Skip to search.
forensically_sound · Forensically Sound
  • Members Only
  • Post
  • Files
  • Photos
  • Links
  • Database
  • Polls
  • Members
  • Calendar
  • Promote
  • Groups Labs (Beta)
  • Chat

Group Information

  • Members: 9
  • Category: Forensics
  • Founded: Aug 9, 2006
  • Language: English
? Already a member? Sign in to Yahoo!

Yahoo! Groups Tips

Did you know...
Real people. Real stories. See how Yahoo! Groups impacts members worldwide.
Notice  Upcoming calendar upgrade: Yahoo! Groups calendars are being upgraded to a much improved version. You may not have access to the calendar (for up to 24 hours) when this group is upgraded. We sincerely apologize for this inconvenience.

Home

  

Activity within 7 days:

New Questions

Description

The goal of this project is to develop a working defition of how to collect digital evidence in a forensically sound manner. Existing definitions and guidelines for this type of activity were developed with a very narrow scope, too narrow to fit many of the scenarios where digital forensics and incident response are utilized. For example, the existing defintions do not apply well to the scenario when a forensic examiner and/or incident handler is attempting to collect digital evidence from a running system. In addition, the existing defintions do not cover how to properly collect network based evidence for network forensics, nor do they cover how to properlly collect code based evidence for code analysis.

There has been some discussion about this topic at the following locations:
http://forensiccomputing.blogspot.com/2006/08/forensically-sound-duplicate.html
http://taosecurity.blogspot.com/2006/08/forensically-sound-evidence.html
http://windowsir.blogspot.com/2006/08/what-is-forensically-sound.html

Most Recent Messages

  (View All)
(Group by Topic)
Search:
Advanced
    Start Topic
Re: More thoughts
I think this problem of defining "forensically sound" lies in the fact that this issue is really two pronged: 1. The technical nature of the topic we seek to
Posted - Fri Nov 17, 2006 4:59 am
 Chris Poldervaart
chrispolderv...
Offline Offline
Send Email Send Email
Re: More thoughts
Michael, ... I fully agree. Harlan
Posted - Thu Nov 16, 2006 12:37 pm
 H C
keydet89
Offline Offline
Send Email Send Email
Re: More thoughts
... -- Craig Ball Attorney and Technologist Certified Computer Forensic Examiner 1101 Ridgecrest Austin, Texas 78746 TEL: 512-514-0182 MBL: 713-320-6066 FAX:
Posted - Mon Nov 13, 2006 7:02 am
 Craig Ball
craigdouglas...
Offline Offline
Send Email Send Email
Re: More thoughts
... I =THINK= this is what Chris Poldervaart was referring to when he said "smear" (in regards to imaging a live system). ... Well the list has been quiet, and
Posted - Sun Nov 12, 2006 5:59 pm
 michael.murr
Offline Offline
Send Email Send Email
Re: More thoughts
Mike, Some very interesting thoughts here... ... operating procedures). ... IMHO, with both 1 and 2, you're right. I recently went back and forth with an MS
Posted - Sun Oct 22, 2006 12:01 pm
 H C
keydet89
Offline Offline
Send Email Send Email
Add forensically_sound to your personalized My Yahoo! page Add to My Yahoo! XML What's This?

Message History

Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
2006 5 1 2 4
What is Yahoo! Answers?

Yahoo! Answers, a new Yahoo! community, is a question and answer exchange where the world gathers to share what they know...and make each other's day. People can ask questions on any topic, and help others out by answering their questions.

Hide this tip
What is Yahoo! Answers?

Yahoo! Answers, a new Yahoo! community, is a question and answer exchange where the world gathers to share what they know...and make each other's day. People can ask questions on any topic, and help others out by answering their questions.

Hide this tip

Questions in Science & Mathematics

  • Questions are currently unavailable.

Want to help answer other questions? Go to Yahoo! Answers
Copyright © 2010 Yahoo! Inc. All rights reserved.
Privacy Policy - Terms of Service - Guidelines NEW - Help