If this is going to court I would leave it to a professional, but if you really want to get your hands dirty EnCase is pretty much the digital forensics standard and FTK is a close second.
On Wed, Dec 9, 2009 at 11:55 AM, Tyler Robinson <[email protected]>wrote: > Hey all looking for some of the fantastic advice that the pauldotcom > listeners always provide. I am helping our prosecuting attorney with > evidence from a hard drive, I am wondering what software everyone is using > to make the drive images, and if anyone knows of a good website that has all > the proper forms ex. digital chain of custody, and also some checklists or > guidelines. I know that Helix is a widely accepted linux distro for this > sort of thing but dont have much experience with it. I also have a copy of > FTR and have worked with it a bit. So any advice at all is always > appreciated. Thanks again and Thanks to Paul and Larry for bringing together > such a dynamic group of Security professionals and a great show. > > -- > Tyler Robinson > Owner of Computer Impressions and Tactical Network Security > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
