I agree with Jonathan here, i can't see why you should prefer a commercial tool purely on the basis you pay for it??
I'm sure a high percentage of us use a particular 'market-leading' tool day in day out, and we all know that has more bugs than your average episode of "i'm a celebrity".
Surely the point is whether you can verify/repeat your findings.
Commercial software is sometimes the better option when (and some do) they provide support in respect of court appearances etc.
The key with all forensic software is and always will be verify and repeat.
All,
Good news. Jonathan has very kindly agreed to review a selection of live CDs for publication here at Forensic Focus. Can we spend a little time drawing up a shortlist of those which we'd like to cover?
Just so that expectations are managed appropriately I want to stress that Jonathan is volunteering his (already limited) time for free so there has to be a sensible limit on the number of CDs he's going to cover and the amount of depth he can go into. With that said, I'm sure it'll be a very worthwhile exercise and my thanks to him for his generous offer!
Kind regards,
Jamie
Johnathan is clearly a star D
Can I put in a bid for
Johnathan is clearly a star D
Can I put in a bid for
DEFT to be reviewed? I have only had a "play" with it so far just to get a feel for it. Its very feature rich and is based on the Xubuntu Live CD.
Maybe just a little star… Not sure that I have the time to do a selection of CDs but am happy to do at least one. Perhaps the results would be more useful if there was some sort of framework to work towards, i.e, what are people looking for from such CDs?
Yes, sorry about the confusion, we got our wires crossed a little!
Jamie
helo
Was wondering if anybody knows the prices of
Helix Enterprise
Helix live response USB dongle
Helix live cd
Thx in advance
Regards
Keith
helo
Was wondering if anybody knows the prices of
Helix Enterprise
Helix live response USB dongle
Helix live cdThx in advance
Regards
Keith
Enterprise is $10K + depending on the number of clients deployed
Live Response on 16GB USB $499.95 (up to 64GB Available for additional charge)
Helix Pro $14.95* a month (before April 5, 2009)
Of course if you buy in quantity of for LE your actual cost and mileage may vary.
I have 2 things to comment on the Helix Live Response USB.
1.) Correct me if im wrong but the tool is collecting non volatile data, this seems silly as its resulting in more interaction with the system and producing a larger footprint.
2.) Im currently working on a U3 based live forensics project which performs the same functionality (apart from certain features as point 1 says) and i have managed to create this through the use of freeware tools and simple batch scripting for the automation.
Seems alot of money for such a tool.
As far as live stuff goes, Caine has a live Windows portion that is a bit impressive. Have not done a tool-by-tool comparison w/ Helix, but at first look it appeared to be close. Deft also has one, and a specific iso for flash drives. As far as I go right now, Helix, Deft, and Caine are my choices.
I seriously think one of them should implement Bitpim though.