AttackPrevention: Forensics: Whitepapers and Tools

Definition of Forensics
What is Forensics?
Computer forensics is the process of investigating data processing equipment-- typically a home computer, laptop, server, or office workstation-- to determine if the equipment has been used for illegal, unauthorized, or unusual activities. It can also include monitoring a network for the same purpose.

Most Popular Sponsor
Backup & Recovery - Top 10 Reasons to Upgrade

Forensics

Forensic Tools

Computer Forensics: Introduction to Incident Response and Investigation of Windows NT/2000 The purpose of this paper is to be an introduction to computer forensics. Computer forensics is a newly emerged and developing field which can be described as the study of digital evidence. Read the Article
Developing a Computer Forensics Team Efforts to establish sound information assurance programs are rapidly evolving due to increased connectivity, enhanced technology, and the continuous introduction of operating and application systems. Read the Article
Expert vs. Expertise: Computer Forensics and the Alternative OS No longer a dark and mysterious process, computer forensics have been significantly on the scene for more than five years now. Despite this, they have only recently gained the notoriety they deserve. Read the Article
Making It Big: Large Scale Network Forensics (Part 1 of 2) Computer forensics have hit the big time. A previously superniche technology, forensics have moved into the collective consciousness of IT sys. admins. and Corporate CSOs. Read the Article
Making It Big: Large Scale Network Forensics (Part 2 of 2) Proper methodology for computer forensics would involve a laundry-list of actions and thought processes that an investigator needs to consider in order to have the basics covered. Read the Article
Linux Data Hiding and Recovery Just when you thought your data was removed forever, Anton Chuvakin shows us how to recover data and even how data can surruptitiously be hidden within space on the filesystem. Read the Article
The Future of Computer Forensics: A Needs Analysis Survey The current study was a pilot study and attempted to add to the growing body of knowledge regarding inherent issues in computer forensics. The study consisted of an Internet based survey that asked respondents to identify the top five issues in computer forensics. 60 respondents answered the survey using a free form text field. Read the Article
Using Linux VMware and SMART to Create a Virtual Computer to Recreate a Suspect's Computer This paper donated by Andrew Rosen of ASRData, details '...a step-by-step procedure on how to create a virtual computer out of your suspect's machine and image your suspect's machine at the same time for forensic analysis.' It is a system called SMART forensics. Read the Article
FTP Attack Case Study Part I: the Analysis This article presents a case study of a company network server compromise. The attack and other intruder's actions are analyzed. Lessons on designing and implementing security are drawn from the case (to be presented in the second part of the article). Computer forensics investigation is undertaken and results are presented. The article provides an opportunity to follow the trail of incident response for the real case. Read the Article
FTP Attack Case Study Part II: the Lessons This article presents part II of a case study related to a company network server compromise. Lessons on designing and implementing security are drawn from the case. Computer forensics investigation was undertaken and results are presented. The article provides an opportunity to follow the trail of incident response for a real case. We will organize the case study based on the prevention-detection-response metaphor. For example, how to prevent future incidents of that kind? What technological means do we need to detect them? How to effectively respond to them? Read the Article

Page: 1 2 3 4 5

Members currently browsing this category: