Does anyone know of a linux utility for finding/listing NTFS streams? Something similar to sysinternals utility: ...
240
t1ck_t0ck
Nov 5, 2003 4:42 pm
damn it. My new mantra: "google before you post, google before you post..." Sleuthkit/Autopsy of course. "Displays the details and contents of all attributes...
Firstly, pardon the lack of specifics in whats decribed below, its the result of a chat with a colleague in LE. He was describing evidence discovered on a...
243
Dave Dittrich
dittrich@...
Nov 5, 2003 7:54 pm
Enda, I'm sorry if this response seems harsh, but I've had this question posed to me a few times of late. Knowing what I do about exploits, rootkits,...
244
Ernie Baca
dborderman
Nov 6, 2003 3:53 am
And I must say SMART works very well. A must of any linux tool box. Thanks, Ernie Baca Www.linux-forensics.com ebaca@... ... ...
245
IanC
devorg
Nov 6, 2003 7:05 am
... <<SNIP>> ... This case is real recent - particularly in regards to timestamps Not got the Court Records myself yet but do know what they will say :-) Judge...
246
David Wilson
drindles
Nov 6, 2003 3:48 pm
I have run across a problem using Mandrake 9.1 and the dcfldd | split combination and can not figure out what is going on. I have used RH9 without any issue...
247
Horner, Jonathan J (J...
hornerjon
Nov 13, 2003 10:05 pm
Has anyone created any procedures or best practices for cataloguing and verifying the electronic evidence generated in the information discovery part of a...
248
evb
byebyebirdy99
Nov 14, 2003 8:01 am
Besides right-clicking on e.g. a word file to discover its properties, what is a good/the best way to discover the metadata associated with an MS Office file? ...
249
rgoto01
Nov 14, 2003 8:33 pm
I'm curious do you have a reference or link concerning the memory hole with Acrobat and FOIA? Thanks Bob Goto ... properties, what ... MS Office ... such as ...
250
IanC
devorg
Nov 15, 2003 12:00 am
... Cut & Paste to TeXt :-) An un-redacted document could be here: http://www.thememoryhole.org/feds/doj-attorney-diversity-unredacted.pdf Ummm: ...
251
evb
byebyebirdy99
Nov 15, 2003 12:13 am
free registration at nytimes.com http://www.nytimes.com/2003/11/13/technology/circuits/13kick.html...
252
IanC
devorg
Nov 15, 2003 12:14 am
... I honestly don't know what the fook your talking about! But it does sound good to me :-) Are you talking about ISP monitoring - or Web Activity -...
253
IanC
devorg
Nov 15, 2003 1:03 am
For fun & Education only.... ~~~~ Can the guy using, or who's server is, using "PTI SPAM Control" sort it out please! This is a laugh: ... All I posted was...
254
Horner, Jonathan J (J...
hornerjon
Nov 17, 2003 12:53 pm
Information discovery is the art/process of retrieving electronic evidence from non-seized machines. It is sort of like getting copies of pictures downloaded...
255
Enda Cronnolly
endacronnolly
Nov 18, 2003 2:36 pm
... Do you have any software that performs "skin detection" in images? Or can anyone recommend anything for this? For the sort of activity being described in...
256
Enda Cronnolly
endacronnolly
Nov 18, 2003 2:57 pm
Hi, You are subscribed to the linux forensics email list, and it would appear that you are not getting the mailings. Below is a message that everyone who posts...
257
Horner, Jonathan J (J...
hornerjon
Nov 18, 2003 3:59 pm
I'm mainly fishing. We have some loose ideas we are working off of, but I'd like to see what others are doing. Thanks, J. J. Horner (Jon) ...
258
The Dog's Bollix
ISXPRO
Nov 18, 2003 8:16 pm
... There is a software program that scans image files for skin tones, and it is designed to scan though image files and detect those that could be of a...
259
David Wilson
drindles
Nov 18, 2003 11:06 pm
I am not sure what you mean about "remedy the situation" I want the posts. What do I need to do? Thanks David...
260
IanC
devorg
Nov 18, 2003 11:39 pm
... Would this not be contravening some electronic communication act if it were not a seized machine,, or under a court order? ... Some type of programmed...
261
Horner, Jonathan J (J...
hornerjon
Nov 18, 2003 11:42 pm
Wait! Don't go that direction! I'm just talking about getting copies of images from public web-sites that our users may frequent. I'm not talking about...
262
IanC
devorg
Nov 18, 2003 11:57 pm
... Oh,, ok - sorry I got carried away. This could mirror a site - Teleport Pro: http://www.tenmax.com/ It does though only follow links so if a page of a site...
263
MIKE BOGGESS
henry7x34
Nov 19, 2003 12:24 am
On Tue, 18 Nov 2003 18:40:18 -0500 "IanC" <saladin@...> wrote: <TEXTAREA NAME="Signature" ROWS="4" COLS="60"><TEXTAREA NAME="Signature" ROWS="4"...
264
IanC
devorg
Nov 19, 2003 12:39 am
... I think you typed it wrong.. www.inetd.com...
265
Christopher Bell
cymordis
Nov 19, 2003 2:14 pm
That was an interesting site. I saw something the other day that scans hard drives for skin tones. This seems to be a little easier. What is the cost on...
266
Jason Fuller
eforensics
Nov 21, 2003 7:27 pm
To All: I am interested in locating linux drivers for the "Mitsumi 7-in-1 Media Drive(FA404A/B) Card Reader w/Floppy". Does anyone know of existing linux ...
267
Barry Grundy
grundy_b
Nov 22, 2003 2:39 pm
... I used one of these at a friends house with Knoppix (I think it was the one you are talking about). Just load the required USB drivers and mount the media...
268
liusiguang
Nov 23, 2003 3:38 am
Iam, I teach computer forensics and spend much of my free time coming up with malignant problems bor the students. One of my better efforts was to take a...
