Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

forensics tools - preserving data?

from [Dana Rawson] Network Security [Permanent Link]
Subject: forensics tools - preserving data?
Date: 4 Oct 2004 17:44:06 -0000 


G'Day All,

Before I begin, I wanted to thank everyone who had provided me with direction 
on my last post regarding pgp.

Hopefully I have as simple a question as before.

I have a client who recently had to terminate an employee and part of their 
decision was based on dereliction of duty.  Basically too much time spent 
surfing the internet and not performing her expected duties.

They have asked me to gather the internet history, temporary internet directory 
files, etc.

I can pull up the files, archive them and explain the information to them.  But 
how do I go about extracting the information (i.e. The internet address of the 
many files that lie in the temp internet dir) so I am able to present it in 
acceptable fashion that they might use it in a court of law as evidence should 
it come to that.

I have been looking but can't seem to find what I think I need.  I have located 
tools on http://www.networkintrusion.co.uk/fortools.htm
 and see that NetAnalysis might prove useful but appears to be overkill.  Or is 
this exactly what I need?

Thanks in advance, again.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IDS taps, Clarke, Tyronne (Contractor)
Next by Date:  Re: Anyone know any good Assembly Language tutorials?, Mitchell Rowton
Previous by Thread:  XML based software interfaces and browser hijaking, Carey Myers
Next by Thread:  Re: forensics tools - preserving data?, GuidoZ
Indexes:  [Date] [Thread] [Top] [All Lists]