Stevens, I don't see anything that could be interpreted as exculpatory. What part of Stuart's statement is exculpatory? Bob ... From: Stevens R. Miller...
Mr. Miller may have a good point. Handwritten notes taken during the course of a police investigation can be demanded in discovery as evidence. I have found...
Group, My company is looking at the various linux certs that are available: 1. COMPTIA Linux+ 2. RedHat RHCE 3. Linux Professional Institute 10x and 20x...
The handling of written notes is usually a procedural issue with the specific department. If they routinely destroy written notes after the report is finished...
Brett raises a related point, though not quite the one I tried to address. He's talking about disclosure obligations, which vary from state to state. In New...
I'm a wee-bit reluctant to answer this question, because doing so might give the appearance that I am questioning Stu's skills, which I have no reason to do....
This a follow-up reply to an old thread. ... OS: Fedora Core 5, i686 Version: 1.3-RC2 (May 9, 2005) Nick, Recently, we copied a hard drive that had errors. Our...
Well, As we say a new year and new things to come.....After releasing the new Penguin Sleuth Kit Virtual Platform, I have decided to bring back my old PSK Boot...
Hello again, Just a little update on my current research and direction of the New Penguin Sleuth Kit.....I have been experimenting with several live cd ...
... Thanks for the update Ernie. Although not said often enough, work done by people such as yourself is appreciated and beneficial to many. Thank you, ...
Hi i am relatively new to forensics and even newer to linux and live response. i like the look of penguin but have i missed something somewhere... i read the...
I recently had a case where I had to obtain the Safari browsing and download history from a MacOSX system. There are several methods to extract the data from...
jake@...
Jan 8, 2007 12:26 am
2413
jake- just curious...does this convert the new binary version of the plist files? or does the plist file have to be converted from the binary to the XML ...
Hi, safari_hist parses the binary History.plist file. The History.plist file doesn't need to be converted to XML first. I checked out the BHV tool referenced...
jake@...
Jan 8, 2007 2:43 pm
2415
Jake- That is very cool! Previously I had to convert the binary. Great work thanks! ... -- Ave caesar! Morituri te salutamus...
Ernie, I am the creator of the Portable Linux Auditing CD (PLAC), one of the first linux bootable cdrom toolkits. I too have had thoughts on re-creating the...
Hello again, I wanted to clarify a few things. It seems that after my last few posts several people ran to my website and either downloaded the PSK virtual...
Greetings everyone, I would like your help in creating a poll based on current salary ranges for computer forensic professionals. As many of you know, finding...
How about using puppylinux (http://www.puppylinux.com) as a base for the build. It's small, fast, runs completely in ram (typically) and allows you to package...
I looked at the puppy Linux page.....It is pretty much a slax derivative or very close which I was looking into at the beginning of my search. SLAX is a neat...
I am working a case where handheld Global Positioning Systems (GPS) were used by criminals to plot their targets and plan their criminal activities. (See: ...
CCU-ZA
ccu@...
Jan 23, 2007 8:19 am
2422
... Did you read the user manual for this product? If not, it might be helpful. According to the manual; "Deleting an item from the Recent Finds list only...
There are many tools for recovering data from damaged CDs with Windows, but I don't know of any that can return the raw data (even in the case of ECC failure)...
The Atlanta Chapter of the High Technology Crime Investigation Association (HTCIA), in partnership with the CyberCrime Institute (CCI) at Kennesaw State...
I have moved recently from an area that was using some of the "standard" tool sets, FTK, EnCase etc. Now I'm in an environment that requires the use of open...
... Just out of sheer curiosity, what is it about your new environment that requires you to use open source tools? Don't get me wrong, I'm an advocate of open...
ron@...
Feb 27, 2007 2:49 pm
2433
For browser cache you can use Mandiant's tool: WebHistorian. It's free at this time and does a decent job. It's not the most straight forward but as long as...
I'll give it a go, thanks. ... ____________________________________________________________________________________ The fish are biting. Get more visitors on...
Extract does a good job with ms metadata. If you are using debian it is apt-getable. ... -- There is no reason for any individual to have a computer in his...
... bash scripting is handy. I use this onliner format all the time: file * | grep -i jpeg | cut -f 1 -d ':' | while read i; do mv "$i" jpegs; done i.e. type...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
