Computer Forensics Principles and Practices
|
|
- Ursula George
- 8 years ago
- Views:
Transcription
1 Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 7: Investigating Windows, Linux, and Graphics Files
2 Objectives Conduct efficient and effective investigations of Windows systems Find user data and profiles in Windows folders Locate system artifacts in Windows systems Examine the contents of Linux folders Pearson Education Computer Forensics: Principles and Practices 2
3 Objectives (Cont.) Identify graphic files by file extensions and file signatures Identify what computer forensics graphic tools and techniques can reveal and recover Pearson Education Computer Forensics: Principles and Practices 3
4 Introduction In many cases you may have gigabytes or even terabytes of data that must be searched for evidence. This chapter helps maximize efficiency of the search by showing default locations of file storage and hiding techniques of wrongdoers. Pearson Education Computer Forensics: Principles and Practices 4
5 Investigating Windows Systems Activities of the user result in user data User profiles Program files Temporary files (temp files) Special application-level files Pearson Education Computer Forensics: Principles and Practices 5
6 Investigating Windows Systems (Cont.) System data and artifacts are generated by the operating system Metadata Windows system registry Event logs or log files Swap files Printer spool Recycle Bin Pearson Education Computer Forensics: Principles and Practices 6
7 Hidden Files Files that do not appear by default are hidden files These can be viewed through the following steps: Open Windows Explorer Go to Tools > Folder Options > View > Hidden files and folders Select Show hidden files and folders Click OK Pearson Education Computer Forensics: Principles and Practices 7
8 Investigating Windows Systems (Cont.) Data and user authentication weaknesses of FAT Userids are not required Only attributes are associated with files or folders Data and user authentication improvements in NTFS Separation of duties Anonymity of the user Pearson Education Computer Forensics: Principles and Practices 8
9 Investigating Windows Systems (Cont.) Identify the operating systems of a target hard drive by: Operating system folder names The folder for the Recycle Bin The construction of the user root folders because of the differences in the way user data is kept Pearson Education Computer Forensics: Principles and Practices 9
10 Finding User Data and Profiles in Windows Folders Documents and Settings folder Contains a user root folder for each user account created on the computer Windows NT and above automatically install Administrator All users Default user (hidden) Pearson Education Computer Forensics: Principles and Practices 10
11 Finding User Data and Profiles in Windows Folders (Cont.) Data stored in the user root folder: Desktop settings, such as wallpaper, screensavers, color schemes, and themes Internet customizations, such as the homepage, favorites, and history Application parameters and data, such as and upgrades Personal files and folders, such as My Documents, My Pictures, and so on Pearson Education Computer Forensics: Principles and Practices 11
12 Finding User Data and Profiles in Windows Folders (Cont.) Some of the subfolders in the user root folder include: Application data (hidden) Cookies Desktop Favorites Local Settings (hidden) My Documents NetHood (hidden) Pearson Education Computer Forensics: Principles and Practices 12
13 Location of User Root Folders Operating System (Platform) User Root Folder Location Windows 9x <partition>:\windows\profiles\userid USER.DAT file Windows NT <partition>:\winnt\profiles\userid NTUSER.DAT file Windows 2000 and Windows XP <partition>:\documents and Settings \userid NTUSER.DAT file Pearson Education Computer Forensics: Principles and Practices 13
14 In Practice: Temp Internet Files Provide Valuable E-Evidence Data stored in the Temporary Internet Files folder can be valuable supporting evidence, even if deleted Statute 18 U.S.C. 2256(8) rules as pornography any data stored on computer disk that can be converted into a visual image Pearson Education Computer Forensics: Principles and Practices 14
15 Investigating System Artifacts Types of metadata Descriptive: describes a resource for purposes such as discovery and identification Structural: indicates how compound objects are put together Administrative: provides information to help manage a resource, such as when it was created, last accessed, and modified Be alert for alternate data streams (ADS) Pearson Education Computer Forensics: Principles and Practices 15
16 In Practice: Searching for Evidence Do not use the suspect system itself to carry out a search for evidence Using Windows to search and open files can change the file s metadata Such changes may cause evidence to be disallowed in court Pearson Education Computer Forensics: Principles and Practices 16
17 Investigating System Artifacts (Cont.) Registry Can reveal current and past applications, as well as programs that start automatically at bootup Viewing the registry requires a registry editor Event logs track system events Application log tracks application events Security log shows logon attempts System log tracks events such as driver failures Pearson Education Computer Forensics: Principles and Practices 17
18 Investigating System Artifacts (Cont.) Swap file/page file Used by the system as virtual memory Can provide the investigator with a snapshot of volatile memory Print spool May contain enhanced metafiles of print jobs Recycle Bin/Recycler Stores files the user has deleted Pearson Education Computer Forensics: Principles and Practices 18
19 Shredding Data Third-party software packages can be used to delete data and actually overwrite the information, essentially shredding the data Pearson Education Computer Forensics: Principles and Practices 19
20 Investigating Linux Systems Windows can have many users with administrator access, but Linux has only one administrative account, called root Root account has complete control of the system In Linux, all devices, partitions, and folders are seen as a unified file system A typical installation creates three partitions: the root, boot, and swap partitions Pearson Education Computer Forensics: Principles and Practices 20
21 Investigating Linux Systems (Cont.) The Linux file system includes the data structure as well as the processes that manage the files in the partition Linux s virtual file system provides a common set of data structures: Superblock Inode Dentry Data block Pearson Education Computer Forensics: Principles and Practices 21
22 Investigating Linux Systems (Cont.) Seven different file types available in Linux: Normal files Directories Links Named pipes Sockets Block devices Character devices Pearson Education Computer Forensics: Principles and Practices 22
23 Investigating Linux Systems (Cont.) Default Linux installations generally include system directories such as the following: /boot /dev /proc /root /etc /home /lib /lost+found /sbin /tmp /usr /var /mnt Pearson Education Computer Forensics: Principles and Practices 23
24 Investigating Linux Systems (Cont.) Key Linux files and directories to investigate: /etc/passwd /etc/shadow /etc/hosts /etc/sysconfig/ /etc/syslog.conf Pearson Education Computer Forensics: Principles and Practices 24
25 Investigating Linux Systems (Cont.) Deleted files Check the Trash can for each login user for deleted files that can be recovered Using grep to search file contents Grep allows for sophisticated character-based data searches Compressed files Some Linux applications such as OpenOffice automatically compress data files Pearson Education Computer Forensics: Principles and Practices 25
26 Graphic File Forensics The investigator can use file signatures to determine where data starts and ends and the file type File extension (such as.jpg) one way to identify a graphic file A user can easily change the file extension, but the data header does not change Forensic tools can resolve conflicts between file extensions and file types Pearson Education Computer Forensics: Principles and Practices 26
27 Graphic File Forensics (Cont.) The process of retrieving all relevant pieces of a file is called data carving or data salvaging An investigator may have to reconstruct the data header using file signature information Layered graphic files (such as Photoshop or Corel) can hide information behind layers Graphics saved as JPEG, TIFF, GIF, or BMP do not have layers Pearson Education Computer Forensics: Principles and Practices 27
28 Graphic File Forensics (Cont.) Steganography is a form of data hiding in which a message is hidden within another file Data to be hidden is the carrier medium The file in which the data is hidden is the steganographic medium Both parties communicating via steganography must use the same stego application Pearson Education Computer Forensics: Principles and Practices 28
29 Graphic File Forensics (Cont.) Steganography is difficult to detect; the following clues may indicate stego use Technical capabilities or sophistication of the computer s owner Software clues on the computer Other program files that indicate familiarity with data-hiding methods Multimedia files Type of crime being investigated Pearson Education Computer Forensics: Principles and Practices 29
30 In Practice: Child Pornography Hiding criminal content within innocent files can allow perpetrators such as child pornographers to exchange information A scenario is described by which child pornographers can easily pass information to others in the ring Pearson Education Computer Forensics: Principles and Practices 30
31 Summary Search times can be reduced through the use of default folders and operating system artifacts The skill level of the user will determine whether this is an effective use of time in the case Pearson Education Computer Forensics: Principles and Practices 31
32 Summary (Cont.) A savvy user can hide data through: Nonstandard file folders Renaming file types Using layered graphics Masquerading data with steganographic techniques Pearson Education Computer Forensics: Principles and Practices 32
Comparing and Contrasting Windows and Linux Forensics. Zlatko Jovanovic. International Academy of Design and Technology
Comparing and Contrasting Windows and Linux Forensics Zlatko Jovanovic International Academy of Design and Technology Abstract Windows and Linux are the most common operating systems used on personal computers.
