Suggestions for new...
 
Notifications
Clear all

Suggestions for new hardware or software

5 Posts
4 Users
0 Likes
642 Views
(@ebmetric)
Posts: 10
Active Member
Topic starter
 

Hello,

At this point I've decided to upgrade my software and/or hardware equipment for forensics.
Mainly at my work I focus on acquisition of all type of data from computers and servers.

Right now from hardware I have TABLEAU TX1, T8u and T35u.
And from software Belka Evidence Center 9, EnCase v8, Autopsy, R-Studio, OSForensics.

Maybe someone could suggest what could I additionally buy for my tasks?

P.S. I have lately encountered problems in cases where are I have servers with RAID configuration, maybe someone can suggest software/hardware for RAID server imaging and rebuilding.

Thanks.

 
Posted : 25/05/2018 10:01 am
(@mcman)
Posts: 189
Estimable Member
 

F-Response for logical RAID acquisitions and live servers you can't shut down is a nice one to have IMO. Allows you to do it over the network and avoid dealing with RAID issues or servers that the client won't let you shut down. A little slower over the wire but could be helpful based on what you have.

Jamie

 
Posted : 25/05/2018 12:52 pm
Igor_Michailov
(@igor_michailov)
Posts: 529
Honorable Member
 

Creating a digital forensic laboratory Tips and Tricks
https://www.digitalforensics.com/blog/creating-a-digital-forensic-laboratory-tips-and-tricks/

 
Posted : 25/05/2018 2:35 pm
tracedf
(@tracedf)
Posts: 169
Estimable Member
 

What kinds of cases are you handling? Do you do mobile at all? What are your current limitations?

Are you unhappy with any of your current tools and looking for a replacement or are you just looking to add something?

I use AXIOM as my primary application for most cases and supplement that with a variety of free and inexpensive tools. Tableau for write blocking. I use Autopsy occasionally and Forensic Explorer for a second perspective when I'm analyzing Windows.

 
Posted : 26/05/2018 2:07 am
(@ebmetric)
Posts: 10
Active Member
Topic starter
 

Thank You all for your time.

Jamie, definitely will check F-Response for RAID imaging.

What kinds of cases are you handling? Do you do mobile at all? What are your current limitations?

Are you unhappy with any of your current tools and looking for a replacement or are you just looking to add something?

I use AXIOM as my primary application for most cases and supplement that with a variety of free and inexpensive tools. Tableau for write blocking. I use Autopsy occasionally and Forensic Explorer for a second perspective when I'm analyzing Windows.

As I said previous "Mainly at my work I focus on acquisition of all type of data from computers and servers." I don't work with mobile phones.

About limitations, I have encountered few problems when task requires to acquire data from servers running with RAID configuration.

And am I disappointed/unhappy with tools/software. No everything is great I just look to add something new.

 
Posted : 28/05/2018 6:08 am
Share: