Home About This Site Kudos What's New Digital Forensics BIBLIO OS Specific Articles Other Resources Links to Links

July 2003 FEATURED SITE(S) Cyber Tools On-Line Search for Evidence Past Updates February 2003 March 2003 April 2003 May 2003 June 2003 Within the Bibliography section Baca, Ernest Intro to Linux for Cyber Crime Investigators and Computer Forensic Examiners [PP Presentation] 2003 KNOPPIX Bootable CD Validation Study for Live Forensic Preview of Suspects Computer [PDF] 2003 Beebe, Nicole L. Computer Forensics; The Business Case August 2002 Requisite Policy to Support Digital Forensics: Acceptable Use Policy [PDF] January 2003 Björsell, Emil J.V. An Introduction to The Coroners Toolkit January 2001 Brown, Christopher L. T. & Daniel A. Libby Digital Discovery: It’s more than email [Zipped PDF Presentation] Burke, Joseph Windows Forensic How-to: Incident Response Plan for Abuse of Corporate Assets [PDF] February 2003 Clifton, Chris Forensics [PP Presentation] April 2003 Discusses The Coroners Toolkit Deno Cloning Disks the Unix Way Dietz, Steven D. ISObuster as a Forensic Tool (GFCA Practical) [Word documnet] September 2002 Endorf, Carl F. Running an IT Investigation in the Corporate Environment [PDF] February 2003 FIRST FIRST Incident Response and Forensics Guide [PDF] March 2003 Green, Robert P. Computer Sleuth - Beating down the evidence trail with computer forensics April 2003 Internet Crime Forum Principal Current Data Types [PDF] March 2003 Johansson, Christian Computer Forensic Text Analysis with Open Source Software [PDF] June 2003 Leibrock, Larry Digital Information, User Tokens, Privacy and Forensics Investigations: The Case of Windows XP Platform [PDF] May 2003 McMillon, Matthew Building a Low Cost Forensics Workstation [PDF] April 2003 O'Connor, Zot Computer Forensics Workshop [PP Presentation] February 2003 Phreak Accident Playing Hide and Seek, Unix style Rose, Curtis W. Windows Live Incident Response Volatile Data Collection: Non-Disruptive User & System Memory Forensic Acquisition Sassinsky, Jeffrey Beyond the Usual Suspects - Finding Data in Secret Spots November 2002 Caught in the 'Net' - How Law Enforcement Uses Computer Forensics in Modern Investigations March 2003 Cyberclues - Making the Case for Using Computer Evidence September 2002 Schwartz, Matthew Unleash the Cyberhounds! April 2002 Schweitzer, Douglas Incident Response: Computer Forensics Toolkit Sample Chapter: Chapter 1: Computer Forensics and Incident Response Essentials [PDF] SecureCode Forensics: Understanding File Recovery Process May 2003 Forensics: Understanding Partition Recovery Process May 2003 Slashdot Bootable Linux Demo Distro - Knoppix Discussion thread Sheldon, Andrew IT Forensic Investigation [PP Presentation] April 2003 Wilding, Edward Operation Ore – The Tip of the Iceberg? [PDF] March 2003 (UK's largest ever police hunt against internet paedophiles) Within Audio/Video section Memon, Nasir Challenges in Computer Forensics Streaming Video Source & Slides in PDF http://media.poly.edu/realmedia1/wicat_catt2002/ RiVaL An overview of data recovery techniques June 2001 Audio (Part 1) MP3 Source (16.1M) http://www.2600.org.au/misc/files/seminars/2001-06-June/rival-part1.mp3 Audio (Part 2) MP3 Source (2.8M) http://www.2600.org.au/misc/files/seminars/2001-06-June/rival-part2.mp3 Data tape recovery theory November 2001 How do the tools and practices of data recovery differ when we are working with tape-based media? MP3 Source (8.6M) http://www.2600.org.au/misc/files/seminars/2001-11-November/rival.mp3 The Coroners Toolkit & Forensic Analysis of Unix Systems October 2001 Introduce, discuss and demonstrate The Coroners Toolkit and related software in the contents of forensic analysis of Unix systems. MP3 Source (10.1M) http://www.2600.org.au/misc/files/seminars/2001-10-October/rival.mp3 Within Resources / Other Tools section FLAG - Forensic and Log Analysis GUI [Free] FLAG was designed to simplify the process of log file analysis and forensic investigations. Often, when investigating a large case, a great deal of data needs to be analysed and correlated. Flag uses a database as a backend to assist in managing the large volumes of data. This allows flag to remain responsive and expedite data manipulation operations. Gemulator Explorer [Free] Allows a Windows computer to read Atari ST and Apple Macintosh formatted disks. Lost MS Word Documents [Free] Last resort undeleter for MS Word documents. Finds, identifies, and recovers files when file system pointers are lost and files cannot be retrieved by conventional undeletion methods. Small, simple, but very powerful little program. For FAT file systems. ODESSA [Free] The Open Digital Evidence Search and Seizure Architecture is a cross-platform framework for performing Computer Forensics and Incident Response. TEN Forensics Toolkit [Free] Ten is a free-software forensics package for the GNU/Linux system. It provides a GUI frontend to standard command-line utilities to assist the Anchorage Police Department in the forensic examination of GNU/Linux systems using the ext2 and derived filesystems. X-Ways Trace 1.1 [Demo available] A computer forensics tool that allows to track and examine the web browsing activity that took place on a certain computer. ZefrJPG [Free] Recovery of JPG files lost to the Love Letter worm or its variants on FAT or NTFS file systems (thanks to Robert Green @ http://personal.atl.bellsouth.net/~lasrpro) Zero Assumption Digital Image Recovery [Free] Zero Assumption Digital Image Recovery is a freeware data recovery tool, specifically designed to work with digital images. It allows you to recover digital photos accidentally deleted from digital camera memory. Within Legalese section Claypoole, Theodore F. Coping with Electronic Data Discovery Issues February 2003 Kashi, Joseph L. Systematic Discovery and Organization of Electronic Evidence February 2003 Kolstee, R. Anthony Search, Seizure, and Monitoring: Considerations of Federal Law in Investigating Incidents [PP Presentation] Pike & Fischer cybercrime LAW REPORT (sample publication) [PDF] April 2003 Digital Discovery & e-Evidence (sample publication) [PDF] April 2003 Resources / Organizations Cyber Tools On-Line Search for Evidence http://www.ctose.org San Diego Regional Information Watch http://www.sdriw.org/index.shtml SecureCode http://www.securecode.net/index.php Workshop: Collecting and Producing Electronic Evidence in Cybercrime Cases http://www.ctose.org/info/events/workshop-8-9-may-2003.html Within the Listservs, Newsletters, Journals, etc. section Linux-Forensics.com Discussion Forum http://www.linux-forensics.com/phpBB2/index.php SecureCode Computer Forensics Forum http://www.securecode.net/modules.php?op=modload&name=Forums&file=index&c=2 Within Resources / Education section Bridgewater State University Center for Technical Education, Bridgewater, Mass Certified Digital Forensic Expert Program Quinnipiac University, Hamden, Connecticut Introduction to Computer Forensics Within Links to Links section ForensicsX.net http://forensicsx.net/ Incident Response Essentials - Links from the book http://www.nwlink.com/~kiter6/CFOR/book-essentials.html Information Security & Forensics Society http://www.isfs.org.hk/ © 2003 All rights reserved