More informationEnCase 7 - Basic + Intermediate Topics
EnCase 7 - Basic + Intermediate Topics Course Objectives This 4 day class is designed to familiarize the student with the many artifacts left behind on Windows based media and how to conduct a forensic
More informationMSc Computer Security and Forensics. Examinations for 2009-2010 / Semester 1
MSc Computer Security and Forensics Cohort: MCSF/09B/PT Examinations for 2009-2010 / Semester 1 MODULE: COMPUTER FORENSICS & CYBERCRIME MODULE CODE: SECU5101 Duration: 2 Hours Instructions to Candidates:
More informationCOMPUTER FORENSICS. DAVORY: : DATA RECOVERY
COMPUTER FORENSICS. DAVORY: : DATA RECOVERY Supervised By: Dr. Lo ai Tawalbeh New York Institute of Technology (NYIT)-Amman-2006 TOPICS Definition Recovery from what?? Davory SOFTWARE. Restore Software.
More informationCourse Title: Computer Forensic Specialist: Data and Image Files
Course Title: Computer Forensic Specialist: Data and Image Files Page 1 of 9 Course Description The Computer Forensic Series by EC-Council provides the knowledge and skills to identify, track, and prosecute
More informationLinux Kernel Architecture
Linux Kernel Architecture Amir Hossein Payberah payberah@yahoo.com Contents What is Kernel? Kernel Architecture Overview User Space Kernel Space Kernel Functional Overview File System Process Management
More informationOperating Systems Forensics
Operating Systems Forensics Section II. Basic Forensic Techniques and Tools CSF: Forensics Cyber-Security MSIDC, Spring 2015 Nuno Santos Summary! Windows boot sequence! Relevant Windows data structures!
More information(b) slack file space.
Hidden Files A Computer Forensics Case Study Question Paper 1. Outline the meaning of the following terms: (a) cookie, [2 marks] A cookie is data stored locally that is used by some websites for data that
More informationHands-On How-To Computer Forensics Training
j8fm6pmlnqq3ghdgoucsm/ach5zvkzett7guroaqtgzbz8+t+8d2w538ke3c7t 02jjdklhaMFCQHihQAECwMCAQIZAQAKCRDafWsAOnHzRmAeAJ9yABw8v2fGxaq skeu29sdxrpb25zidxpbmznogtheories...ofhilz9e1xthvqxbb0gknrc1ng OKLbRXF/j5jJQPxXaNUu/It1TQHSiyEumrHNsnn65aUMPnrbVOVJ8hV8NQvsUE
More information1! Registry. Windows System Artifacts. Understanding the Windows Registry. Organization of the Windows Registry. Windows Registry Viewer
1! Registry Understanding the Windows Registry! A database that stores hardware and software configuration information, network connections, user preferences, and setup information Windows System Artifacts
More informationChapter Contents. Operating System Activities. Operating System Basics. Operating System Activities. Operating System Activities 25/03/2014
Chapter Contents Operating Systems and File Management Section A: Operating System Basics Section B: Today s Operating Systems Section C: File Basics Section D: File Management Section E: Backup Security
More informationComputer Forensics: Permanent Erasing
Computer Forensics: Permanent Erasing Prepared By : Yousef T. Aburabie and Mohamd Alomari Supervised By: Dr. Lo ai Tawalbeh, New York Institute of Technology (NYIT)-Jordan s campus-2006 Introduction "Delete"
More informationComputer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065
Computer Forensics and Investigations Duration: 5 Days Courseware: CT 0619217065 Introduction The Computer Forensics and Investigation course presents methods to properly conduct a computer forensics investigation
More informationWindows 7: Current Events in the World of Windows Forensics
Windows 7: Current Events in the World of Windows Forensics Troy Larson Senior Forensic Program Manager Network Security, Microsoft Corp. Where Are We Now? Vista & Windows 2008 BitLocker. Format-Wipes
More informationUnderstanding Backup and Recovery Methods
Lesson 8 Understanding Backup and Recovery Methods Learning Objectives Students will learn to: Understand Local, Online, and Automated Backup Methods Understand Backup Options Understand System Restore
More informationWindows XP/Vista/7 Directory Structures
Windows XP/Vista/7 Directory Structures System Partition NTLDR boot.ini ntdetect.com bootsect.dos hiberfil.sys pagefile.sys Boot Partition Boot Documents and Settings (XP) Inetpub PerfLogs Program Files
More informationInstalling Windows XP Professional
CHAPTER 3 Installing Windows XP Professional After completing this chapter, you will be able to: Plan for an installation of Windows XP Professional. Use a CD to perform an attended installation of Windows
More informationNew Technologies File System (NTFS) Priscilla Oppenheimer. Copyright 2008 Priscilla Oppenheimer
New Technologies File System (NTFS) Priscilla Oppenheimer NTFS Default file system for Windows NT, 2000, XP, and Windows Server 2003 No published spec from Microsoft that describes the on-disk layout Good
More informationPersonal Cloud. Support Guide for Mac Computers. Storing and sharing your content 2
Personal Cloud Support Guide for Mac Computers Storing and sharing your content 2 Getting started 2 How to use the application 2 Managing your content 2 Adding content manually 3 Renaming files 3 Moving
More informationCYBER FORENSICS. KRISHNA SASTRY PENDYALA Cyber Forensic Division Central Forensic Science Laboratory Hyderabad.
