Today : | at : | Safemode : ON
> Det_Not Hacker | White Hat Aliance | Angkasa Hacker Team | Indonesia | Satu Gertakan Untuk Pertahankan Bumi Pertiwi | Safework of Angkasa Pura database, server MIL.ID | Thanks for all support : BD Green Hat, Nation blood, ID Codding, Jakarta Style cracking, Newbie's HACKER, US ortodox specialist | Learn your skill here with our style.
Title Author Perms Comt Modified Category

Backtrack for Computer Forensics Unknown rwxr-xr-x 0 22:09

Title Backtrack for Computer Forensics
Permission rw-r--r--
Author Unknown
Date and Time 22:09
Category
Share
Computer or Digital Forensic has become popular right now. Computer forensics is a part of a digital forensic scientific discipline concerning authorized evidence seen in computer systems and also digital hard drive media (Wikipedia). Backtrack as the greatest security tool offers numerous resources intended for computer forensics. Not just penetration tests and also security attack, Backtrack additionally supports computer forensic. We are able to evaluate all kinds of operating systems, such as DOS, Windows, MAC, or UNIX.


The fundamental ways of computer forensics:

  1. Preparation
  2. Collection
  3. Examination
  4. Analysis
  5. Reporting
Computer forensic applications is actually work to investigate a digital evidence since numerous gadget could be potential evidence which help your computer analyst discover the reality. Evidence is found in data files and other facts locations. The consumer isn't aware which their own data has been created to their documents.

Backtrack linux offers several possible source to become trusted digital forensic applications. Backtrack offers a lot of resources that support computer analyst to accomplish several work such as Examine drive, Analyzing drive, Recovery drive, Vulnerabilities scan, Penetration testing, and also File interogration.

Classification of digital forensic tool.

Data Acquisition.
Data Acquisition is defined of software that is responsible to interrogate harddrive and get neccessary info from them.
Data Recovery and Carving.
The details Retrieval resources is placed of application that responsible to obtain remove data back again, inspecting invisible and also remove partition, as well as repairing the damaged block of filesystem. Information carving is actually taking out details (files) from undifferentiated blocks (raw data) with regards to data file identification.

Meta Data Analysis.
Meta Data Exploration is seeking invisible variable, to complete the meta details examination we want several software which could carry out exercise just like dissassembling a file (ducument/image/audio/video) and have invisible variable such as while had been data file final accessed, when had been it revised, or even simeting such as whenever had been data file may be produced and also utilizing exactly what applications it is may be produced

Network Forensic.
Network Forensic equipment isn't a lot different when match up against network security plan, cause that's have actual very same formula although most people do the reverese enginnering kinds. Network forensic tools protected this sort of jobs like make a good analysis of network visitors, captures data transmitted as part of TCP connections (flows)

Log File Analysis.
You will find the different parts of data files that could have got evidentiary value for example the day and also time of creation, modification, deletion, access, user name or identification, and file attributes. computer-created data files (log) which may be possible evidence are backup data files, log files, configuration files, printer spool files, cookies, swap files, hidden files, system files, history files, temporary files, link files, event logs.
Comments
0 Comments

0 komentar:

Post a Comment

Powered by Blogger.