±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35868
New Yesterday: 3 Visitors: 129

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Hi, Advice please, Courses, Job prospects, Life !

Discussion of computer forensics employment and career issues.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 
  

steve862
Senior Member
 

Re: Hi, Advice please, Courses, Job prospects, Life !

Post Posted: Dec 07, 06 16:00

Audioleaf,

We don't get very many Linux or Unix machines in but do get a fair number of Apple Macs, which is a fairly similar operating system.

There are however some very useful Linux utilities when doing forensic work. The ability to disable mounting a disk as read/write so you can analyse the file-system without altering the files. The way you can use DD to create an image of the hard drive including unallocated space within partitions and space not allocated to any partitions. You can use the MD5 command to validate the integrity of the image. You can then use GREP to search for things XXD to analyse and so on. You could cary out a full exam using Linux only but the reality is that when you start a job in CF you will use FTK or EnCase. Even so that Linux knowledge would not be wasted as you could use it as a means of verifying what your main forensic tool is reporting. It might also impress future employers with your determination to get ahead and will give you skills they may not have in abundance.

Regards,

Steve
_________________
Forensic Computer Examiner, London, UK 
 
  

armresl
Senior Member
 

Re: Hi, Advice please, Courses, Job prospects, Life !

Post Posted: Dec 08, 06 05:28

Computer Security and Computer Forensics are two totally different things. If you are looking towards incident response then you will be analyzing a lot of files that you potentially wouldn't have and or need to analyze in a non live type system.

No one will ever have all the abilities that are needed to do everything associated with this type career, there are just too many different things to learn. Try focusing on one and keep your mind open to others while you are learning that one.
Lots of people talk about using Linux, but mostly the people mentioning this are well versed in this area already. You don't want to find yourself in the position of having a tool that you don't know the inner workings of besides putting in the CD and being told that it will not write to the drive and use such and such a command to execute a search.

If you have access to reading through testimony or depos of computer forensic related items, you should read through them. Knowing what types of questions that AUSA/Prosecutor's and defense attorneys might ask you will help you in items you may need to study more specifically.
_________________
Why order a taco when you can ask it politely?

Alan B. "A man can live a good life, be honorable, give to charity, but in the end, the number of people who come to his funeral is generally dependent on the weather. " 
 
  

AUDIOleaf
Newbie
 

Re: Hi, Advice please, Courses, Job prospects, Life !

Post Posted: Dec 08, 06 08:18

Hey steve and armresl, I appreciate the responses. Its good to know that the linux/unix course won't be wasted, and I think it would be smart if I did more research on the differences of computer security and computer forensics a little more closely. Because I was almost considering taking up that ISS degree, (info sys sec) and if it's different, I should focus on something more related to CF. Thanks again.  
 
  

az_gcfa
Senior Member
 

Re: Hi, Advice please, Courses, Job prospects, Life !

Post Posted: Dec 08, 06 11:57

I've watched this thread for a couple of days and thought I would throw out an idea or two.
Computer Forensics is not a hard field to get into if you do not mind starting at the very bottom. You can find low level entry positions with low pay in many areas. Many government contractors (US Gov't contracts) have positions. Last week I searched various East Coast USA based Government Contractors and found numerous positions [entry level 30-50K]. All the mid-level and up jobs required numerous years of experience. However, Computer Security jobs wer must more plentiful and had wider ranges in duties and pay.

After having worked in Computer Security for the last 15 years I would recommend that path as an initial career path. Smart Computer Security Managers understand the need for Computer Forensics in the Compliance, Governance and Management disciplines. I would think that starting out in Computer Security and later jumping to CF when an appropriate position was available would be wiser. I did CF in Computer Security before CF had any fancy name, title and so-called discipline.
_________________
Give a man a fish and he can eat today. Teach the man how to fish and he will be able to eat his whole life. 
 

Page 2 of 2
Page Previous  1, 2