Archive

Archive for the ‘Computer Forensic’ Category

Seagate Community Forum Closed

October 28th, 2015 Comments off

Dear Seagate Community User,
We did want to inform you that the Seagate Community forums were permanently taken down on October 7, 2015.  All posts and discussions will be inaccessible.
For any future Support questions, please utilize our other support offerings found at http://www.seagate.com/contacts/
Regards,
Seagate Customer Technical Support

seagate-community

Email Support

Get your questions answered by submitting an email case.

Contact Seagate

Get contact numbers for product support and sales. (For out of warranty phone support a $14.95 plus applicable taxes per incident fee will apply for customers in the United States and Canada. Most of our support services including product documentation, and our online technical support are available free of charge 24/7. )

Twitter Support

Tweet us your question.

Facebook Support

Get your questions answered on Facebook.

How to Become a Forensic Computer Professional

October 29th, 2012 Comments off

computerforensicprofessional A computer forensic professional collects electronic evidence and provides information to an investigation team. Being a computer forensic professional requires you to have skills to help criminal investigators solve computer crimes. You should have knowledge of criminology, business law and computer data analysis.

If you like crime scene investigation shows or the thought of cracking encrypted computer security codes excites you, then a career in computer forensics might be right up your alley. The requirements to become a computer forensics professional can vary. An associate or bachelor’s degree are two of the more common paths to a career in this field, but graduate degree programs are becoming more common. Forensic computer analysts made an average salary between $47,117 and $79,667 in 2010, according to PayScale.

  1. Obtain an associate or a bachelor’s degree. Having a degree in computer science or accounting will be more beneficial in finding a computer forensics job than having a criminology or criminal justice degree, says the U.S. Bureau of Labor Statistics. Associate and bachelor’s degree programs in the field of computer forensics are offered at schools such as ITT Technical Institute and Westwood College.
  2. Apply for positions with law enforcement agencies. Most law enforcement agencies will require you to pass an extensive background check and a series of written and psychological tests before they will hire you.
  3. Attend courses at a police academy. Although you can work in computer forensics as a civilian analyst, having insight into the criminal investigation process and police detective techniques can provide you with invaluable insight on how the criminal mind works and possibly provide you with a better understanding of how to access information that may be hidden on computer systems.
  4. Gain experience through hands-on training. Most computer forensics professionals learn about the specifics of their trade through the computer forensics training program offered by the law enforcement agency they work for, according to the U.S. Bureau of Labor Statistics. In fact, the bureau also notes that many utilize this training as a way to break into the field before moving on to the private sector.
  5. Obtain certification as a computer forensics investigator. Agencies and organizations such as the International Society of Forensic Computer Examiners offers certifications in the field that will give you the credentials that will set you apart from your competition for jobs or clients. Certification from the Society requires you to complete additional computer forensics training, have a minimum of 18 months of verified experience in the field and engage in self-study in digital forensics. Once your qualifications have been verified, you can then take the certification exam.

Be sure that the school that you enroll in is accredited. Be sure that you earn maintain an acceptable grade point average at the school you are enrolled in. Some two-year programs require that you complete 60 credit hours and earn nothing less than a 2.0 GPA. Ask the college you are applying to if you need to submit to a criminal background check. You may be excluded from admission to a post-secondary school if you have a previous felony conviction.

Learn Computer Forensics on Your Own

October 29th, 2012 Comments off

Expertise in examining computers and networks for evidence can not only lead to a well-paying career, it can be an exciting field to work in. Many people who work in computer forensics have received training through their employer as a law-enforcement professional or corporate sponsored training. This does not mean that someone can’t learn these skills on their own. Thanks to online training, hands-on practice, and dozens of books on the subject, anyone with an interest in computer forensics can learn the skill set needed for this job.

  1. Learn the basics. Before getting started in computer forensics, you need to have a foundation in what it entails.
  2. Download forensic software and see how it works. There are many different tools available that don’t cost anything; some of these can be found at Open Source Forensics. These solutions provide a perfect opportunity for someone to learn how to use different forensic software.
  3. Create virtual machines to use as target computers when learning the software. Virtual machine software, like VirtualBox allows you to create a virtual computing environment that you can use for testing.
  4. Locate online forensics training. Once you have a grasp of computer forensics, it is time to take your training to the next level. There are many tutorials that can be found online that will help you better learn the different forensic software. Additionally, you can look into training packages that for a price will teach specific skills and software.
  5. Read books on forensics. There are many different books written on the subject that cover software packages like EnCase, methodologies used in forensic cases, and certification study manuals.

Obtaining certification in computer forensics can show potential clients and employers that you have expertise in the field.

Check with law enforcement agencies in your area to see if you can shadow them on investigations.

Understand the chain of custody when dealing with computer evidence.

Certain states require someone who is performing a computer forensic investigation to be a licensed private investigator. Make sure you understand the laws of your state before you move forward with an investigation.

