Home About This Site Kudos What's New Digital Forensics BIBLIO OS Specific Articles Other Resources Links to Links

February 2003 Within the Bibliography section Bird, Dr. Tina Finding the Forest in Your Trees: What Audit Logs can Tell You about Your Network [PDF] October 2001 Carrier, Brian Open Source Software in Digital Forensics [Presentation in PDF] October 2002 Craiger, J. Philip, Alex Nicoll & Blaine Burnham An Applied Course in Network Forensics [PDF] September 2002 Erbacher, Robert F. Computer Forensics: Training and Education [PDF] Garfinkel, Simson L. & Abhi Shelat Remembrance of Data Passed: A Study of Disk Sanitization Practices January 2003 Jones, Keith Forensic Analysis of a Compaq RAID-1 Array and Using dd with EnCase v3 September 2002 Forensic Analysis using FreeBSD - Part 1 October 2002 Kornblum, Jesse Simple but Sound Tools for First Responder [PDF] January 2003 Leibolt, Gregory Forensic Analysis of a Windows 95 System [Word document] April 2002 Lenkey, Gideon Building a Jump Kit January 2002 This document describes how to make a 'jump kit' for investigating Linux systems that are potentially compromised. Morris, Jamie Forensics on the Windows Platform, Part One January 2003 Forensics on the Windows Platform, Part Two February 2003 Morris, Rod An Introduction to Computer Forensic Tools October 2002 Murphy, Keven GIAC Certified Forensic Analyst Practical Assignment v1.0 [PDF] Newville, Lanny L. Cyber Crime and the Courts - Investigation and Supervising the Information Age Offender [PDF] September 2001 Norvill, Trevor Auditing and Event Correlation [PDF] Willingham, James E. IP Addresses and You [PP Presentation] Within Resources / Other Tools section Davory (Demo available) Davory undeletes files and recovers files from logically damaged or formatted drives; from the makers of WinHex DriveLook (Shareware) DriveLook is a powerful forensic drive investigation and search tool. DrvClonerXP & DrvImagerXP Discontinued Due to inconsistent results Evidor: The Evidence Collector Evidor retrieves the context of keyword occurrences on computer media, in Windows swap/paging and hibernate files, unallocated space and slack space; from the makers of WinHex JPEG Dump 1.18 (Freeware) Dumps Smart Media or Compact Flash To An Image File; Scans File and Recovers Erased JPEG files md5deep (Freeware) Computes MD5 message digests on an arbitrary number of files. rda - Remote Data Acquisition utility (Freeware) A command line Linux tool to remotely acquire data (like disk cloning or disk/partition imaging) and verify the transfer using md5 and/or crc32 checksums. The program is both the server and the client. Within Biblio / Audio & Video section Larson, Scott L. Overview of FBI Computer Investigations (47 minutes) Streaming Video Source http://www.4law.co.il/241.ram © 2003 All rights reserved