Michael James on 7 Apr 2006 15:20:23 -0000 |
For an examination of a Blackberry device, try this: http://www.rh-law.com/ediscovery/Blackberry.pdf (somewhat dated, but a good read) The information in this message may be proprietary and/or confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify Stonebridge Bank immediately by replying to this message and deleting it from your computer. >>> "Jon Nelson" <quincy@linuxnotes.net> 4/6/2006 11:34 am >>> Ronald Kaye Jr said: > Hello all: > > I have been tasked with leading a group of networking students in the > study of computer forensics. I have been around for awhile, and am > familiar with operating systems, > and just alot stuff about them. > > I would appreciate any input/expertise on tools, methodologies, > organizations, etc. Ronald, I take it that since you are posting to this list you are interested in using Linux as much as possible. I have been conducting computer forensics since 1998 and here is some info that should be helpful to you and your students. A great forensics toolkit is Sluethkit and Autopsy which can be found here: http://sleuthkit.org/ That site also has a lot of good info in their publication "The Informer". A couple of bootable forensic CD's are: http://www.linux-forensics.com/downloads.html http://www.e-fense.com/helix/ http://www.remote-exploit.org/index.php/Auditor_main A couple of good books are: * File System Forensic Analysis (Paperback)by Brian Carrier ISBN: 0321268172 * Digital Evidence and Computer Crime, Second Edition (Hardcover)by Eoghan Casey ISBN: 0121631044 * Incident Response and Computer Forensics, Second Edition (Paperback) by Chris Prosise, Kevin Mandia, Matt Pepe ISBN: 007222696X * Network Intrusion Detection (3rd Edition) (Paperback) by Stephen Northcutt, Judy Novak ISBN: 0735712654 Even thought it is a Windows based product there is some good information at: http://encase.com/support/articles/index.asp Finally there is a pretty cool commercial product that incorporates the ability to use Perl scripts: http://www.techpathways.com/DesktopDefault.aspx?tabindex=3&tabid=12 I would be happy to talk to you more offlist if you would like. Jon ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|