Forums
Main Category
General (Technical,...
Guidelines, Best Pr...
 
Notifications
Clear all

Guidelines, Best Practice, and Standards?!?!?!?

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by seawolf 17 years ago
7 Posts
5 Users
0 Reactions
968 Views
RSS
 michael.cannady
(@michael-cannady)
New Member
Joined: 17 years ago
Posts: 2
Topic starter 17/08/2009 10:33 pm   [#4379]

Anyone have a comprehensive list of RECENT Guidelines, Best Practice, and Standards for Digital and Computer Forensics. I'm writing a paper and need some info. I have found a lot of stuff from NIST and DoJ .. it just all seems very old and outdated.
Thank you in advance,
Michael



   
Quote
 douglasbrush
(@douglasbrush)
Prominent Member
Joined: 17 years ago
Posts: 812
17/08/2009 11:15 pm  

Have you gone through everything at SANS?

http//www.sans.org/reading_room/



   
ReplyQuote
 douglasbrush
(@douglasbrush)
Prominent Member
Joined: 17 years ago
Posts: 812
18/08/2009 3:22 am  

And
http//www.faqs.org/rfcs/rfc3227.html

2002 but still very relevant. Harlan Carvey - referenced it in Windows Forensic Analysis 2 that just came out a few months ago. That is another good resource as well.



   
ReplyQuote
alien
 alien
(@alien)
Eminent Member
Joined: 21 years ago
Posts: 32
18/08/2009 5:06 pm  

Hi Michael,

I did my dissertation back at 2006 on standards/guidelines moslty focusing on the collection phase. I used methodologies from UK, Europe, Hong Kong, Australia and also the ones you refer. Unfortunatelly most of the links are not active today. So I can only suggest looking at their main sites for locating the guidelines

http//www.isfs.org.hk/ , Information Security and Forensics Society (Hong Kong)

http//www.aic.gov.au/ , Australian Institute of Criminology

http//www.enfsi.eu/ , European Network of Forensics Science Institutes

http//www.ncjrs.gov/ , National Criminal Justice Reference Service (USA)

http//www.ncfs.org/digital_evd.html, National Center for Forensic Science (USA)

For reference and compliance International Association of Computer Investigative Specialists http//www.iacis.com/

There was also a treaty by the Council of Europe that suggested some actions, but not in the format of a guideline. It leaved space for localisation and mainly refered to the ISP traffic and stored data http//www.coe.int/

Also look at www.ioce.org (International Organization on Computer Crime), it had a best practice guide, using the G8 principles for digital evidence.

I finally found useful RFC3227 (Guidelines for Evidence Collection and Archiving), http//www.faqs.org/rfcs/rfc3227.html.

Hope this helps,

Maya.



   
ReplyQuote
packys
 packys
(@packys)
Trusted Member
Joined: 22 years ago
Posts: 32
18/08/2009 8:39 pm  

Probably has the most recent information on standards

SWGDE
http//www.swgde.org/

Others not already mentioned

ACPO Good Practice Guide for Computer-Based Evidence
http//www.7safe.com/electronic_evidence/index.html#

Best Practices for Seizing Electronic Evidence
http//www.forwardedge2.com/

Directors' and Corporate Advisors' Guide to Digital Investigations
http//www.iaac.org.uk/Portals/0/DigitalInvestigationsGuide.pdf

Suggest looking at the 'Digital Insider' series of articles
http//www.forensicmag.com/articleindex.asp

Best of Luck!



   
ReplyQuote
 michael.cannady
(@michael-cannady)
New Member
Joined: 17 years ago
Posts: 2
Topic starter 20/08/2009 9:34 pm  

Thank you all for the quick responces. I had some of this material, but there is a lot of new stuff I have not covered yet. I really appreciate the feedback!
Thanks,
Michael



   
ReplyQuote
 seawolf
(@seawolf)
Active Member
Joined: 17 years ago
Posts: 5
25/08/2009 5:09 pm  

I've started with a small forensics project (yep, another Live CD!) and am thinking of keeping a delicious tag for beginners-forensics or something similar if you want to do so as you find things? I should get round to doing it this weekend or so.

Good luck!

Ben



   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: