Notifications
Clear all

Remote Acquisitions

1 Posts
1 Users
0 Reactions
757 Views
(@justin-fascetti)
Active Member
Joined: 7 years ago
Posts: 8
Topic starter  

Hello,
I am interested in setting up a process that will allow me to perform forensic acquisitions of computers remotely. Currently, I am performing on-site acquisitions, but am interested in building a platform that will allow me to perform the collections remotely if possible. My basic outline or idea for this is as follows

1. Use a Microsoft Azure VM as my forensic machine.
2. Use the Microsoft Azure VM to remotely access a client computer.
3. Perform a forensic acquisition of that client computer.
4. Have the forensic image created and stored on the VM (not the client computer).
5. Make sure I am leaving a light footprint on the client computer during the whole process.

Note that these are external acquisitions, meaning that I am not remoting into computers that are part of the same organization or on the same network.

I am trying to build a forensically sound and secure approach to this and would like some opinions on approaches.

Thanks!


   
Quote
Share: