I am currently coming up with a shopping list for our lab and would like some advice on what to buy regards the following
1. Write Blockers/Imaging solutions - We have been using a normal laptop and the old Fastbloc which has wires exposed which I have had to weld several times. Which write blockers or imaging solutions would you recommend? I will need the write blocker to SATA, IDE (2.5" and 3.5"), eSATA and USB compatible.
2. Analysis machines - currently we are using 2 ordinary desktop machines (3GB RAM) for analysis work such as evidence compression, indexing, keyword searching, etc. These machine are rather slow, which machines would you recommend?
3. Indexing software - currently using Intella for indexing and keyword searching. I would be more comfortable with indexing a whole hard drive rather than indexing the a folder like Intella does. Do you know of any indexing software that indexes a whole hard drive?
4. Equipment Carry bag - currently we have been using laptop bags which are not good and have to squash things together. What suitable bag would you recommend for carrying imaging equipment and hard disk when going for a field job (ideally a bag that can be carry on luggage in a plane)?
Budget for all the above is about $10,000 - $13,000
I will highly appreciate your responses.
You have 12 minutes
build your own machines, at least you can specify what you want.
other stuff, mostly tableau's are used - not sure of other equipment out there…
carry bag's wise look at the peli case's great and tough…
Sorry, was going to reply then realised the 12 minutes were up….
I've got the same request as far as equipment and what not.
I have to agree with fuzed on the machines. I am building my own. It cuts down on all the overhead and 'junk' installed on off the shelf boxes.
I'm certainly interested in hearing what the suggestions are out there for write blockers, imaging software, and analysis software. I know the two big names out there with FTK and Encase, but my budget is even smaller… which leads me to try to do this with at little cost as I can (knocks out the big names).
I'll make it a little easier and make it 12 days instead of minutes…. heck, I work for the government. I can't spend money anyway!
Couchie, for 'cheap' forensic software, take a look at X-Ways, that's got to be (ignoring open source) the best value for money forensics software, and I know many would argue best regardless of cost.
Greetings,
Building your own is great if you're into that sort of thing, but it isn't something I enjoy doing so I often just order what I need from Dell. Since the first thing I do is reinstall the OS, none of the bloatware affects me, and since Dell allows you to customize the hardware, I don't get anything I don't want.
This also means that I get support service for the system, something that has come in handy on a few occasions. Pull the drives, return the system to Dell, get a working one back.
-David
You bring up a few good points Kovar. I'm a geek from way back and still to this day like building my own machines so it is indeed a personal preference.
Rich2005, I've written to the sales department of X-Ways to see if they will allow an evaluation version. I think the toughest part of my job is selling the need[/] to have quality software to help reduce the workload on me. I am getting flooded with cases now that the word has spread in my area that we do computer/cell phone forensics! Always looking for ways to streamline!