Sadly due to financial reasons I have had to postpone my University Education. This has been the main reason for my lack of updates recently, Sorry guys. That with loosing alot of my forensic material with a hard drive failure, things have not been overly great.
Given the funds I will soon be restoring an old computer from the Barn into a dedicated Forensic Lab type machine. *evil laff*
Rest assured I am still very much interested in expanding my Computer Forensic knowledge as well as sharing it with readers here!
I am still very much looking forward to the arrival of my pre ordered book - Windows Forensic Analysis DVD Toolkit (Paperback)
Saturday, August 15, 2009
Wednesday, April 29, 2009
Helix Forensics live CD no longer free
I used to have this backed up and lost everything on my Pc the other week. Came to collect it again and noticed its ruddy well gone from being free.
Just my luck, I was planning a run through of this tools use for my blog :(
Plenty of other free ones around I guess... but I liked Helix alot.
Off to sulk... otherwise known as find a free one.
Just my luck, I was planning a run through of this tools use for my blog :(
Plenty of other free ones around I guess... but I liked Helix alot.
Off to sulk... otherwise known as find a free one.
Thursday, April 16, 2009
Moved Home - Internet back at last.
My personal circumstances have changed alot recently. Needless to say I now have the Internet again.
I have a few projects I am working towards for this computer forensic blog site I hope to have finished soon.
There will be with any luck a few images I will be making of things you can investigate with free tools. They will involve basic cases like errmm. Well I can not find my list right now, (just moved and all) So will have to update things again in another blog at a later date.
I have noticed the site has maintained a steady stream of hits since I was away. So I just wanted to thank everyone who still comes by and reads.
Again so much more to come, just finding the time at the moment.
That about rounds things up for now.
I have a few projects I am working towards for this computer forensic blog site I hope to have finished soon.
There will be with any luck a few images I will be making of things you can investigate with free tools. They will involve basic cases like errmm. Well I can not find my list right now, (just moved and all) So will have to update things again in another blog at a later date.
I have noticed the site has maintained a steady stream of hits since I was away. So I just wanted to thank everyone who still comes by and reads.
Again so much more to come, just finding the time at the moment.
That about rounds things up for now.
Thursday, March 26, 2009
Finding out what programs have been run and when in Computer Forensic Analysis
David Cowen a Computer Forensic Expert Witness recently posted part 2 of a blog series he is completing on his blog hackingexposedcomputerforensicsblog
I really enjoyed the recent post called What did they take when they left? Part 2 – Finding out what they ran before they left
It covers Link files, prefetch and User assist keys in detail and is really good information to know as a wannabe Computer Forensic Analyst. I would really recommend if you are interested in Computer Forensic that you read this recent post. It is very detailed and specific and has alot of useful information in one place.
I eagerly await his Part 3 - Where did it go and what did they take?
On a related note I have used Windows File Analyzer my self in the past to study prefetch files and found it really interesting what you can learn. Once I have completed moving house I will do a blog about the use of this tool and what you can learn from it and show some examples. I hope to cover some use of link files as well and possibly user assist keys.
Back to box packing for me..
I really enjoyed the recent post called What did they take when they left? Part 2 – Finding out what they ran before they left
It covers Link files, prefetch and User assist keys in detail and is really good information to know as a wannabe Computer Forensic Analyst. I would really recommend if you are interested in Computer Forensic that you read this recent post. It is very detailed and specific and has alot of useful information in one place.
I eagerly await his Part 3 - Where did it go and what did they take?
On a related note I have used Windows File Analyzer my self in the past to study prefetch files and found it really interesting what you can learn. Once I have completed moving house I will do a blog about the use of this tool and what you can learn from it and show some examples. I hope to cover some use of link files as well and possibly user assist keys.
Back to box packing for me..
Tuesday, March 24, 2009
Finally decided to give Twitter a try
Thought I would give Twitter a try, seems to be growing alot and thought why not give it a try !
You can find my Twitter at http://twitter.com/p0ttah
Or I have a widget on the right there showing my recent twitters.
Please feel free to add me! I can't promise it is going to be completely Computer Forensics orientated but as its a big part of me I imagine most updates will be related.
Have fun.
You can find my Twitter at http://twitter.com/p0ttah
Or I have a widget on the right there showing my recent twitters.
Please feel free to add me! I can't promise it is going to be completely Computer Forensics orientated but as its a big part of me I imagine most updates will be related.
Have fun.
Thursday, March 19, 2009
Staffordshire University Interview Process
As it appears this was a very popular subject recently I thought I would go into a bit more detail about the Interview day I went for recently at Staffordshire University (Stafford campus).
Upon receiving an Interview date you also receive a map and directions, on arrival there was plenty of parking. I was greeted by an assigned person who was wearing something to stand out as being a helper (I forget what but it was obvious)
I was greeted warmly and got a quick tour on route to the meeting lounge type area. A short queue followed where you gave in your name. You then received a document in a folder with more information about the course and a timetable of the day head. You also got given a free drinks voucher for the nearby cafe.
