Mobile Phone Forensics: RF shielding
Thank you for the information you provided. MarijeNFI wrote: o For transportation we generally advise the police to use aluminum foil, wrapped first neatly and then randomly around the phone, or a...
View ArticleGeneral Discussion: BSOD - Windows 7 image with checkpoint
Quote:: 99.99% of cases it is a missing (or badly configured in the Registry) hard disk controller driver. Spot on jaclaz, I've managed to get the vm to run by editing the following registry settings:...
View ArticleForensic Software: Incident Response toolkit for a linux machine
Do you have to examine the 'live' system? Any reason why you couldn't use a live boot disc like Paladin or any of the other Linux based live distros that are out there and then conduct the examination...
View ArticleGeneral Discussion: Retrieving the web pages containing links to a web site
Belkasoft wrote: Google will probably give you the most extensive list anyway. Not a complete list of course (this would not be possible, even theoretically, whatever search engine you use), but quite...
View ArticleGeneral Discussion: QNX OS
Colin2030 wrote: A bit of Googling for the right terminal commands got round this. If you could add WHICH EXACTLY were these terminal commands you found would have been great. I don't understand the...
View ArticleGeneral Discussion: Investigating IT
Investigating the IT weenies who think they know best is always my favorite type of investigation. Be as stealthy as possible; assume that they can detect all of your actions; which includes...
View ArticleMobile Phone Forensics: RF shielding
MarijeNFI wrote: Having a battery pack would definitely fix requirement two, though temperatures in the tin box might become too high for the mobile phone(s) since there is no ventilation. Hmmm, I...
View ArticleMobile Phone Forensics: Starting Research Center for Mobile Phone Forensics
Parag, You need a Yahoo ID to access the group's page, but the actual email you use for correspondence cannot be a Yahoo email account. This is mainly a limitation of Yahoo Groups, as to sign up for...
View ArticleGeneral Discussion: Skydrive usage
This might help (first link returned on a Google search): http://computer-forensics.sans.org/summit-archives/2012/recovering-digital-evidence-in-a-cloud-computing-paradigm.pdf
View ArticleGeneral Discussion: CCTV Backup and Imaging Strategies
What are the images going to be used for? For forensic analysis? If yes, then usage should be stopped used immediately. At each second of usage, previous videos are being wiped with new videos. Most...
View ArticleForensic Software: DFF 1.3.0
So, free for Linux 32/64 bit installers. Costs for Windows 64bit that's messed up. solal wrote: Hello, Digital Forensics Framework 1.3 has just been released, there is lot of new features and bug fixes...
View ArticleForensic Software: DFF 1.3.0
Hi, You must know that DFF is open-source and links with others open-sources libraries , building a 64 bits package of DFF and all its dependencies (moreover some don't directly provide 64 bits...
View ArticleMobile Phone Forensics: Secure wipe and iphone forensics
Sildeh wrote: Sorry to just jump in here but @Bulldawg, do you have any idea how long the time period is before it decides to purge the database? I was also unaware of this, thanks. Unfortunately, I do...
View ArticleForensic Software: Creating a keyword from the image
Just my two cents... I have found that FTK normalizes the dictionary which could be an issue if you're after an 'as typed' password. Oddly, DTsearch has the option of creating a case sensitive keyword...
View ArticleMobile Phone Forensics: Query - Advanced MPE+ / FTK Course in the North
Would you be interested in an advanced mobile forensic course based on AccessDatas MPE+ but held in the north instead of London? I am trying to generate interest at this stage.
View ArticleGeneral Discussion: How to prove keylogger sent logs via email
Chances are it sends email during down time (a guess). Therefore you may find something in volatile-related places (page file, hybersys).
View ArticleForensic Software: POLL Time to upgrade to EnCase 7 or not *** STILL ****
mitch wrote: I have a monster of a PC however, silly things like I use 4 monitors and last I heard was you cant split the screens. Processing is a issue, but i think will always be one, and will...
View ArticleMobile Phone Forensics: Samsung Tocco Lite Decode
This specific model physical extraction is without the NAND flash spare area. This means that a file system cannot be reconstructed and you can only use carving to get data out of this model physical...
View Article