Well,

I think that you need to go a bit deeper. If I find a PC with a blank hard drive and nothing works, I know what has happened and I know that you are hiding something. That is when it goes to the "clean room" and the rat hunt begins. The only limitation will be my determination and my budget.

The only true "anti forensics" is to pulverise the thing and dissolve the powder in a vat of acid. Then pour the acid down the drain (sorry, tree huggers )

So, the first anti-forensic "move" is to persuade the investigator that there is no need to use forensics...............................the more machines that they have to look at, the easier this is.

So something like "Norton Ghost" or a similar hard drive cloning/mirroring program is actually a potential tool. What you would do is format the drive and then use the cloning/mirroring software to superimpose an apparently innocent system image. That would throw most investigators off, as they wouldn't see anything to excite their interest and attention. Also, you would have overwritten the drive with valid data.

Please realise that once you have overwritten data, it is gone..........no software program will get it back for you............it is the "clean room" scenario and you are going to have to look at B]"track overlay"[/B] and "magnetic remnance"

Another potentially ignored anti-forensics tool is on the dark side of the web. Make sure that your box has a good few Trojans and Back Doors on it.............that will probably invalidate any forensic evidence that may be found, as it cannot be proven who put it there.

Then look at USB Drives, R/W CDs and DVDs..............................You simply load your OS and applications onto these, boot from them, and take them away with you afterwards. The only evidence you will leave behind is in the RAM sticks............and that needs the "clean room". A similar scenario is the removable drive..............so long as there is one in the bay, and it looks plausible, who is to know how many others there are out there?

I ask you guys for your opinion on a broad open topic and you still want more specific details
You are obviously very young and naiive. Wait until you get to deal with lawyers, accountants, doctors and the like...................it is called "being professional"; we don't do general questions........... and we charge like hell

I wrote this tutorial a while back: http://www.antionline.com/showthread...hreadid=248897

I was looking at a different angle, but the second section (electronic security) might give you some ideas?