Dear all,
I was wondering if everyone could participate in this topic, where all the important (logs,databases etc..) of most mobile devices will be mentioned. For example identifying the important databases and logs that a forensic investigator should look at while investiagting.
For instance, On Nokia Series 40 ( logs are only stored for 30 days, therefor it is recommended you perform your analysis instantly after a crime occurs.
A Database that is important in a Nokia while investigating is the (Ms_del.dat) database that include chunks of the deleted messages and so on, how do you read that database?
Databases that are important in Android, sms_db and mmssms_db , those two files include good information of the messages deletes, and so does logs.db .
For iPHone, sms.db (includes some deleted messages)
RIM ???
Please share your knowledge, TIPS while performing mobile forensics.
Is there a way an investigator can know if a mobile has recently been formatted?
Logs that indicated the first date of usage, and last date of usage?
↧