Difference between pages "Harlan Carvey" and "Talk:Tools:File Analysis"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Added link to new book)
 
(Are file hash analysis tools suitable for this page?)
 
Line 1: Line 1:
Harlan Carvey is a computer forensics author, researcher and practitioner. He has written several books and tools focusing on [[Windows]] systems and [[Incident Response|incident response]]. His computer forensics [[Blogs|blog]] [http://windowsir.blogspot.com/ Windows Incident Response] is updated on a regular basis.
+
Perhaps a few introductory words as to what kind of file analysis is intended would be helpful.
 
+
I was looking for a mention of the http://www.fileadvisor.bit9.com service, and could not decide
== Tools ==
+
if it was suitable for this page, or if it should go somewhere else. It's a collection of
 
+
file hashes, very useful for deciding if a file is reasonably well known by its file hash.[[User:Athulin|Athulin]] 02:41, 29 October 2007 (PDT)
* [http://sourceforge.net/project/showfiles.php?group_id=164158 Windows IR/CF Tools] - Hosted on Sourceforge, includes files for the [http://www.windows-ir.com/fsp.html Forensic Server Project] and [[Windows Memory Analysis]].
+
 
+
== Books ==
+
 
+
* ''[http://www.syngress.com/catalog/index.cfm?pid=4235 Windows Forensic Analysis]''
+
* ''[http://www.windows-ir.com/ Windows Forensics and Incident Recovery]''
+
* ''A Study of Video Teleconferencing Traffic on a TCP/IP Network''
+
 
+
[[Category:People]]
+

Revision as of 04:41, 29 October 2007

Perhaps a few introductory words as to what kind of file analysis is intended would be helpful. I was looking for a mention of the http://www.fileadvisor.bit9.com service, and could not decide if it was suitable for this page, or if it should go somewhere else. It's a collection of file hashes, very useful for deciding if a file is reasonably well known by its file hash.Athulin 02:41, 29 October 2007 (PDT)