE

    The term "hacker" has a long if stained history. Hacker has existed longer than the modern computer back to the original days of telephone and amateur radio. So that term you so blithely toss aside as "goofy slang terminology" is a fully relevant term. The term has been used in peer reviewed...
  13. S

    Analyze a SAN Storage

    I'm actually involved in some research on this issue. As the image sizes increase the storage required for the image increases and the likelihood of a simple hash will take longer than the investigator has life time. FoNet is a distributed forensics system that allows you to break up the job...
  14. S

    1 TB Consumer Grade Hard Drives and Forensic Analysis

    Seagate is set to release a consumer level 1TB hard drive within their Baracuda line of drives. Daily Tech has a bit of information on the new drive (http:// dailytech.com/article.aspx?newsid=5582). Personally I think it would make a great PVR disk and at a likely street price of $400 it won't...
  15. S

    Which Degree?

    One way to go the law enforcement way is to get into a crime lab. I've had a blast working around crime labs though where I'm at now I don't do that kind of work much. You can also get experienced in other evidence processing and analysis tools too.
  16. S

    Evidence Deletion

    backups will not cover deletion issues. The FRCP can be construed (and you know they will) that data must be in the original format and backups are copies (not the original format). One of the reasons is that meta-data may be lost in the back up process. A recent HR case required that the...
  17. S

    What do you all think of this program??

    I've been through edition 1 and edition 2 extensively. I'll admit I use it with my students. They are required to find all of the errors in the text. Whether it be directions that should be reversed, files that are missing, files that are not included, directions that are in error, or processes...
  18. S

    Opinion on book

    Yes I have read it. Quick review: It's a good book to give you a background on the processes and things you should be thinking about. No book will truly give you an idea of what it will be like the first time you flub it. I should put together a forensic library bibliography maybe. It's...
  19. S

    Is Computer Forecsics an over crowded field?

    I agree with AlanOne. The field will fill quickly with people who have certifications in tools and vendors technologies. Unfortunately for many this is rapidly evolving from a discipline to a science and advanced degrees along with recognition of the Association of Forensic Science will make...
  20. S

    Skype

    Bauer, Let's start with the basics. If you have physical custody of the suspect computer you likely would not be looking for the trace. Since it is PSTN at the victim you can pull the incoming (depending on the laws and who you work for). The telco may have that information. SKYPE may have...
  21. S

    Retrospective tracing of phone calls

    I saw your second request for comment. The problem being now you've added SKYPE to the equation, and the possibility of TOR or other anonymizing technologies. Let me think about it and I'll let you know, but I'm not coming up with much unless you have physical possession of the suspect machine too.
  22. S

    Court Case with yahoo messenger logs

    If you find the keyboard on sale buy two I want one. Wonder if they are Mac compatible?
  23. S

    Retrospective tracing of phone calls

    The answer is it depends. Some carriers maintain call log databases that allow for figuring out trending analysis. They can be quite detailed. Some carriers are under notice to track all calls in specific regions (US and abroad) and have all of the billing information that includes the...
  24. S

    Court Case with yahoo messenger logs

    Nope. I've seen some of the message traffic show up as deleted files in the lab, and I've seen them show when somebody has been deleting them. But, I imagine your thinking the chat sessions are being archived on their own? Unless logging is enabled on the client I haven't seen the standard...
  25. S

    Court Case with yahoo messenger logs

    I've heard of only three cases or so where this situation will occur with the logs not reflecting what is expected. Besides the obvious guy hiding behind blind denial of actually proposition a 12 year old. The officers could be providing the logs from the "victim" computer not the defendants...
  26. S

    FTK, EnCase, ETC

    I can't help myself. I've been reading all week about ZFS the Zetabyte File System from Sun. The size of a single volume is humongous. I'm in the process of building a distributed forensic grid to try and file carve and index extremely large images. en.wikipedia.org/wiki/ZFS
  27. S

    FTK, EnCase, ETC

    Never? What if it is a mainframe computer with a half a terabyte of RAM? Say an E25K?
  28. S

    Grants or Scolarships

    Between federal agencies, merit scholarship, and subject based scholarships I've paid for very little school. I paid cash for my AS in general studies, and after that everything was basically free through my PhD. With the exception of books and living expenses Ive basically gotten four degrees...
  29. S

    Court Cases with MSN Messenger logs

    Re: Hi again <r><QUOTE author="AlanOne"><s> </e></QUOTE> <br/> I'll add that the forensic investigator is as close to a "friend of the court" as you can get irrespective of which side they are on. The mere sniff of bias will get an investigator raked over the coals (or should). This is one of...
  30. S

    Computer Forensics Job Market

    OK... There are a lot of Universities that have Scholarship for Service.... Start here for information sfs.opm.gov/ (admin can we leave the link?) Here is a list of the schools involved sfs.opm.gov/ContactsPI.asp This is a brochure on the program sfs.opm.gov/StudentBrochureWeb.pdf Centers...
  31. S