CYBER FORENSICS KRISHNA SASTRY PENDYALA Cyber Forensic Division Central Forensic Science Laboratory Hyderabad. 11 DIGITAL EVIDENCE? Cyber crimes Digital evidence Digital evidence is any information of
More informationPart 3: Accessing Local drives and printers from the Terminal Server
In this guide: Part 1: What are Terminal Services / Remote Desktop? Part 2: Connecting to the HUSPSS Terminal Servers Part 3: Accessing Local drives and printers from the Terminal Server Part 4: Accessing
More information716 West Ave Austin, TX 78701-2727 USA
Investigating by Computer Second edition GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA VI. INVESTIGATING WITH DIGITAL FORENSICS The increasing usage of the Internet and
More informationForensics on the Windows Platform, Part Two
1 of 5 9/27/2006 3:52 PM Forensics on the Windows Platform, Part Two Jamie Morris 2003-02-11 Introduction This is the second of a two-part series of articles discussing the use of computer forensics in
More informationPaul McFedries. Home Server 2011 LEASHE. Third Edition. 800 East 96th Street, Indianapolis, Indiana 46240 USA
Paul McFedries Microsoft Windows9 Home Server 2011 LEASHE Third Edition 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents Introduction 1 Part I Unleashing Windows Home Server Configuration
More informationFile System Forensics FAT and NTFS. Copyright Priscilla Oppenheimer 1
File System Forensics FAT and NTFS 1 FAT File Systems 2 File Allocation Table (FAT) File Systems Simple and common Primary file system for DOS and Windows 9x Can be used with Windows NT, 2000, and XP New
More informationHW 07: Ch 12 Investigating Windows
1 of 7 5/15/2015 2:40 AM HW 07: Ch 12 Investigating Windows Click 'check' on each question or your score will not be recorded. resources: windows special folders ntfs.com Windows cmdline ref how ntfs works
More informationDigital Forensic Tool for Decision Making in Computer Security Domain
Digital Forensic Tool for Decision Making in Computer Security Domain S. K. Khode 1,V. N. Pahune 2 and M. R. Sayankar 3 1, 2, 3 Computer Engineering Department of Bapurao Deshmukh College of Engineering,
More informationENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING
ENTERPRISE COMPUTER INCIDENT RESPONSE AND FORENSICS TRAINING MODULE A INTRODUCTION TO COMPUTER FORENSICS AND NVESTIGATIONS A1.0 Explain concepts related to computer forensics. A1.1 This module is measured
More informationHelp System. Table of Contents
Help System Table of Contents 1 INTRODUCTION...1 2 GETTING STARTED!... 2 2.1 Installation...2 2.2 Wizard...3 2.3 Browse Method:...7 2.4 Search Method:...7 2.5 Surface Scan Method:... 8 3 RECOVERING DELETED
More informationAccuGuard Desktop and AccuGuard Server User Guide
AccuGuard Desktop and AccuGuard Server User Guide 1 2 Table of Contents Welcome 4 Backup Simplified 5 Features 6 Protection Plans 7 Archived Data Viewing 8 Archived Data Restoring 9 Best Practices 11 Getting
More informationRECOVERING DIGITAL EVIDENCE FROM LINUX SYSTEMS
Chapter 19 RECOVERING DIGITAL EVIDENCE FROM LINUX SYSTEMS Philip Craiger Abstract As Linux-kernel-based operating systems proliferate there will be an inevitable increase in Linux systems that law enforcement
More informationWhat is Digital Forensics?
DEVELOPING AN UNDERGRADUATE COURSE IN DIGITAL FORENSICS Warren Harrison PSU Center for Information Assurance Portland State University Portland, Oregon 97207 warren@cs.pdx.edu What is Digital Forensics?
