±Forensic Focus Partners

±Your Account


Nickname
Password


Forgotten password/username?


Membership:
New Today: 0
New Yesterday: 0
Overall: 27614
Visitors: 39

±Follow Forensic Focus

Join our LinkedIn group

Subscribe to news

Subscribe to forums

Subscribe to blog

Subscribe to tweets

What goes in a forensic toolkit?

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2, 3  Next 
  

Re: What goes in a forensic toolkit?

Post Posted: Fri Dec 07, 2012 5:37 am

May I raise a generic question? Question
I seem to detect a "CATCH22" situation.

Say that a long time expert and willing to help member suggests to have in the toolkit a "protofractional flubbinator" (a fictional tool that is very useful for "frastling grops and zerling drestroos") .

I would presume that - besides the sheer existence of the tool in the toolkit - the actual operator of the forensic service should have spent long hours studying the theory behind both "frastling" and "zerling" and yet more hours getting familiar and practicing with the actual specific make/model "flubbinator", or at least with similar "protofractional" tools in order to be able to use that tool.

Then, he/she would already know the existence of the tool, would know when and how to use it and would be capable of deciding himself/herself whether this tool is needed in the toolkit or not, this depending by a lot of factors, including the cost of the tool, the kind of work the forensic service is going to provide, etc., etc.

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: What goes in a forensic toolkit?

Post Posted: Fri Dec 07, 2012 6:02 am

Thanks for (most of) the post so far. I shoudl clarify...
...
I'm setting up an in-house service for the company I work for. I have a pretty good idea of the toolkit contents, I'm a past techie so I know one end of a computer from another.

If there are any decent lists out there I'd be grateful for a pointer.  

nat038
Newbie
 
 
  

Re: What goes in a forensic toolkit?

Post Posted: Fri Dec 07, 2012 6:16 am

- nat038
I shoudl clarify...
...

Yes Smile , maybe if you list the actual expected kind of activities the "in-house service" is likely to perform, some member could give you more specific advice, as opposed to "generic" lists.
I mean, as an example, if your firm only uses (say) BlackBerries as mobile communication devices, you will have no need for any "specific" iPhone tools, or if it the scope is exclusively "PC forensics" you won't have any need for tools related to Cell Phone forensics.

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 

jaclaz
Senior Member
 
 
  

Re: What goes in a forensic toolkit?

Post Posted: Fri Dec 07, 2012 9:45 am

I second this.

If your in-house lab is for corporate cases, your needs are more geared toward eD, versus in-house at a local police station, where it is more forensics.

If you deal mostly on web based applications, (Google Apps, browsers, e-mail), your needs are different than a office where everything is local apps.

A software shop will have different need than a manufacturing plant.

And, so on...

If we can get a better understanding of your business, then we may be able to provide you a better answer.

- jaclaz
- nat038
I shoudl clarify...
...

Yes Smile , maybe if you list the actual expected kind of activities the "in-house service" is likely to perform, some member could give you more specific advice, as opposed to "generic" lists.
I mean, as an example, if your firm only uses (say) BlackBerries as mobile communication devices, you will have no need for any "specific" iPhone tools, or if it the scope is exclusively "PC forensics" you won't have any need for tools related to Cell Phone forensics.

jaclaz
 

jhup
Senior Member
 
 
  

Re: What goes in a forensic toolkit?

Post Posted: Fri Dec 07, 2012 9:58 am

OK thanks again so far. The intent would be to able to provide an eD *and* full forensic service across all types of application and systems. Really what I'm looking for is a generalised kit to cater for most situations.  

nat038
Newbie
 
 
  

Re: What goes in a forensic toolkit?

Post Posted: Fri Dec 07, 2012 5:34 pm

- nat038
OK thanks again so far. The intent would be to able to provide an eD *and* full forensic service across all types of application and systems. Really what I'm looking for is a generalised kit to cater for most situations.


Unpacking your statement - you want to do most e-mail systems, most operating systems, most disk and disc file systems, most mobile devices, most mobile carriers, most storage solutions, most cell site analysis, most wifi analysis, most . . .

And, what is your initial and thereafter annual budget for this?

Is this a law enforcement shop or business?

Is this a shop for internal matters in a firm, or this is the business (selling eD/forensics services)?  

jhup
Senior Member
 
 
  

Re: What goes in a forensic toolkit?

Post Posted: Sat Dec 08, 2012 7:35 am

We would also recommend our Belkasoft Evidence Center (http://belkasoft.com) as a tool used by forensic investigators worldwide and included into standard software lists in several countries.
_________________
Digital Evidence Extraction Software
belkasoft.com 

Belkasoft
Senior Member
 
 
Reply to topicReply to topic

Share this forum topic to encourage more replies



Page 2 of 3
Go to page Previous  1, 2, 3  Next