± Forensic Focus Partners
± Your Account
|New Today: 0||Overall: 33043|
|New Yesterday: 0||Visitors: 179|
± Latest Jobs
± Latest Articles
± Latest Webinars
ReviewsBack to top Back to main Skip to menu
Advanced Live Forensics & RAM Analysis Training
Worcester University, UK, Oct 20th - 22nd 2009
Course run by Nick Furneaux, CSI Tech.
Perhaps the biggest changes and advances in computer forensics over the last few years have come from the collection and subsequent analysis of volatile data from running systems. Look back just 3 years ago or so and you’ll see a profession where the widely accepted view was that if you were to find your target computer on, you’d pull the power. The turnaround in approach is such that to take that approach now could even be considered negligent; for by pulling the power before you’ve collected the volatile data you’re quite likely to be destroying a whole mass of incredibly useful data. more ...
Helix 3 Enterprise (H3E) is e-fense’s flagship investigation suite pitched at a similar level as EnCase Enterprise or Access Data Enterprise. It’s aimed at organisations which need to be able to carry out incident response, forensics and e-discovery functions over networks. H3E facilitates centralised incident response, imaging of drives and volatile data and also enables scans and searches of a user’s internet history and documents on any computer which has had the H3E Agent pre-installed on it. The integrity of data in transit and within the H3E database is ensured through 256-bit AES encryption. more ...
Digital evidence needs to come from somewhere, right? It doesn’t appear, “forensically sound”, from out of the blue. And the phrase “forensically sound” is key – the evidence needs to be acquired in a manner that ensures that the process doesn’t modify the evidence in any manner. There are exceptions to this – cell phones and live acquisitions come to mind – but even then, the process should be minimally invasive.
The key to this acquisition process is the ubiquitous write blocker, probably the most important tool in any acquisition kit. A write blocker was my first forensics hardware purchase and I keep my collection of write blockers up to date religiously. more ...
Cyberstalking is the new urban terror – the message rang home loud and clear at the Digital Safety Conference in London last week (Friday).
For although, in Cyberspace, no-one hears you scream, increasing numbers of people are getting off on imagining it.
The evils of instant communication – texting, live chat, social networking – were laid out in lurid detail before delegates meeting in a brick-lined space known as The Brewery, near the city’s Barbican.
Tales of horror: physical threats and psychological manipulation, poured out. The family pursued relentlessly via emails, bulletin board postings and websites dedicated to damaging their names for more than five years. The teenager who suffered Post Traumatic Stress Syndrome following a campaign of anonymous texts. The Information Age exposed in all its gory. more ...
Product: Live Response®
Version: 2009 Release 3
Price: $499.95 (16GB version)
e-fense is best known for the Helix3 Incident Response and bootable Live CD. Helix3, created by forensic specialist Drew Fahey, was a donation-ware Linux LiveCD distribution designed specifically for digital forensics and based on the popular Knoppix and then Ubuntu distributions. It contained many forensic and security related tools designed to aid in the recovery and analysis of digital evidence in live and post-mortem (powered off) computer examinations. There were tools to analyze Windows and Linux file systems like Ext2/Ext3, and even the less common Reiser FS, JFS and XFS. more ...