Revision as of 09:09, 18 July 2013 by Simsong
The idea of a 1-Page Forensics Report is to have a single page that conveys information about a piece of media, a network capture, or a file.
Disk Forensics 1-Page Report
Thoughts about what should go on the report:
- OS Release, Version and Patch Level
- Kernel Release
- Last Boot
- Installation Date
- Per-user information --- how many users? When was each logged on last
- IP addresses assigned.
- DHCP information
- ISPs that were in use
- DNS information
- Where the connections came from