-
May 17th, 2006, 02:51 PM
#21
Member
Spektor1080, huh? can you re-write your post in newbie language? Your reply went right over my head.
-
May 17th, 2006, 04:29 PM
#22
Hi Thager!
Originally posted here by Spekter1080
[B]
However, if the attacker gets into a [B]descent server , it should have raid hard drives and backup images............right? *trying to think logically*
- I think Spekter1080 is reacting on Gore's comment "They delete the files they took", however Spekter1080 didn't notice that Gore is implying that Hacker deletes a hacked file from the hacker's own Hard Drive, not the hacked system's Hard Drive (which Spekter1080 is trying to tell that it's a RAID (definition from webopedia) Hard Drive which is more sophisticated and can be found in descent Servers and with redundancy and backup system, which data are actually recoverable (still depends on proper configuration and degree of use).
Yo!
-
May 17th, 2006, 09:00 PM
#23
Member
didja hear that? whoosh! over my head there too...sorry to be such a lame-oh.
Anyway, still wondering why that one command didn't show me the Info folder. I can't imagine my computer's that squeeky clean.
-
May 17th, 2006, 10:52 PM
#24
Did you type the "dir" command?? haha...
Anyway, the best 2 ways of destroying the data beyond recovery is to:
A. Melt the platters like TH13 said...
B. Stick the HDD to an extremely powerful magnet, messing up the magnetic polarity on the platters...
C. All of the above
Relyt, very well written description .
You must spread your AntiPoints around before giving it to Relyt again.
-
May 18th, 2006, 05:57 PM
#25
Hey,
Looks like you are trying to recover some e-mails. You may be able to recover them but it requires a little bit of computer skills for doing that.
If could download a copy of FTK (Forensic Tool kit) from www.accessdata.com and install it , it may be possible. However, since you will not be having a licensed version, FTK will be able to recover only 5000 files/images. Essentially it will bring up a list of all the images , deleted files etc.. (only upto 5000 !) . Now all you have to do is to look under various sections (like deleted files, slack space etc...) to find the file.
The other ways are complicated and requires making an image of the drive. After that you can add the image to open source tools like sleuth kit to index through image.
Additionally, you can also go to forensicswiki.org to find some tools that will do this for you.
Good Luck!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|