Difference between pages "Fbi (tool)" and "P2PMarshal"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
(Initial version)
 
Line 1: Line 1:
{{expand}}
 
 
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = Nuix FBI |
+
   name = P2P Marshal|
   maintainer = [http://www.nuix.com/ Nuix] |
+
   maintainer = [[ATC-NY]] |
   os = [[Windows]] |
+
   os = {{Windows}} |
   genre = {{Analysis}} |
+
   genre = {{File forensics}} |
   license = {{commercial}} |
+
   license = Commerical (free to law enforcement) |
   website = [http://www.nuix.com/Products www.nuix.com/Products] |
+
   website = [http://p2pmarshal.com p2pmarshal.com] |
 
}}
 
}}
  
Nuix FBI is now called Nuix (Desktop) Investigator. The forensic license for Nuix Desktop is called Forensic Desktop.
+
P2P Marshal is a program that helps an investigator discover and analyze [[file sharing]] software on a disk.
 +
 
 +
P2P Marshal operates on a logically mounted drive (i.e., a restored image of a disk, mounted as D:, E:, etc.) or a subdirectory (e.g., unzipped or untarred archive).  It is designed to run under Windows, though as a Java-based program, it should be able to run on other platforms.
 +
 
 +
When run, it first detects the presence of P2P client programs.  Then, for each program detected, it presents various information, such as downloaded and shared files, peer servers, and log messages.  For some clients, additional  information may be displayed, such as host ID numbers, total runtime, and other parameters tracked by the client.  P2P Marshal displays the information either on a per-user basis or for all users.  It also provides an extensive search capability, produces customizable summary reports in PDF, HTML, and RTF formats, and maintains an audit log of all actions performed by the investigator.
 +
 
 +
It currently supports LimeWire and several BitTorrent clients, Areas, and Hello, and detects the presence KaZaA.
 +
 
 +
As of January 2008, the 1.0 will be available at no cost to law enforcement, with a commercial version available to non-law enforcement.
 +
 
 +
=Authors=
 +
P2P Marhsal was developed by ATC-NY through a National Institute of Justice (NIJ) grant.  The project was originally named File Marshal.
 +
 
 +
= External Links =
 +
* [http://dfrws.org/2007/proceedings/p43-adelstein_pres.pdf DFRWS'07 File Marshal paper (pdf)]
 +
* [http://www.p2pmarshal.com/ Official website (coming soon)]
 +
* [http://atc-nycorp.com ATC-NY]
  
== External Links ==
+
[[Category:Peer-to-peer forensics tools]]
* [http://www.nuix.com/ Official website]
+

Revision as of 15:24, 15 November 2007

P2P Marshal
Maintainer: ATC-NY
OS: Windows
Genre: Template:File forensics
License: Commerical (free to law enforcement)
Website: p2pmarshal.com

P2P Marshal is a program that helps an investigator discover and analyze file sharing software on a disk.

P2P Marshal operates on a logically mounted drive (i.e., a restored image of a disk, mounted as D:, E:, etc.) or a subdirectory (e.g., unzipped or untarred archive). It is designed to run under Windows, though as a Java-based program, it should be able to run on other platforms.

When run, it first detects the presence of P2P client programs. Then, for each program detected, it presents various information, such as downloaded and shared files, peer servers, and log messages. For some clients, additional information may be displayed, such as host ID numbers, total runtime, and other parameters tracked by the client. P2P Marshal displays the information either on a per-user basis or for all users. It also provides an extensive search capability, produces customizable summary reports in PDF, HTML, and RTF formats, and maintains an audit log of all actions performed by the investigator.

It currently supports LimeWire and several BitTorrent clients, Areas, and Hello, and detects the presence KaZaA.

As of January 2008, the 1.0 will be available at no cost to law enforcement, with a commercial version available to non-law enforcement.

Authors

P2P Marhsal was developed by ATC-NY through a National Institute of Justice (NIJ) grant. The project was originally named File Marshal.

External Links