File Name: Binary Revolution Radio - 149 - Digital Forensics
File Submitter: StankDawg
File Submitted: 28 Jan 2010
File Category: Binary Revolution Radio
Original Release Date: 2006-05-23
Hosts: StankDawg & tehbizz
tehbizz has been writing a few articles check out <a href="http://561.binrevmee...etings.com">561 binrev meeting site</a>, if you want to start your own binrev meeting email 411 -at- binrevmeetings /dot/ com, <a href="http://www.hacktv.or...org">HackTV</a> is now it's own separate site/domain, check out <a href="http://www.plain-tex...n-text.info</a>, the HackTV link on the main page is now forwarding properly, also check out the <a href="http://www.digitalda...gpound.org">DDP Blawg(Blog)</a>, Email about <a href="http://dban.sourcefo....net/">DBAN</a> when a file is deleted the pointer is just deleted not the file, the file is only really "deleted" when it is rewritten to, <a href="http://www.guidances...asp">EnCase</a> is the industry for forensic recovery and it is very hardware intensive, common standards for wiping a drive are 3 pass 7 pass and 35 pass, EnCase is not the end all be all as people believe it is a huge program that supports almost every file system known to man as well as a scriptable api based on java and C++, <a href="http://www.porcupine...t.html">TCT</a> is an open source solution for forensic recovery it was the first competitor to EnCase, <a href="http://www.sleuthkit.org/">The Sleuth Kit</a> is based on TCT, autopsy is it's front end, the first step in a forensic investigation is to make a forensic image of the hard drive, a write blocker is used to ensure data integrity, Encase includes Fastblock SE, <a href="http://biatchux.dmzs....com/">FIRE</a> is a linux live cd for forensics, <a href="http://www.e-fense.c...lix/">Helix</a> is another security live cd with a windows partition on the disk for live data analysis, incinerating the drive is the best way to make sure data on a drive is not recoverable, <a href="http://linux.about.c....htm">shred</a> is another tool that is found in most linux distribution and is for file deletion but has limitation, <a href="http://www.thc.org/r...leases.php">THC secure delete</a> another tool for secure deletion of files.
Click here to download this file
New download: Binary Revolution Radio - Binary Revolution Radio - 149
No replies to this topic
BinRev is hosted by the great people at Lunarpages!