Difference between revisions of "ProDiscovery"
|(One intermediate revision by one other user not shown)|
Latest revision as of 03:36, 11 June 2007
This tool from Tech Pathways will gather data from most major file systems and perform some analysis.
File Systems Understood
- FAT12, FAT16, FAT32
- Solaris UFS
- Linux ext2/ext3
File Search Facilities
- Uses a set of Perl scrypts.
Can it build timelines and search by creation date?
Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?
Evidence Collection Features
- Generates an XML-based report about the analysis.
"Each single end-user license purchased of ProDiscover® entitles a single user the right to use the ProDiscover® software. Copies of ProDiscover® may be installed on up to three machines provided, however, that only one copy is in use at any given time. ProDiscover® installations may also be moved as needed. See the ProDiscover® End-User License Agreement for details. Site and Enterprise licenses are also available for ProDiscover®."