Hello,
I was searching for a forum to get some recommended reading about disk encryption and managed to find this place, which seems like the perfect forum for what I’m looking for. I'm doing research as a precursor to official training in forensic imaging. It's all pretty new to me so simple guides and explanations are most welcome at the moment, though advanced guides and instructions would be great to know about for future reference.
This is what I initially wanted to focus on, but I’m open to suggestions about where I should begin my research
Disk encryption
-A description of the different types of encryption most commonly used and how they work
-A guide on recognizing what type of encryption is being used on a computer
Decrypting
-Recommended tools for decrypting a disk
-Decryption resources beyond commonly used tools
I'll be looking around the forum to try to find the best place to post this information request, though from what I’ve seen this seems like the appropriate area.
The person I will be working with told me that the most difficult part of the job is recognizing which encryption method is being used and the appropriate tools to use in any given case. I’d really like to have a good understanding of forensic imaging before I begin taking up anyone’s time with training, but I need to know a good place to start. Thanks in advance for any help!
I’d really like to have a good understanding of forensic imaging before I begin taking up anyone’s time with training, but I need to know a good place to start.
Get yourself some of the free imaging utilities, i.e. DD, FTK Imager, Raptor and start imaging. Read the man pages for the tools and find a beginning computer forensics book. Use the tools to image disks, thumb drives, etc. to get a "feel" for how they work.
I’d really like to have a good understanding of forensic imaging before I begin taking up anyone’s time with training, but I need to know a good place to start.
Get yourself some of the free imaging utilities, i.e. DD, FTK Imager, Raptor and start imaging. Read the man pages for the tools and find a beginning computer forensics book. Use the tools to image disks, thumb drives, etc. to get a "feel" for how they work.
Great, thanks for the advice! I'll just pick up any begginer's book to imaging, but if anyone has a particular book that they know is really good, please let me know.
FTK is one of the programs we have gone over a little bit, so I'll start with that.
Thanks again!
I'm just starting to read this document, so I'm not sure how good it is. If it ends up being very helpfull, maybe a sticky can be made so people new to forensic imaging can read a helpfull introduction
I'm starting with section 2 since it seems to be the most relevant to what I'll be doing. If someone has already read the document and has found it helpful and accurate, please let me know and I'll put in a request to have it easily accessible.
EDIT
Here is the main forensics page
http//
There are guide documents of the right side under Publications & Media.
An advanced guide
http//