File and directory timestamps are one of the resources forensic analysts use for determining when something happened, or in what particular order a sequence of events took place. As these timestamps usually are stored in some internal format, additional … Read more
by Dr Chris Hargreaves
Lecturer at the Centre for Forensic Computing at Cranfield University in Shrivenham, UK.
First published May 2010
By Lee Hui Jing, EnCe
Edited by Sarah Khadijah Taylor
A couple of months ago, one of my clients, an Investigating Officer from a Law Enforcement Agency, had requested me to extract some of the
First published October 2009
by Suhanov Maxim
ITDefence.Ru
Forensic Linux distribution is a customized Linux distribution that is commonly used to complete different tasks during computer forensics investigations. These distributions are often used to complete the following tasks:
–