Re: complete forensics suite for linux?

Top Page
Message as email
+ (text/plain)
+ (application/pgp-signature)
Delete this message
Reply to this message
Author: Technomage
Date: 2005-04-20 03:11 -000
To: plug-discuss
Subject: Re: complete forensics suite for linux?
On Tuesday 19 April 2005 19:45, wrote:
> When you say forensics suit, are you looking for something that will
> extract deleted files, or something that will guide you through system
> snooping, or something that will automatically produce an admissible
> custody trail that is court trusted. The first is about getting your
> information, the second some one else’s, the third is only for law
> enforcement.

I am looking for something that will do EVERYTHING. recovery of undeleted
files, magnetic field analysis, etc.

> There are a number of good packages for the first, a few for the second
> (though I always felt like working on one), and I do not know any Linux
> solutions for the third, though computer forensics is a big deal,
> particularly for the IRS. (What do you want I’m an accountant ;)