More informationTopic 2: Computer Management File Management Folders A folder is a named storage location where related files can be stored. A folder also known as
Topic 2: Computer Management File Management Folders A folder is a named storage location where related files can be stored. A folder also known as directory in some operating systems, all folders or directories
More informationGlobal Image Management System For epad-vision. User Manual Version 1.10
Global Image Management System For epad-vision User Manual Version 1.10 May 27, 2015 Global Image Management System www.epadlink.com 1 Contents 1. Introduction 3 2. Initial Setup Requirements 3 3. GIMS-Server
More informationAxCrypt File Encryption Software for Windows. Quick Installation Guide. Version 1.6.3. January 2008
AxCrypt File Encryption Software for Windows Quick Installation Guide Version 1.6.3 January 2008 Copyright 2005-2008 Svante Seleborg, Axantum Software AB 2(19) This guide describes how to install and quickly
More informationNovell Filr. Windows Client
Novell Filr Windows Client 0 Table of Contents Supported Environments 2 Supported Languages 2 Getting Started 3 Which Folders Are Synchronized 3 What Actions Are Supported 4 Configuring Folders to Synchronize
More information16.4.3 Lab: Data Backup and Recovery in Windows XP
16.4.3 Lab: Data Backup and Recovery in Windows XP Introduction Print and complete this lab. In this lab, you will back up data. You will also perform a recovery of the data. Recommended Equipment The
More informationTable Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10
Table Of Contents - - WINDOWS SERVER 2003 MAINTAINING AND MANAGING ENVIRONMENT...1 WINDOWS SERVER 2003 IMPLEMENTING, MANAGING & MAINTAINING...6 WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS
More informationMicrosoft" Windows8 Home Server
Paul MeFedries Microsoft" Windows8 Home Server I UNLEASHED Second Edition 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents Introduction 1 Part I Unleashing Windows Home Server Configuration
More informationJust EnCase. Presented By Larry Russell CalCPA State Technology Committee May 18, 2012
Just EnCase Presented By Larry Russell CalCPA State Technology Committee May 18, 2012 What is e-discovery Electronically Stored Information (ESI) Discover or Monitor for Fraudulent Activity Tools used
More informationMCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing Resources
MCSE TestPrep: Windows NT Server 4, Second Edition - CH 3 - Managing Resources Page 1 of 36 [Figures are not included in this sample chapter] MCSE TestPrep: Windows NT Server 4, Second Edition - 3 - Managing
More informationEUCIP IT Administrator - Module 2 Operating Systems Syllabus Version 3.0
EUCIP IT Administrator - Module 2 Operating Systems Syllabus Version 3.0 Copyright 2011 ECDL Foundation All rights reserved. No part of this publication may be reproduced in any form except as permitted
More informationChapter 4. Operating Systems and File Management
Chapter 4 Operating Systems and File Management Chapter Contents Section A: Operating System Basics Section B: Today s Operating Systems Section C: File Basics Section D: File Management Section E: Backup
More informationDISK DRIVE MAINTENANCE. 1. Disk Cleanup
DISK DRIVE MAINTENANCE To keep a PC running smoothly, regular maintenance is critical. Many users shy away from maintenance tasks, thinking it is a long, drawn out manual affair, but the Disk Cleanup Utility
More informationExcerpts from EnCase Introduction to Computer Forensics
Guidance Software, Inc. 572 East Green Street #300 Pasadena, CA 91101 Tel: (626) 229-9191 Fax: (626) 229-9199 e-mail: training@guidancesoftware.com web: www.guidancesoftware.com Excerpts from EnCase Introduction
More informationKeystone 600N5 SERVER and STAND-ALONE INSTALLATION INSTRUCTIONS
The following instructions are required for installation of Best Access System s Keystone 600N5 (KS600N) network key control software for the server side. Please see the system requirements on the Keystone
More informationActivity 1: Scanning with Windows Defender
Activity 1: Scanning with Windows Defender 1. Click on Start > All Programs > Windows Defender 2. Click on the arrow next to Scan 3. Choose Custom Scan Page 1 4. Choose Scan selected drives and folders
More informationCan Computer Investigations Survive Windows XP?
Can Computer Investigations Survive? An Examination of Microsoft and its Effect on Computer Forensics December 2001 by Kimberly Stone and Richard Keightley 2001 Guidance Software All Rights Reserved Executive
More informationEUCIP - IT Administrator. Module 2 Operating Systems. Version 2.0
EUCIP - IT Administrator Module 2 Operating Systems Version 2.0 Module 2 Goals Module 2 Module 2, Operating Systems, requires the candidate to be familiar with the procedure of installing and updating
More informationTELE 301 Lecture 7: Linux/Unix file
Overview Last Lecture Scripting This Lecture Linux/Unix file system Next Lecture System installation Sources Installation and Getting Started Guide Linux System Administrators Guide Chapter 6 in Principles
More informationNE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment
NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment Summary Duration Vendor Audience 5 Days Microsoft IT Professionals Published Level Technology 05 October 2005 200 Microsoft
More informationBackup Exec 2010: Archiving Options
Backup Exec 2010: Archiving Options White Paper: Backup Exec 2010: Archiving Options Backup Exec 2010: Archiving Options Contents Introduction............................................................................................
More informationGeneral Computing Network (GCN) Guide for Mac OS X
General Computing Network (GCN) Guide for Mac OS X In the new GCN Environment for Mac and Linux machines, you will have to login with your UNCG user name and password. Machines will not be set to automatically
More informationA+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows
: Managing, Maintaining, and Troubleshooting, 5e Chapter 3 Installing Windows Objectives How to plan a Windows installation How to install Windows Vista How to install Windows XP How to install Windows
More information10.3.1.6 Lab - Data Backup and Recovery in Windows XP
5.0 10.3.1.6 Lab - Data Backup and Recovery in Windows XP Introduction Print and complete this lab. In this lab, you will back up data. You will also perform a recovery of the data. Recommended Equipment
More informationTelecom DaySave. User Guide. Client Version 2.2.0.3
Telecom DaySave User Guide Client Version 2.2.0.3 Table of Contents Chapter 1: DaySave Overview... 4 Chapter 2: Installing DaySave... 5 Downloading the DaySave Client... 5 Installing the DaySave Client...
More informationIntroduction to Windows XP
Introduction to Windows XP Academic Computing Support Information Technology Services Tennessee Technological University January 2003 1. What s new in XP New colorful interface. More stable than 9x/Me
More informationNortel Networks Call Center Reporting Set Up and Operation Guide
Nortel Networks Call Center Reporting Set Up and Operation Guide www.nortelnetworks.com 2001 Nortel Networks P0919439 Issue 07 (24) Table of contents How to use this guide... 5 Introduction...5 How this
More informationHTTP-FUSE PS3 Linux: an internet boot framework with kboot
HTTP-FUSE PS3 Linux: an internet boot framework with kboot http://openlab.jp/oscirclar/ Kuniyasu Suzaki and Toshiki Yagi National Institute of Advanced Industrial Science and Technology Embedded Linux
More informationHyperoo 2 User Guide. Hyperoo 2 User Guide
1 Hyperoo 2 User Guide 1 2 Contents How Hyperoo Works... 3 Installing Hyperoo... 3 Hyperoo 2 Management Console... 4 The Hyperoo 2 Server... 5 Creating a Backup Array... 5 Array Security... 7 Previous
More informationPro Bundle Evaluator s Guide. 2015 Software Pursuits, Inc.
Pro Bundle Evaluator s Guide 2015 Table of Contents Introduction... 2 System Requirements... 2 Contact Information... 3 About the Communications Agent Add-On... 3 Other SureSync Add-Ons... 4 File Locking
More informationManaging Applications, Services, Folders, and Libraries
Lesson 4 Managing Applications, Services, Folders, and Libraries Learning Objectives Students will learn to: Understand Local versus Network Applications Remove or Uninstall an Application Understand Group
More informationMicrosoft Vista: Serious Challenges for Digital Investigations
Proceedings of Student-Faculty Research Day, CSIS, Pace University, May 2 nd, 2008 Microsoft Vista: Serious Challenges for Digital Investigations Darren R. Hayes and Shareq Qureshi Seidenberg School of
More informationForensics source: Edward Fjellskål, NorCERT, Nasjonal sikkerhetsmyndighet (NSM)
s Unix Definition of : Computer Coherent application of a methodical investigatory techniques to solve crime cases. Forensics source: Edward Fjellskål, NorCERT, Nasjonal sikkerhetsmyndighet (NSM) s Unix
More informationLegal Notes. Regarding Trademarks. 2012 KYOCERA Document Solutions Inc.
Legal Notes Unauthorized reproduction of all or part of this guide is prohibited. The information in this guide is subject to change without notice. We cannot be held liable for any problems arising from
More informationUser Guide Win7Zilla
User Guide Win7Zilla Table of contents Section 1: Installation... 3 1.1 System Requirements... 3 1.2 Software Installation... 3 1.3 Uninstalling Win7Zilla software... 3 Section 2: Navigation... 4 2.1 Main
More informationCSI For The Home PC Computer Forensics Inc.
CSI For The Home PC Computer Forensics Inc. Television crime shows such as Law and Order and CSI show computer forensic examiners looking for the one computer clue that will put the perpetrator in the
More informationCCE Certification Competencies
CCE Certification Competencies May 10, 2012 Page 1 The Certified Computer Examiner (CCE) has evolved into one of the most desired certifications in the computer forensics industry. The certification is
More informationActive @ UNDELETE Users Guide
Active @ UNDELETE Users Guide Contents 2 Contents Legal Statement...5 Active@ UNDELETE Overview... 6 Getting Started with Active@ UNDELETE... 7 Active@ UNDELETE Views And Windows... 7 Recovery Explorer
More informationSTATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER
Notes: STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER 1. These instructions focus on installation on Windows Terminal Server (WTS), but are applicable
More informationBeckhoff TwinCAT. Creating Boot Projects for TwinCAT
Beckhoff TwinCAT Creating Boot Projects for TwinCAT Revision: 1.1 Updated: 06 December 2004 Table of Contents 1. Introduction...3 2. TwinCAT System Boot Project (V2.9.0 and later)...4 2.1. TwinCAT System
More informationIntroduction Wiping Transparent Wiping Transparent Wiping Reserved Space Enforcer NOTE: BCWipe Enforcer Jetico Central Manager custom wiping schemes
BCWipe Help File 1 Introduction Wiping is the term used to describe the process of securely erasing data, such as contents of a file or disk space. When files are properly wiped, data is erased beyond
More informationPersona Backup and OS Migration for insync Private Cloud 5.5. June 16, 15
Persona Backup and OS Migration for insync Private Cloud 5.5 June 16, 15 Copyright Notice Copyright 2007-2015 Druva Inc. All Rights Reserved. Any technical documentation that is made available by Druva
More informationSymantec Backup Exec 12.5 for Windows Servers. Quick Installation Guide
Symantec Backup Exec 12.5 for Windows Servers Quick Installation Guide 13897290 Installing Backup Exec This document includes the following topics: System requirements Before you install About the Backup
More informationSuSE File and Print Services with
SuSE File and with SuSE Linux Enterprise Server 8 SuSE Linux AG Whitepaper SuSE File and with SuSE Linux Enterprise Server 8 Overview. 3 File Services The User View 3 The Administrator View 3 Samba Web
More informationLinux Overview. The Senator Patrick Leahy Center for Digital Investigation. Champlain College. Written by: Josh Lowery
Linux Overview Written by: Josh Lowery The Senator Patrick Leahy Center for Digital Investigation Champlain College October 29, 2012 Disclaimer: This document contains information based on research that
More informationDigital Forensics: The aftermath of hacking attacks. AHK Committee Meeting April 19 th, 2015 Eng. Jamal Abdulhaq Logos Networking FZ LLC
Digital Forensics: The aftermath of hacking attacks AHK Committee Meeting April 19 th, 2015 Eng. Jamal Abdulhaq Logos Networking FZ LLC Topics Digital Forensics: Brief introduction Case Studies Case I:
More informationA+ Guide to Managing and Maintaining Your PC, 7e. Chapter 2 Introducing Operating Systems
A+ Guide to Managing and Maintaining Your PC, 7e Chapter 2 Introducing Operating Systems Objectives Learn about the various operating systems and the differences between them Learn about the components
More informationChapter 5: Fundamental Operating Systems
Chapter 5: Fundamental Operating Systems IT Essentials: PC Hardware and Software v4.1 Chapter5 2007-2010 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Chapter 5 Objectives 5.1 Explain the purpose
More informationActive @ UNDELETE Users Guide
Active @ UNDELETE Users Guide Contents 2 Contents Legal Statement...5 Active@ UNDELETE Overview... 6 Getting Started with Active@ UNDELETE... 7 Active@ UNDELETE Views And Windows... 7 Recovery Explorer
More informationwith the ArchiveSync Add-On Evaluator s Guide 2015 Software Pursuits, Inc.
with the ArchiveSync Add-On Evaluator s Guide 2015 Table of Contents Introduction... 2 System Requirements... 2 Contact Information... 3 Required Add-Ons for ArchiveSync in Real-Time... 3 Communications
More informationUsing Your Department Shared Folder
Using Your Department Shared Folder What Is A Domain? A domain is an internal network of computers where the users can share space on a server for storing files and sharing access to printers. Sunysb.edu
More informationXerox Multifunction Devices. Verify Device Settings via the Configuration Report
Xerox Multifunction Devices Customer Tips March 15, 2007 This document applies to these Xerox products: X WC 4150 X WCP 32/40 X WCP 35/45/55 X WCP 65/75/90 X WCP 165/175 X WCP 232/238 X WCP 245/255 X WCP
More information1/5/2013. Technology in Action
0 1 2 3 4 5 6 Technology in Action Chapter 5 Using System Software: The Operating System, Utility Programs, and File Management Chapter Topics System software basics Types of operating systems What the
More informationCopyright 2014 http://itfreetraining.com
This video looks at the four file systems supported by Windows. These are ReFS, NTFS, FAT and exfat. The video looks at what each file system is capable of and its limitations. Resilient File System (ReFS)
More informationIBM Rapid Restore PC powered by Xpoint - v2.02 (build 6015a)
IBM Rapid Restore PC powered by Xpoint - v2.02 (build 6015a) User s Reference Guide Internal IBM Use Only This document only applies to the software version listed above and information provided may not
More informationCreate!form Folder Monitor. Technical Note April 1, 2008
Create!form Folder Monitor Technical Note April 1, 2008 2 FOLDERMONITOR Introduction Introduction FolderMonitor is a utility designed to automatically send spool files to printer queues at set schedules,
More informationEncrypting the Private Files on Your Computer Presentation by Eric Moore, CUGG June 12, 2010
Encrypting the Private Files on Your Computer Presentation by Eric Moore, CUGG June 12, 2010 I. File Encryption Basics A. Encryption replaces data within a file with ciphertext which resembles random data
More informationDigital Forensics with Open Source Tools
Digital Forensics with Open Source Tools Cory Altheide Harlan Carvey Technical Editor Ray Davidson AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO
More informationIntroduction to Network Security Comptia Security+ Exam. Computer Forensics. Evidence. Domain 5 Computer Forensics
Introduction to Network Security Comptia Security+ Exam Domain 5 Computer Forensics Computer Forensics Forensics relates to the application of scientific knowledge and method to legal problems Investigating
More informationRemote Manager System Restore
Remote Manager CionSystems Inc. Page 1 Contents Introduction...3 Create a System Restore Point on the Remote and Local System...4 Enable System Restore on the Remote or Local System...5 Scheduling a Restore
More informationBACKUP & RESTORE (FILE SYSTEM)
Table of Contents Table of Contents... 1 Perform a Backup (File System)... 1 What Gets Backed Up... 2 What Does Not Get Backed Up... 3 Perform a Restore... 4 Perform a Backup (File System) The following
More informationSpector 360 Deployment Guide. Version 7.3 January 3, 2012
Spector 360 Deployment Guide Version 7.3 January 3, 2012 Table of Contents Deploy to All Computers... 48 Step 1: Deploy the Servers... 5 Recorder Requirements... 52 Requirements... 5 Control Center Server
More informationRECOVERING FROM SHAMOON
Executive Summary Fidelis Threat Advisory #1007 RECOVERING FROM SHAMOON November 1, 2012 Document Status: FINAL Last Revised: 2012-11-01 The Shamoon malware has received considerable coverage in the past
More informationBlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Administration Guide
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Administration Guide Published: 2010-06-16 SWDT487521-1041691-0616023638-001 Contents 1 Overview: BlackBerry Enterprise
More informationCisco Networking Academy Program Curriculum Scope & Sequence. Fundamentals of UNIX version 2.0 (July, 2002)
Cisco Networking Academy Program Curriculum Scope & Sequence Fundamentals of UNIX version 2.0 (July, 2002) Course Description: Fundamentals of UNIX teaches you how to use the UNIX operating system and
More informationFind the Who, What, Where and When of Your Active Directory
Find the Who, What, Where and When of Your Active Directory Avril Salter 1. 8 0 0. 8 1 3. 6 4 1 5 w w w. s c r i p t l o g i c. c o m / s m b I T 2012 ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic,
More informationHow to monitor AD security with MOM
How to monitor AD security with MOM A article about monitor Active Directory security with Microsoft Operations Manager 2005 Anders Bengtsson, MCSE http://www.momresources.org November 2006 (1) Table of
More informationNTFS Undelete User Manual
NTFS Undelete User Manual What is NTFS Undelete? NTFS Undelete is a small utility that scans your hard drive for all files that can be undeleted and attempts to recover them for you. Sounds like magic?
More informationInstalling a Second Operating System
Installing a Second Operating System Click a link below to view one of the following sections: Overview Key Terms and Information Operating Systems and File Systems Managing Multiple Operating Systems
More information