    Salry for a Processing Technician

    Evidence Technician $37K indeed.com/salary?q1=Evidence+Technician&l1=Seattle&tm=1
  32. S

    Evidence Deletion

    New federal rules of evidence also state that if you "think" that digital evidence might be used against you in the future you are required to sequester and protect that evidence (fox guarding the hen house). Also, new rules going into effect state that if evidence is destroyed even as part of a...
  33. S

    Drivecrypt plus

    After some thinking..... It is bleak. However I'll reiterate go back to the scene and go through everything. Few people don't write down the passwords for these types of tools. Also look for "other" types of digital evidence (Ipods, cell phones, Blackberries) they may have the password in it...
  34. S

    Drivecrypt plus

    It's time to go back to the suspects location. Blowfish is a highly capable algorithm but I'm willing to bet there is a physical piece of evidence with the pass phrase. Standard forensics based on normal drive software is not going to touch it. Welcome to a new world of forensics. Blowfish is...
  35. S

    Masters?

    Re: masters <r><QUOTE author="gron"><s> </e></QUOTE> <br/> <br/> try UMUC.edu I may have misstated earlier which school it was... The right school University Maryland University College. There's not much on their website, but you can get view books I believe from them.</r>
  36. S

    Best Ways to Advertise CF Services?

    When you're ready email me. I helped design and build out (a few times now) a vBulletin based web forum with 50K users and a three server based system.
  37. S

    Masters?

    I answered a little in your other thread (mods/admins you want to delete that be my guest). First a Masters Degree suggests that a topic area is a science or discipline. Quite honestly Computer Forensics has a hard time making that grade in most Universities. So computer forensics is part of...
  38. S

    Best Ways to Advertise CF Services?

    Hey admin this site forensicswiki.org/wiki/Main_Page had the chance to be the biggest, but so far it is pretty dull. It's more of a fanboy site than a community site. Forensics World always seems to be thin on posters but there are always dozens of guests watching the content delivery. What is...
  39. S

    CD/DVD Forensics

    You might want to start with a scenario you're trying to solve. It would help greatly in creating a solution versus scattering all over the surface and no detail. From the impression professors in your institution give me they are very interested in details versus simple surface treatment. If...
  40. S

    Questions about this field

    99.99999 percent of this field is about credibility. Not technical credibility, not educational credibility, but PERSONAL credibility. Worse it's credibility not to YOUR peers but a defendants peers and more importantly a random selection of the population where you're working called a jury. You...
  41. S

    Macintosh Forensics

    Currently the NIJ has a huge grant opportunty because Mac forensics is so poorly done by the different tools. There are methods to read Mac disks but none of them are as mature as other file system tools.
  42. S

    help with a project

    I'm about two hours away if you need any help.
  43. S

    Forensic Investigation Procedures

    There are a variety of guidelines and (ewww) "Best Practices" guides. Be wary of using vendor based guides. The Secret Service has a method, there is always ACPO, and a variety of other guides. It would be very hard without knowing your industry and need to make a suggestion on waht would work...
  44. S

    Hackers

    The term hacker is a ripped off term used pejoratively and thus the use of the word hacker and research are nearly anathema to each other. White, black, and gray are cognitive binning methods used by people to attempt a taxonomical discussion of topic that ontologically and taxonomically are...
  45. S

    Internet usage forensic!

    That's why some of the prof's cruise the web forums whacking students who get out of line.
  46. S

    help with a project

    Things to hide that would be needed later by a crook... Direct evidence Emails with fake account data Emails detailing phone conversations or records Cheat sheets with the account data Stego tools to hide data in plain sight Zip files with encryption to protect sensitive data write the pass...
  47. S

    Information about Forensics

    hi teech... a few universities have k-12 curriculum for information assurance and security. I don't know for sure about forensics but I'll look to see if I can find anything if that sounds interesting.
  48. S

    What should i do next?

    The reason so many people say experience is important (well the reason I say it), is that unlike IT, CS, or any other technical skill computer forensics is a job where you might be determining who go's to jail. You'll be testifying in court, providing information that will be used to find...
  49. S

    AVG Virus Protection

    Egads copying the wrong linkage. Sorry about that.
  50. S

    AVG Virus Protection

    It will still be free you just have to upgrade to the newest version.... free.grisoft.com/doc/avg-anti-spyware-free/lng/us/tpl/v5 digg.com/software/Inaccurate_Story_dig_AVG_will_ALWAYS_be_FREE_v7_1_discontinued_v_7_5_free Though I don't consider DIGG to be a "perfect" source it does have...

About us

  • Our community began in 2004. Since this time, we have grown to have over 29,000+ members within the DFIR & Cyber Security community.

    We are happy to announce that this forum is now under new ownership with the goal to once again become the main Digital Forensics Forum on the internet for DFIR, OSINT and Cyber Security.

    If you can think of ways to help us improve, please let us know.

    We pride ourselves on offering unbiased, critical discussion among people of all different backgrounds.

    We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu