Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: what do people want?

  1. #11
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    Id like to see some more info on how to gather information on what a user is/has been doing on a computer, I.E. surfing habits, files opened, dos commands used etc. From the info windows stores, what tools are best and how to use them.

    And/or

    How to analyze windows malware, I.E. what to look for and what to do with the information you acquire.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #12
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    I've always been most interested in case studies. Like most aspects of criminology, it seems that you can learn the most by reading about specific incidents, how they were handled, and what the end results were.
    i would like that too. There is tons of material on internet about forensincs, but most of time i have no idea how use that on a specific subject. I rather prefer to see "the action". Instead of a tut writters, "story tellers" will be appreciated.
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  3. #13
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    I've got a couple of hundred megs to spare on the same server the Tutorials Index is on if you can come up with something worthwhile...

  4. #14
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    Something worthwhile? mwahaha everything I do is worthwhile neg Give me a little time to compile tools with JP. I've got oodles that I use daily..and he's got some goodies.



    Tedob1: mmmm malware analysis..now that's got secks appeal, and that's half of what I am doing.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  5. #15
    Following DJScribble: I would like to see a low level formatter that will actually work on more than one companies hard drive. A bootable floppy, or CD/DVD image. It seems to me that each hard drive manufacturer has their own "low level format utility", but something that could be used industry wide would be great.
    There wasn\'t any paper used here, but millions of electrons were terribly inconvenienced

  6. #16
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    Ok, let's get one thing straight.

    Low level formatting doesn't really exist anymore except in terminology only.

    Low level formatting used to be when everything about the drive would get rewritten. ie the sector information would be re-traced on to the disk and the tracks would be re-defined to return the drive to factory defaults. This is why they never handed them out, and why they ruined the disk 50% of the time.

    [EDIT]
    **Note this is my experience with LLF..not what the rest of the world experienced.**
    [/EDIT]

    The low level formatting you are familiar with today is simply nothing more than a utility that writes 0's to the drive. They are called zero fill utilities. They typically exist in 2 flavors. One will do a quick fill, which means it wipes the partition information and the mbr. a full fill writes 0's to every sector on the disk, effectively blanking it.
    You want to fill a disk with 0's and have it be independent of the disk? use linux.
    dd if=/dev/zero of=/dev/<insert hard drive name here>. add /dev/random in there and have a blast! just start typing crap on the keyboard to feed it.
    There are much better utilities to use that accomplish the same thing and they do a better job. For instance..symantec(norton) ghost has a utility called GDISK. gdisk can wipe a drive following DoD standard 5220.22-M, which is flushed and filled 7 times with 0's and then random characters. google that number and you can read it in detail.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  7. #17
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    HogFly, great idea for a thread. Since I'm getting into the field of forensics for a career, I'd like to see more strategies used in the field, tools, tips/tricks, and job opportunities available. I'd also would like to see what the job requires out of a forensics analyst and how one can better improve oneself for the job.

    Peace.


    /Edit:

    IN response to secgod:

    If you are trying to properly dispose of the floppy disks and the CD roms or any other portable media, which you are not planning on using again, a butane lighter, a shredder or a hammer or anything that you can think of to destroy it...can be quite effective. As for an industry wide tool, many hardware magnetic data erasers are available today. We used those to erase all the data from the HDDs at the Bank i worked for. Before we donated the computers (we were upgrading), we went through each HDD, and passed them through the magnet...as far as I noticed...it was pretty effective.

  8. #18
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    Originally posted here by Cybr1d

    /Edit:

    IN response to secgod:

    If you are trying to properly dispose of the floppy disks and the CD roms or any other portable media, which you are not planning on using again, a butane lighter, a shredder or a hammer or anything that you can think of to destroy it...can be quite effective. As for an industry wide tool, many hardware magnetic data erasers are available today. We used those to erase all the data from the HDDs at the Bank i worked for. Before we donated the computers (we were upgrading), we went through each HDD, and passed them through the magnet...as far as I noticed...it was pretty effective. [/B]
    http://www.datarecovery.net/Case_Studies.asp

    ph33r the electron microscope and the clean lab!!! Of course they probably got lucky with the burned hard drive and tapes...

    magnets are fun, but hammers, screwdrivers across running platters, and shotguns are so much more entertaining. I forget who it was..but a friend of mine suggested you save all of your hard drives for disposal, then rent a steamroller
    I saw one video of a guy that poured magnesium(or was it mercury..) in to his laptop and lit it. Now that was funny!
    and the microwave works wonders on cd's..it melts the protective layer off in a little light show.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  9. #19
    I dont have the time now to looks for posts and thread, but how come you became a moderator (not that i'm against it, i'm just curious. i saw that you had the mod title in JP's suggestion thread and i didnt see any announcement etc...

    well off to work

    and oh...back to topic please....

    I would like to see stupid threads closed Yeah yeah, i'll use the report button more often now !
    O.G at A.O

  10. #20
    BANNED
    Join Date
    Nov 2003
    Location
    San Diego
    Posts
    724
    He's the moderator of the forensics forum. Hence the post to find out what's wanted in the forensics forum.

    I don't really have much to add to what's been said but I'm interested in the developements soon to come.

    Oh, and here's the thread kind of announcing//welcoming him as a moderator. :P

    http://www.antionline.com/showthread...hreadid=262202
    When death sleeps it dreams of you...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •