I apologize in advance for the all-caps message...but this post is derived from a National Law Enforcement Telecommunications System (NLETS) message that I...
Have a hard drive here (off a laptop) that's alleged to have uploaded a film to a Web Page (and or sent by email) - (I'm still imaging so not looked at the...
... The short answer is "Yes". Using a TV capture card (a cheap one is about $30) a person can capture the video from the camera and convert it to formats such...
Preston Boyington
PBoyington@...
Oct 1, 2004 7:32 pm
831
Ian I also found very little on this camera. There is a feature breakdown at http://www.supersonic.com/pvl657.htm and there is a manual available through...
M J wrote: <snipped> ... there are several that are USB. one that comes to mind is here: http://www.hauppauge.com/html/usb_data.htm Preston...
Preston Boyington
PBoyington@...
Oct 1, 2004 8:26 pm
833
... Theoretically yes, likely that it's direct, no. They most likely used some sort of adapter, an Adaptec unit, or a Dazzle unit. Or a capture card....
Thanks Preston, Martin & Tony. All good advice and it's helping me a lot. I appreciate it. ~~~ PS: That WinTV-USB thing looks good!! I'm going to go out & buy...
It's being alleged that a drive was thrown into a computer just before Law Enforcement seized the computer, ie: client heard they were coming and they found...
... I don't think so because on my tests the drives won't boot to start with, let alone hit the registry. I did hear that it is set in a particular sector of...
... well my guess would be somewhere in the MBR...I would assume this because it must check the hardware etc before it boots...dont really know either...
Ian Take a look at http://aumha.org/win5/a/wpa.htm In particular, there is a section on reformatting a disk and a tool to transfer the first sector. It gives...
It's always been my impression that, since NT4, Windows builds its kernel based on the hardware in existence at the time the OS is installed, then builds onto...
Thanks Martin.. That explained it for me. ~~~~ For your question: "How computer literate is the client? Would he know enough about computers to have used a...
... they ... because ... Possibly the client didnt do the crime either. Guess they need to base their judgements on evidence present. ... the ... Thats the...
... Nope. All the contents on the NT cd's are pre-built binaries. ... An OS is merely the sum of the files on the disk, and nothing more. There is no magic...
What Enda states is correct. I have very recently rebuilt a client's machine (laptop) that I had imaged for a case in which he was involved. Lucky for him I...
Hello all, Long time lurker, first time poster. I've been tasked with examining a hard drive running an unknown Windows system for the Prosecutors office in a...
... Cor!! Crisis Negotiator!!! My wife could do with your assistance on a daily basis!! :-) ~~~~ Anyway,, back to the question: There's a few ways to do this...
This information may or may not be helpful with your case...but Windows XP does keep track of mounted volumes in the System Hive of the registry. This...
See...should have proof read better before I hit the send key.....Didn't hit me that I mistyped the info until after!!! Exchange 8 bytes for 4 bytes and 12...
I saw an iLook report today that showed: ~~~~ MT001I Beginning Ext2FS mapping for partition (11) MT024E Failed to map partition (11) MU027E Error detected...
Refinancing your home has never been easier and more profitable. Our staff works exclusively to save you as much money as possible on any home loan. We secure...
Quoting: "IanC" ... 11 ... I guess you'd need to be LEO to know that answer for certain, however, it would be correct forensic procedure to document everything...
... Well yes I totally agree that we should look at all angles but if LE have something that at a press of a button will see all possible available partitions...
... Maybe you're better off the way you are. Just because a software package reports it has done it, doesn't necessarily mean that the best current thinking...
here here an excellent point ... From: "IanC" <saladin@...> To: <linux_forensics@yahoogroups.com> Sent: Monday, October 04, 2004 7:57 PM Subject: RE:...
A long time ago I had some interesting experiences with partition reading "tools". I used testdisk and gpart and both found either incorrect information...
Hi friends, I would like to know best recommended tools(open source and commercial) for internet and e-commerce related crime analysis.Your comments would be...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
