Newbie requesting a...
 
Notifications
Clear all

Newbie requesting advice

24 Posts
9 Users
0 Likes
15.4 K Views
(@kpryor)
Posts: 68
Trusted Member
Topic starter
 

Hello all,
My name is Ken and I am a police officer in Robinson, Illinois. Our department is small and our town is in a rural area, meaning that budgets are low, especially for high tech stuff. We're lucky we got a grant this year, or we wouldn't even be replacing an aged squad car.

Anyway, the point of the above is this. I am very interested in being able to do forensic work for my department, such as when we confiscate computers related to CP investigations and so on. However, given the above, I have no budget to work with, so I'm going to have to come up with the funds and/or free stuff to do the job if I'm going to do it at all.

At the moment, we send seized computers to the Attorney Generals office for forensic work. They do a good job, but being the geek that I am, I want to learn to do this myself and have the reliable results that are admissible in court.

I am looking for training, books and software to achieve this goal. However, as I said before, cost sadly has to be considered. I already have Helix and am learning about it, but am far from capable with the tools it provides at this point.

Am I trying to do too much or can this reasonably be achieved? Any advice would be much appreciated.

KP

 
Posted : 19/09/2006 3:24 am
Jamie
(@jamie)
Posts: 1288
Moderator
 

Ken,

Welcome to Forensic Focus. Given the correct attitude, dedication and time to learn I think it's certainly possible to achieve this goal (most of us here were probably in the same position at one point). One question though, I know you describe yourself as a "geek" but what does this translate into in practical terms? What "hands on" experience do you have with hardware and software, for example?

Jamie

 
Posted : 19/09/2006 3:51 am
(@kpryor)
Posts: 68
Trusted Member
Topic starter
 

Hi Jamie,

Thanks for the welcome! I was really happy to find this site while I was searcing for info.

I consider myself reasonably competent with troubleshooting and repairing hardware and software issues in Windows environments. I do computer repair work on the side at home and also work part-time in a local computer store. I'm mostly self-taught, but have taken a couple classes at the local community college on troubleshooting and repair just to reinforce what I've learned through my own study.

I'm a little familiar with Linux, having set up an in-house mail server and web server at the police department, but nothing much beyond that. I've messed around with Knoppix and used it while doing Windows machine repairs as well.

KP

 
Posted : 19/09/2006 4:07 am
Jamie
(@jamie)
Posts: 1288
Moderator
 

Sounds like a good base to build on. As far as books are concerned you might want to consider those listed at

http//www.forensicfocus.com/computer-forensics-books

to which I still need to add Harlan's Windows IR book, Brian Carrier's "File System Forensic Analysis" and "Real Digital Forensics" by Jones et al. Also, don't be put off by the fact that "Forensic Computing A Practitioner's Guide" by Tony Sammes and Brian Jenkinson is an old book, I still rate it as essential reading.

Beyond that a course, such as the CCE offered at Kennesaw, might be of interest to you. Best of luck with your endeavours!

Jamie

 
Posted : 19/09/2006 4:33 am
(@kpryor)
Posts: 68
Trusted Member
Topic starter
 

Thanks for the information, Jamie. I will start looking into the books on the list and start studying. If you could recommend one particular book for the complete beginner, what might it be? Probably a tough question to answer, but any specific suggestions would be greatly appreciated.

Thanks again for the help. I really appreciate all of the great resources you have on this site.
KP

 
Posted : 19/09/2006 4:55 am
Jamie
(@jamie)
Posts: 1288
Moderator
 

For the complete beginner who already has some technical background I still recommend "Forensic Computing A Practitioner's Guide" by Tony Sammes and Brian Jenkinson with the only caveat being that the reader keep in mind that there are newer technologies out there which are not covered in the book. For its approach, clarity and coverage of the major issues though, I don't think it can be beat (others no doubt will disagree - all opinions welcome!)

Jamie

 
Posted : 19/09/2006 5:10 am
(@kpryor)
Posts: 68
Trusted Member
Topic starter
 

Thanks Jamie! )
KP

 
Posted : 19/09/2006 5:14 am
(@kpryor)
Posts: 68
Trusted Member
Topic starter
 

I just found a copy of Forensic Computing A Practitioner's Guide on Amazon for $23.98, so I ordered it. Thanks for the recommendation.
KP

 
Posted : 19/09/2006 5:21 am
Jamie
(@jamie)
Posts: 1288
Moderator
 

No problem, hope you enjoy the book.

All the best,

Jamie

 
Posted : 19/09/2006 5:29 am
mugwump
(@mugwump)
Posts: 6
Active Member
 

Hi,
I am a student studying Computer Forensics at Ferris State University and I would like to suggest a very basic book that seems to give a pretty good base and overview for you to start with. Sometimes it is better to start slowly and make sure this is the way you want to go. The Book we use for our class is; Computer Forensics Jump Start by Michael G. Solomon, Diane Barret and Neil Broom. I found it to be very easy reading and quite interesting to me. Good luck in your endeavor my hat is off to you!!

 
Posted : 03/11/2006 2:47 am
Page 1 / 3
Share: