Building A Computer Forensics Lab


coolfool

New Member
Aug 28, 2005
3
0
#1
Hello Forensics Community,

I was wondering what hardware and software requirements and network infrastructure would be needed to develop a forensics lab. I am interested in both commercial and open source software, I have heard that it might be easier foe me to purchase a full blown commercial suite and supplement it with open source software. On the other hand I would like to have more feedback geared to the hardware components, if there are any special devices that need to be purchased, what’s better or gives the lab flexibility to grow and so forth. If you need more information please pm me.

Thanks in advance.
 

cybercop

Administrator
Oct 31, 2005
1,660
0
#3
The computer you use to work on the forensic images with needs to be isolated completely from any network or the internet. As far as what system do you want to use, get the fastest pc you can afford with the most memory you can afford. Will need to have floppy drive so make sure it does. Most new ones don't now. Make sure it has room for expansion and will need various hardware adapters to hook up the hardware you are examining (drives etc). As far as software, what I like may not be what you like. Most software has an evaluation period, try them. I personally think Linux based systems are easier to work with and protect the evidence from accidental writes. Best of all, most of the software you need for forensics using Linux can be had for nothing.
Just remember, it will take quite a while to build a reputation as a forensics expert.
 

AlanOne

New Member
Nov 18, 2005
701
0
#4
I am in the middle stages of opening my own practice and it is not an easy task getting yourself known. I personally worried less about what equipment I was going to use and more about what I needed to do education and training/certification that would give me an edge. I barely get noticed with a degree in computer forensics, 15 years of computer consulting experience, A+ and Network+ certifications, a forensic certification and Encase training. So at minimum, you should get as much training you can afford. The more training you get, the better understanding of the equipment requirements you will need to do the job. But that is just my opinion.

Tim, CCE

P.S. I've spent close to $20,000 in software, training, hardware, etc. to date. You need a good amount of financial resources... :)
 

About us

  • Our community began in 2004. Since this time, we have grown to have over 29,000+ members within the DFIR & Cyber Security community.

    We are happy to announce that this forum is now under new ownership with the goal to once again become the main Digital Forensics Forum on the internet for DFIR, OSINT and Cyber Security.

    If you can think of ways to help us improve, please let us know.

    We pride ourselves on offering unbiased, critical discussion among people of all different backgrounds.

    We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu