$Logfile (NTFS)

General (Technical, Procedural, Software, Hardware etc.)

Last Post by iruiper 19 years ago

3 Posts

2 Users

0 Reactions

509 Views

RSS

iruiper

(@iruiper)

Estimable Member

Joined: 19 years ago

Posts: 145

Topic starter 31/05/2006 11:01 pm

Does anyone know how to extract usefuld data in a forensic investigation from the $logfile hidden file in a NTFS file system?

Quote

keydet89

(@keydet89)

Famed Member

Joined: 21 years ago

Posts: 3568

31/05/2006 11:59 pm

Yes. Start with Brian Carrier's "File System Forensics" book.

Is there anything in particular that you're looking for?

Harlan

ReplyQuote

iruiper

(@iruiper)

Estimable Member

Joined: 19 years ago

Posts: 145

Topic starter 01/06/2006 4:09 pm

Mmmm… nope. Nothing in concrete. I just wanted to know what kind of information I could find inside and how to extract it. Thank you for the recommendation on the book 😉

ReplyQuote

Podcast: Well-Being In Digital Forensics And Policing: Insights From Hannah Bailey

Hannah Bailey shares her journey from frontline policin...

By Zoe , 3 days ago
RE: Android Forensics

Hi, Try decompressing the file using zlib in python. ...

By Dexter4n6 , 4 days ago
Interview: Neal Ysart, Co-Founder, The Coalition of Cyber Investigators

Neal Ysart shares how The Coalition of Cyber Investigat...

By Zoe , 4 days ago

8 Forums
15.7 K Topics
92.3 K Posts
16 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed