That actually looks really cool, if it works as it's supposed to. I'd
be interested in seeing some evaulations of it.
On 4/23/08, dave kleiman <dave@davekleiman.com> wrote:
Disclaimer: I am not in any way affiliated with this company, I receive no
funds of ANY kind from them.
I wanted to introduce all of you to this tool F-Response "The First Truly
Vendor Agnostic Solution for Remote Forensics and eDiscovery" -
http://www.f-response.com/
Neat thing I have found with this tool, it forwards your USB port of TCP/IP
to the remote computer, thus allowing you to put your "dongle" in locally,
but utilize it on the remote computer. Additionally, it works with every
disk imaging and data recovery software tested to date, including Encase,
FTK, R-Studio, E-ScanIT.
F-Response uses a patent-pending process based on well documented industry
standards to create a secure, read-only connection between the examiner's
computer and the computer under inspection.
F-Response makes the storage devices on the computer under examination
completely accessible to the examiner's computer where they appear as local,
raw, physical storage devices.
F-Response was designed to be completely vendor neutral. If your analysis
software reads a hard drive, it will work with F-Response.
The F-Response connection is completely read-only, functioning much like a
software write blocker. F-Response software protects the remote examiner,
because they cannot - even by mistake - alter any data on the computer
during the examination.
Respectfully,
Dave Kleiman - http://www.davekleiman.com
4371 Northlake Blvd #314
Palm Beach Gardens, FL 33410
561.310.8801
--
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
