Difference between revisions of "DIBS"
From Forensics Wiki
(→Features) |
|||
| Line 9: | Line 9: | ||
==File Systems Understood== | ==File Systems Understood== | ||
| + | |||
| + | (unknown) | ||
==File Search Facilities== | ==File Search Facilities== | ||
| + | |||
| + | * Lists allocated and unallocated files. | ||
| + | * Sorts files by type. | ||
| + | * Searches for keywords. | ||
| + | * Registry Viewer | ||
==Historical Reconstruction== | ==Historical Reconstruction== | ||
| Line 18: | Line 25: | ||
==Searching Abilities== | ==Searching Abilities== | ||
| − | Can | + | * Can use basic keyword searching. |
| + | * Offers full-text indexing. | ||
==Hash Databases== | ==Hash Databases== | ||
| − | + | * Offers the "Hash Library-KFF". | |
| − | + | ||
==Evidence Collection Features== | ==Evidence Collection Features== | ||
Revision as of 10:43, 6 March 2006
Contents |
DIBS
This Fort Worth based company makes forensics software and packages it with portable hardware for investigators in the field with desktop workstations for offices.
Features
File Systems Understood
(unknown)
File Search Facilities
- Lists allocated and unallocated files.
- Sorts files by type.
- Searches for keywords.
- Registry Viewer
Historical Reconstruction
Can it build timelines and search by creation date?
Searching Abilities
- Can use basic keyword searching.
- Offers full-text indexing.
Hash Databases
- Offers the "Hash Library-KFF".
Evidence Collection Features
Can it sign files? Does it keep an audit log?
History
Originally written in (YEAR), it has now developed into a Forensic Edition and an Enterprise Edition.
License Notes
Is it commercial or open source? Are there other licensing options?
External Links
EnCase Homepage - http://www.guidancesoftware.com/lawenforcement/ef_index.asp
