Persistence of data on storage mediaJamie Ridden discusses the re-use of storage media and how slack space can prevent sensitive data from being completely removed. 2007-06-26 http://www.securityfocus.com/infocus/1891
Notes On Vista Forensics, Part TwoIn part one of this series we looked at the different editions of Vista available and discussed the various encryption and backup features which might be of interest to forensic examiners. In this article we will look at the user and system features of Vista which may (or may not) present new challenges for investigators and discuss the use of Vista itself as a platform for forensic analysis. 2007-04-13 http://www.securityfocus.com/infocus/1890
Notes On Vista Forensics, Part OneThis article, the first in a two-part series, takes a high level look at what we know now about those changes in Windows Vista which seem likely to have the most impact on computer forensic investigations, starting with the built-in encryption, backup, and system protection features. 2007-03-08 http://www.securityfocus.com/infocus/1889
Wireless Forensics: Tapping the Air - Part TwoThis two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part two focuses on the technical challenges for wireless traffic analysis, advanced anti-forensic techniques that could thwart a forensic investigation, and some legal considerations for both the U.S. and Europe. 2007-01-08 http://www.securityfocus.com/infocus/1885
Wireless Forensics: Tapping the Air - Part OneThis two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part one of this article focuses on the technical details and challenges for traffic acquisition, and provides design requirements and best practices for wireless forensics tools. 2007-01-02 http://www.securityfocus.com/infocus/1884
Packet forensics using TCPThis article looks at TCP packet forensics and examines why sequence and acknowledgement numbers can be useful during an investigation. 2005-08-16 http://www.securityfocus.com/infocus/1845
Web Browser Forensics, Part 2Part 2 of this web browser forensics series looks at reconstructing Mozilla Firefox' cache in order to catch an internal hacker using an administrator's account. 2005-05-11 http://www.securityfocus.com/infocus/1832
Web Browser Forensics, Part 1This article provides a case study of digital forensics, and investigates incriminating evidence using a user's web browser history. 2005-03-30 http://www.securityfocus.com/infocus/1827
A Method for Forensic PreviewsThis article explains the forensic preview process, whereby a production machine is left as undisturbed as possible while it is evaluated for potential intrusion and compromise. 2005-03-16 http://www.securityfocus.com/infocus/1825
Windows NTFS Alternate Data StreamsThe purpose of this article is to explain the existence of alternate data streams in Microsoft Windows, demonstrate how to create them by compromising a machine using the Metasploit Framework, and then use freeware tools to easily discover these hidden files. 2005-02-16 http://www.securityfocus.com/infocus/1822 |
|
|
Privacy Statement |
