forensic

Review: Coroner's Toolkit

Review: Coroner's Toolkit

The Coroner’s Toolkit, or TCT is an open-source set of forensic tools for performing post-mortem analysis on Unix systems. Written by Dan Farmer and Wietse Venema, both very well known in security circles for such programs as SATAN, TCT is not an easy product to use. A serious knowledge of Unix is a prerequisite for success, but if you can manage it, this is an extremely powerful set of tools.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: EnCase Forensic

Review: EnCase Forensic

This new version of EnCase shows its pedigree as the oldest of the GUI-based IT forensic tools. We found it very simple to operate and use.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: NetWitness Appliance

Review: NetWitness Appliance

NetWitness is a network forensics and analysis package available in both software and appliance (really just a preconfigured server) formats.
Jon Tullett Jul 21 2005 12:00AM Security
Review: ProDiscover Incident Response

Review: ProDiscover Incident Response

This product is the big brother of its family, including all the forensic capabilities of other versions with the additional ability to conduct investigations over the network and compare live systems to known-good baselines to establish whether a machine has been compromised or tampered with.
Jon Tullett Jul 21 2005 12:00AM Security
Review: Stellar Phoenix FAT & NTFS

Review: Stellar Phoenix FAT & NTFS

Stellar Phoenix is a product aimed at data recovery, rather than strict forensics, although of course recovery is an important part of incident response. Confronted with a disk with damaged or missing data, the software will attempt to recover information and reconstruct partial data.
Jon Tullett Jul 21 2005 12:00AM Security
Review: Total Event Log Management Suite

Review: Total Event Log Management Suite

This product manages and analyzes Windows server log files. While this activity is not limited to forensics, it is an important incident response tool.
Jon Tullett Jul 21 2005 12:00AM Security
Review: EnCase Forensic

Review: EnCase Forensic

Guidance Software's EnCase product is the undisputed heavyweight of the forensic software market, and version 5.0 introduces a slew of new features that will keep its opposition firmly on the ropes.
Jon Tullett Jul 21 2005 12:00AM Security
Review: Forensic Field Kit

Review: Forensic Field Kit

WiebeTech's forensic kits tackle two very specific points of pain for forensic investigators: conducting field acquisition and transporting data safely (to prevent damage and ensure the chain of evidence is unchallengeable).
Jon Tullett Jul 21 2005 12:00AM Security
Review: Inforenz Forager

Review: Inforenz Forager

This tool is designed to help search file systems during forensic examinations. It collects information and meta data associated with files, and offers strong searching and indexing capabilities, although limited to Windows file systems.
Jon Tullett Jul 21 2005 12:00AM Security
Using File Hashes to Reduce Forensic Analysis

Using File Hashes to Reduce Forensic Analysis

The "hashkeeper" paradigm or model was first introduced a number of years ago by Brian Deering of the National Drug Intelligence Center (www.hashkeeper.org).
Dan Mares Jan 14 2004 1:27PM Security
Review: EnCase Forensic Edition

Review: EnCase Forensic Edition

EnCase from Guid-ance Software has been at the vanguard of forensics software for some time - and with good reason.
Now in version 4.14, the solution is a powerful ­ collection of correlation and analysis tools, designed to make the forensic investigator's job as easy as possible.
Jon Tullett Oct 1 2003 12:00AM Security
ASI masters forensic IT

ASI masters forensic IT
Fleur Doidge Jan 1 2000 12:00AM Hardware

Log In

  |  Forgot your password?