Educause Security Discussion mailing list archives

Re: Best Forensic Tools?

From: Eric Case <ecase () EMAIL ARIZONA EDU>
Date: Tue, 30 Mar 2010 17:49:17 -0700

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of O'Callaghan,
Daniel
Sent: Tuesday, March 30, 2010 12:58 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Best Forensic Tools?

<snip>


I also recommend the SANS forensics courses 408 & 508 for training.


Speaking of SANS, the current issue of SANS NewsBites had this at the top of
the email:
Free Forensics Tool that rivals the commercial tools:
SANS faculty fellow Rob Lee created the SANS Investigative Forensic
Toolkit (SIFT) Workstation for use by students in the Computer Forensic
Investigations and Incident Response course (FOR 508) in order to show
that advanced investigations and investigating hackers can be
accomplished using freely available open-source tools.  Now he is making
it available to everyone who has to do forensics.   You can find it at:
http://computer-forensics.sans.org;
Look under the Community Tab -> Select Downloads
Note: When thousands of people are downloading SIFT at the same time,
the network slows down; please be patient.


-Eric

Eric Case, CISSP
eric (at) ericcase (dot) com
http://www.linkedin.com/in/ericcase

Current thread:

Best Forensic Tools? Wayne Samardzich (Mar 30)
- <Possible follow-ups>
- Re: Best Forensic Tools? Guy Pace (Mar 30)
- Re: Best Forensic Tools? Zach Jansen (Mar 30)
- Re: Best Forensic Tools? David Gillett (Mar 30)
- Re: Best Forensic Tools? Wayne Samardzich (Mar 30)
- Re: Best Forensic Tools? Bradley, Stephen W. Mr. (Mar 30)
- Re: Best Forensic Tools? O'Callaghan, Daniel (Mar 30)
- Re: Best Forensic Tools? Patrick Goggins (Mar 30)
- Re: Best Forensic Tools? Eric Case (Mar 30)