General Discussion: Evidence bag supplier?
These are huge http://www.copshopuk.com/acatalog/Generic_Evidence_Bag_Bulk.html I've used them before and you can get a very large tower PC in them. Good delivery times too.
View ArticleGeneral Discussion: CCTV Backup and Imaging Strategies
Hi, I have a number of Intellex systems that need to be imaged or backed up. Each system has no means of producing a full backup. Selected frames can be exported to DVD's but thats it. The CCTV systems...
View ArticleGeneral Discussion: QNX OS
Hi all, I have a case which has involved the removal of a multi-media system from an AUDI A5. The system is a Harman automotive MMI 3G. Which contains a sat-nav capability. Which is the element I am...
View ArticleGeneral Discussion: Last Accessed -- Win7
JimGill wrote: How else could one determine if a picture was opened (let's presume it's not in the recent files listing)? As mentioned, LNK files are a possibility. Jump Lists are a pretty big one....
View ArticleGeneral Discussion: Help to Identify Data
Can you post a hex view (as in, how it would look if opened in a hex editor) of this data, or a portion of it?
View ArticleGeneral Discussion: Preservation of Terminated Employee Data Questionnaire
Doug, Is this something that you're trying to do for internal purposes, or is it something that you're putting together for a customer?
View ArticleGeneral Discussion: screen capture software
camtasia and snagit are the best ones out there. there are some free ones, but they dont work as well.
View ArticleMobile Phone Forensics: Locked Galaxy S3
Thanks RonS for the useful information regarding Samsung SIII/ s3.
View ArticleGeneral Discussion: CCTV Backup and Imaging Strategies
First maybe contact the manufacturer first, not the vendor. If the harddisks are encrypted maybe it is possible to extract the encryption keys (the keys needs to be stored somewhere) and (like you...
View ArticleDigital Forensics Job Vacancies: Technical Cyber Security Investigator, UK
[b]Job title: Technical Cyber Security Investigator Date: 28/02/2013 Ref: VR/00317 Location: South East Rewards: £28,000 - £47,000 and company benefits Start date: ASAP Role summary: A leading and...
View ArticleClassifieds: C-SURV Cell Site Analysis Equipment For Sale
C-Surv Cell Site Analysis Equipment for sale Excellent Condition Fully Working Updated recently Software / Hardware If Interested PM
View ArticleGeneral Discussion: dc3dd vs dd
ForensicInsider wrote: 1) By using apt-get , am I right that unallocated space will be allocated to install it? 2) If so, how would we justify that it's the best method used since we did modification...
View ArticleGeneral Discussion: Last Accessed -- Win7
fuzed wrote: I normally look at the file access history stored within the user area 'ntuser.dat' file - some refer to it as the internet history. Can you provide a key or path to where you look? I'm...
View ArticleGeneral Discussion: QNX OS
We're making some progress but no success yet. The windows tool has not been updated for some time and does not support the version of QNX we are looking at. SANS SIFT dosen't appear to support it....
View ArticleGeneral Discussion: Encrypting Acquisition Drives?
I know of one company that sent a suposedly wiped disk to a police force who later discovered evidence of a previous case. If someone needs a drive to put evidence onto they get a new one shipped...
View ArticleForensic Software: Splunk alternatives
Try Kiwi Syslog server. The free version is good, but doesn't come with the agent software. You can get round this by setting up SNMP trapping. Which leads to the question as to what it is your're...
View ArticleDigital Forensics Job Vacancies: PwC New Zealand - Manager – Forensic Technology
The website doesn't really give any extra information beyond the standard 'corporate' spin. Any indication of salary?
View ArticleForensic Software: Private Browsing Forensic Analysis Project Help
Are you friends with iDan? http://www.forensicfocus.com/Forums/viewtopic/t=10287/
View ArticleGeneral Discussion: QNX OS
Looks like we cracked it using the following method: Booted into a QNX OS (http://www.qnx.com/products/neutrino-rtos/neutrino-rtos.html) via a live boot CD. Restored the original image from the Audi...
View ArticleGeneral Discussion: Safend Decryption & Forensic Acquisition
To my knowledge decryption of Safend on the fly isn't supported by the Forensic suites. You'll need to use the recovery tools and the relevant credentials to gain access.
View Article