Sign in to follow this  
Followers 0
StankDawg

New download: Binary Revolution Radio - Binary Revolution Radio - 149

1 post in this topic

File Name: Binary Revolution Radio - 149 - Digital Forensics

File Submitter: StankDawg

File Submitted: 28 Jan 2010

File Category: Binary Revolution Radio

Original Release Date: 2006-05-23

Hosts: StankDawg & tehbizz

tehbizz has been writing a few articles check out <a href="http://561.binrevmeetings.com">561 binrev meeting site</a>, if you want to start your own binrev meeting email 411 -at- binrevmeetings /dot/ com, <a href="http://www.hacktv.org">HackTV</a> is now it's own separate site/domain, check out <a href="http://www.plain-text.info">plain-text.info</a>, the HackTV link on the main page is now forwarding properly, also check out the <a href="http://www.digitaldawgpound.org">DDP Blawg(Blog)</a>, Email about <a href="http://dban.sourceforge.net/">DBAN</a> when a file is deleted the pointer is just deleted not the file, the file is only really "deleted" when it is rewritten to, <a href="http://www.guidancesoftware.com/products/ef_index.asp">EnCase</a> is the industry for forensic recovery and it is very hardware intensive, common standards for wiping a drive are 3 pass 7 pass and 35 pass, EnCase is not the end all be all as people believe it is a huge program that supports almost every file system known to man as well as a scriptable api based on java and C++, <a href="http://www.porcupine.org/forensics/tct.html">TCT</a> is an open source solution for forensic recovery it was the first competitor to EnCase, <a href="http://www.sleuthkit.org/">The Sleuth Kit</a> is based on TCT, autopsy is it's front end, the first step in a forensic investigation is to make a forensic image of the hard drive, a write blocker is used to ensure data integrity, Encase includes Fastblock SE, <a href="http://biatchux.dmzs.com/">FIRE</a> is a linux live cd for forensics, <a href="http://www.e-fense.com/helix/">Helix</a> is another security live cd with a windows partition on the disk for live data analysis, incinerating the drive is the best way to make sure data on a drive is not recoverable, <a href="http://linux.about.com/library/cmd/blcmdl1_shred.htm">shred</a> is another tool that is found in most linux distribution and is for file deletion but has limitation, <a href="http://www.thc.org/releases.php">THC secure delete</a> another tool for secure deletion of files.

Click here to download this file

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0