Forensics
Macintosh Forensic Analysis Using OS X
The purpose of this paper is to describe sound forensic techniques as they pertain to the Macintosh. In order to accomplish this task, I must first describe basic forensic techniques ...
Document added on March 19, 2011Adventures in Computer Forensics
What exactly do forensic analysts do? How can this type of work help law enforcement or corporate security managers? If you want to solve a puzzle isnÂ’t it often best ...
Document added on Feb. 4, 2011A Case for Forensics Tools in Cross-Domain Data Transfers
Corporate and government organizations dependence on computers and networks for storage and movement of data raises significant security issues. Two of these are movement of data across security domains (cross-domain) ...
Document added on April 2, 2011The Field Guide for Investigating Computer Crime: Search and Seizure Planning Part Four
In our last article, Search and Seizure Basics, we discussed six fundamental rules that an investigator should always have in mind when performing a search and seizure. Primarily, these rules ...
Document added on May 23, 2011The Field Guide for Investigating Computer Crime: Search and Seizure Approach,Documentation, and Location Part Five
In our last article, Search and Seizure Planning we examined the process of readying for a search and seizure. In particular, we looked at the importance of being prepared to ...
Document added on Feb. 16, 2011The Field Guide for Investigating Computer Crime, Part Six: Search and Seizure - Evidence Retrieval and Processing
In our last article,"Search and Seizure: Approach, Documentation, and Location" we saw how a team of investigators interacts with the computer crime scene during the stages of securing and documenting ...
Document added on June 12, 2011The Field Guide for Investigating Computer Crime, Part Seven: Information Discovery - Basics and Planning
Earlier in the Field Guide for Investigating Computer Crime, we outlined the two major parts of our investigative methodology: search and seizure, and information discovery (for more the details, please ...
Document added on May 21, 2011The Field Guide for Investigating Computer Crime, Part Eight: Information Discovery - Searching and Processing
This is the eighth and final article in Field Guide for Investigating Computer Crime. In our last installment, Information Discovery - Basics and Planning, we briefly compared the physical search ...
Document added on Jan. 13, 2011Forensic Analysis of a Live Linux System, Part One
During the incident response process we often come across a situation where a compromised system wasn't powered off by a user or administrator. This is a great opportunity to acquire ...
Document added on March 6, 2011Forensics on the Windows Platform, Part One
Forensic examination of computer systems is commonly carried out by trained investigators using specialist hardware and software. The popularity of the Windows operating systems on both desktops and servers has ...
Document added on June 9, 2011