I recently found it necessary to quickly grab a large amount of SYSTEM registry files to determine the current control set and time zone information. FTK displays this information upon…
In my last post, I mentioned two useful FTK filters for quickly finding files of interest. Below are two more that may be helpful to a digital investigator examining a…
I have been working on a forensic investigation of about 20 Windows Server 2008 R2 VMs using FTK 4.2. FTK makes examining many systems manageable. One feature that has saved…
A client consulted me about going to a paperless environment. His company utilizes several different forms and numerous other documents through the course of daily business. These documents were typically…
I am just starting to learn the power of bash scripting. So, this script below may not be the best way of doing this, but hear me out. I often find…
The other day I was trying to log in with a newly created user in CentOS Linux with the The United States Government Configuration Baseline (USGCB) security settings applied. The…
Folks, I am a bit sick of hearing “cloud” used as the latest buzzword to describe anything from a simple website hosted on a shared server sitting in a datacenter…
Admin Note: This post is in response to a recent posting I made regarding Google’s wireless collection activities. This “Security Short” provides some brief information on improving the security of…
Enterprises develop policies for protecting all kinds of assets, both physical and virtual. Some of these policies cover Operations Security or OPSEC. Examples of OPSEC include not displaying your company…
Admin Note: This post is in response to a recent posting I made regarding Google’s wireless collection activities. This “Security Short” provides some brief information on improving the security of…