Here's the quick list
2 Dell poweredge servers - high power custom configuration - 3822 each
2 21" monitors - 400 each
2 DVD burners - 100 each
2 Solo-3's - 2500 each
2 IDE drive locks - 350 each
5 250 GB IDE Drives - 180 each
5 120 GB IDE Drives - 100 each
5 80 GB IDE Drives - 90 each
SW
2 Encase forensic edition - 2500 each
Other HW
Fireproof Vault - 1200
This came to a little over 20k USD.
It might also be a good idea to have a couple laptops also for reporting, etc.
In addition to this, several freeware tools are also used and we do already have a printer to use when needed.
Is there any other HW or SW that I need to use and buy If I still have money?
I think in this lab we need more HW or SW (for example)
flash media card reader (readonly)
drives for diffrent kinds of removable media, like zip,mo,tape…
device that can protect usb storage (read only)
password cracking software
some device that can boot the Suspect OS (read only)
SW to check the Stego files
can you add more to you list? and detailed
For me, the reason I bought the Solo-3's was so I didn't have to worry about a bunch of different types of media acquisition. Also, with the Solo-3 you can image onto anything, I choose to image to a IDE hard drive because then all I need to do to hook it up to a forensic workstation is a IDE blocker, which can just be a cable.
I would have to add that I do use Passware for password cracking, and also have use PRTK that comes with the full version of FTK. Both are decent, since we run EnCase I use Passware now though. That should be added to the software list, but I think that runs around $500.
I'm not saying this is an exhaustive list, we are always looking to buy more stuff, but this is a start. If you want to get into more specialized stuff, you have to add that equipment.
There was nothing in there about software except for Encase
I would add
FTK Ultimate took kit
Data Sniffer
mount image pro
CD/dvd inspector
safeback
Knoppix
Reg mon
File mon
net analysis
kaazalizer
WRA
oxygen
bitform discover
ok im tired, there are many more but I wouldn't just have encase or just encase and ftk.
Also there are no other write blocks for SCSI, SATA, nor multiple write blocks for RAID or any equp for phones or pda's
There was nothing in there about software except for Encase
I would add
FTK Ultimate took kit
Data Sniffer
mount image pro
CD/dvd inspector
safeback
Knoppix
Reg mon
File mon
net analysis
kaazalizer
WRA
oxygen
bitform discoverok im tired, there are many more but I wouldn't just have encase or just encase and ftk.
Also there are no other write blocks for SCSI, SATA, nor multiple write blocks for RAID or any equp for phones or pda's
As I said, I only listed the commercial tools we use and what I had put in my budget. The freeware stuff I didn't have to put in my budget obviously. Also, I mentioned that we image everything onto IDE drives and only need the IDE blocker…that's just how we do it. As far as phone/PDA equipment - I didn't think that was neccessary for a base lab. However, if it is needed I would recommend Paraben for that.