First Steps in Computer Forensics: Securing Your Network

May 20th, 2012 Comments off

First Steps in Computer Forensics: Securing Your NetworkNo matter how secure your infrastructure is, sooner or later you will become a victim of a computer crime. Someone may point a DDoS (Distributed Denial of Service) attack at your services, may sniff your network, or may copy/delete confidential information. You may not even realize such a thing has happened. However, in an organized and secured network, you will be notified at the first signs of an attack. Now what? Your first normal reaction would be to stop the attack with whatever means possible. However, that may not be the best response. If you don’t possess the needed knowledge yourself, it might be a good idea to leave the crime scene as it is and let a computer forensics investigator deal with it. Let’s focus on the steps that the investigator would take. You may choose to take these steps alone but you will most likely not have all the necessary support tools and systems for that.

  1. Document the system – name, date, time, purpose, hardware, software, it all matters.
  2. Collect evidence – all the information about the attack should be securely taken off the target system. This is usually done through specific software that hashes all the information. This way, the information is legitimate and can be used as formal evidence for prosecution. The evidence that is usually collected includes active network connections, processes loaded into memory, and a copy of all the information on the disk with the respective creation, modification, and access values. The collector should be confident about the security of the system used for storage and analysis of the copied evidence. Only after this step, is it beneficial to unplug or shut down the affected system. If the affected system is saving logs on a remote server, copy them as well, although they are less likely to be compromised by the attack. In Linux, programs could still be running even after their files have been deleted. You can search for such programs with the command: file /proc/[0-9]*/exe|grep “(deleted)” . If you want to make a copy of this list use: /bin/dd if=/proc/filename/exe of=filename .
  3. Recreate the timeline of the attack – once all the information is copied on a secured workstation, the timeline of the attack can be recreated from the times of creation, modification, and access of all the files. This should be done before anything else, because the other steps can change the original times of the files. The timeline will show the last executed file, the last created/deleted folder, executed scripts, etc.
  4. Deeper analysis of the affected system – using the information collected in the previous steps, a deeper analysis can be performed of the system in order to find suspicious installations, creation or deletion of folders, and the like. Forensics investigators have specific tools for this step.
  5. File information restoration – the slack or unallocated space can be investigated for parts of files that, when combined, may indicate the time of deletion of files. It can be useful for the recreation of the steps of the attacker.
  6. Search – use all the information gathered so far to search for specific names, IP addresses, and file names, that can point you to the intruder.
  7. Report – no matter if the compromised system is your company’s or another’s, it is always good to document all your findings during the investigation. If it’s done right it can even be used in court.

Don’t make the mistake of not taking computer crimes seriously! In today’s digital world, computer crimes are just as serious as any other ones. Don’t hesitate to call a specialist if you’re not sure you can handle the investigation process alone. If your organization is big enough and your budget allows it, think about creating a Computer Security Incident Response Team which will be prepared for computer crimes and will have procedures and resources in place to handle them properly.

http://blog.monitis.com/index.php/2012/05/17/first-steps-in-computer-forensics/

Syndicated stories and blog feeds, all rights reserved by the author.

Dell and AccessData Launched New Forensics Toolkit

March 21st, 2012 Comments off

Dell and computer forensics specialists Access Data have released their new Dell Digital Forensics Platform and Forensic Toolkit 4.0 at the International Security and National Resilience (ISNR) exhibition in Abu Dhabi.

adWP_logo

“Today’s launch of the FTK 4.0 is a significant milestone that marks the next phase of our efforts here in the Middle East. This release, which is unlike any other previously seen in the region, enables court-cited digital investigations and is built for speed, analytics and accuracy,” said Simon Whitburn, VP International Sales at AccessData.

The new forensics tool expands on AccessData’s existing solutions, to provide a turnkey solution for a wide range of investigative operations, including processing of forensic images and email archives; registry analysis; file decryption, password cracking, image creation and report building.

AccessData offers two expansion modules with the new version-Cerberus, a malware triage technology that provides threat scores and disassembly analysis to determine both the behaviour and intent of suspect binaries, and Virtualization for relationship analysis in multiple display formats, including timelines, cluster graphs, pie charts and more.

“We developed the combined platform in response to significant customer demand, in large part from this region. Dell has worked with us to provide a turn key digital forensics solution that enables our clients to get mobile very quickly. Partnerships with such leading organizations will play a pivotal role in our expansion in the region,” said Whitburn.

Access Data: http://accessdata.com/

AccessData is the leading provider of E-Discovery, Computer Forensics and Cyber Security software for law firms, corporations and government agencies

Dell Digital Forensics

In digital forensics cases, Dell can provide the tools and resources you need to process digital evidence, quickly and reliably. Click the below link to learn more:

http://content.dell.com/us/en/fedgov/fed-solutions-digital-forensics