You next get called forward to go on a tour of the accommodation if you are interested in that(the accommodation tours ran throughout the day in case you missed it). On returning from that it was just about time for certain groups of people depending on what course you were on to be escorted to one of the lecture theatre. Computer Forensics was the second group called amongst other courses like Computer Game Design.
You then sit down and have a big talk about the University and whats in the surrounding area. It covered everything from accommodations to fees and was made really funny in places which was really welcoming.
Once this has been completed the course lecturers came in and took people to the relevant courses they were interested in. Some courses were really popular with like 15 people going, some smaller like computer forensics which only had 4 people.
We then were escorted to the forensic lab and had an intro into Computer Forensics and was later introduced to one of the members of staff who is a working expert in Computer Forensics. While in the lab we were shown a collection of 20 or so PDA and a professional Write blocker kit which was really cool to see. It was one that was linked to Encase(I think) so the computer can detect if the write blocker is working.
We were shown the full version of Encase and had freedom to play about with the lab pcs. I noticed they also had Stenography stuff installed amongst many other things. They had a Hex edited file prepared to look at with a basic hex editor. I must admit I was expecting something a bit more exciting than picking out clear patterns in a hex edited file. We were only shown the PDA and Write blocker because I mentioned them so there was room for improvement really. I found the introduction a bit basic but can understand why it would be like this.
After the Introduction we were then taken out one by one to a small office for a quick interview with the main lecturer. It lasted about 8-15 minutes and was very informal. The questions were pretty general nothing you would want to worry about. You get a rating on a few areas and the best advise really is go in with confidence, if this is what you want to be doing show it !
I found Staffordshire University to be a great University to pick for Computer Forensics. I was really impressed with the array of tools available and lectures personality as well as the experts knowledge. All in all it was great, none of the above is meant to be negative it is just my impressions. I was really happy overall and am really excited about starting in September. I truly know I can do well on this course and with any luck will come out of this being able to become a Computer Forensic Analyst.
Website of the University
http://www.staffs.ac.uk/
Upon receiving an Interview date you also receive a map and directions, on arrival there was plenty of parking. I was greeted by an assigned person who was wearing something to stand out as being a helper (I forget what but it was obvious)
I was greeted warmly and got a quick tour on route to the meeting lounge type area. A short queue followed where you gave in your name. You then received a document in a folder with more information about the course and a timetable of the day head. You also got given a free drinks voucher for the nearby cafe.
You next get called forward to go on a tour of the accommodation if you are interested in that(the accommodation tours ran throughout the day in case you missed it). On returning from that it was just about time for certain groups of people depending on what course you were on to be escorted to one of the lecture theatre. Computer Forensics was the second group called amongst other courses like Computer Game Design.
You then sit down and have a big talk about the University and whats in the surrounding area. It covered everything from accommodations to fees and was made really funny in places which was really welcoming.
Once this has been completed the course lecturers came in and took people to the relevant courses they were interested in. Some courses were really popular with like 15 people going, some smaller like computer forensics which only had 4 people.
We then were escorted to the forensic lab and had an intro into Computer Forensics and was later introduced to one of the members of staff who is a working expert in Computer Forensics. While in the lab we were shown a collection of 20 or so PDA and a professional Write blocker kit which was really cool to see. It was one that was linked to Encase(I think) so the computer can detect if the write blocker is working.
We were shown the full version of Encase and had freedom to play about with the lab pcs. I noticed they also had Stenography stuff installed amongst many other things. They had a Hex edited file prepared to look at with a basic hex editor. I must admit I was expecting something a bit more exciting than picking out clear patterns in a hex edited file. We were only shown the PDA and Write blocker because I mentioned them so there was room for improvement really. I found the introduction a bit basic but can understand why it would be like this.
After the Introduction we were then taken out one by one to a small office for a quick interview with the main lecturer. It lasted about 8-15 minutes and was very informal. The questions were pretty general nothing you would want to worry about. You get a rating on a few areas and the best advise really is go in with confidence, if this is what you want to be doing show it !
I found Staffordshire University to be a great University to pick for Computer Forensics. I was really impressed with the array of tools available and lectures personality as well as the experts knowledge. All in all it was great, none of the above is meant to be negative it is just my impressions. I was really happy overall and am really excited about starting in September. I truly know I can do well on this course and with any luck will come out of this being able to become a Computer Forensic Analyst.
Website of the University
http://www.staffs.ac.uk/
Tuesday, March 10, 2009
Windows Forensic Analysis DVD Toolkit (Paperback)
This will be my next book. The Second Edition of Windows Forensic Analysis DVD Toolkit (Paperback)
It is not out just yet, but is due for release in the next few months. More information about the book and author can be found on his blog at below address.
Windorsir.blogspot.com
Really looking forward to the book, Was already going to get the first edition of the book, but now will wait for the second. It will hopefully give alot more in depth knowledge that I am eager to learn.
Its really well priced as well so cant ask for much more.
It is not out just yet, but is due for release in the next few months. More information about the book and author can be found on his blog at below address.
Windorsir.blogspot.com
Really looking forward to the book, Was already going to get the first edition of the book, but now will wait for the second. It will hopefully give alot more in depth knowledge that I am eager to learn.
Its really well priced as well so cant ask for much more.
Subscribe to:
Posts (Atom)