Difference between pages "Vinetto" and "1-Page Report"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
m
 
(Created page with "The idea of a 1-Page Forensics Report is to have a single page that conveys information about a piece of media, a network capture, or a file. ==Disk Forensics 1-Page Report==...")
 
Line 1: Line 1:
{{Infobox_Software |
+
The idea of a 1-Page Forensics Report is to have a single page that conveys information about a piece of media, a network capture, or a file.
  name = Vinetto |
+
  maintainer = [[Michel Roukine]] |
+
  os = {{Linux}}, {{Windows}}, {{Mac OS X}} |
+
  genre = {{Metadata}} |
+
  license = {{GPL}} |
+
  website = [http://vinetto.sourceforge.net/ vinetto.sf.net] |
+
}}
+
  
'''Vinetto''' is a forensics tool to examine [[Thumbs.db]] files. It is a command line Python script that works on [[Linux]], [[Mac OS X]] and [[Cygwin]] (win32).
+
==Disk Forensics 1-Page Report==
 
+
Thoughts about what should go on the report:
A test page is [http://vinetto.sourceforge.net/test_JF_Beckers/vinetto.html here].
+
* OS Release, Version and Patch Level
 +
* Kernel Release
 +
* Language
 +
* Distribution
 +
* Last Boot
 +
* Installation Date
 +
* Per-user information --- how many users? When was each logged on last
 +
* IP addresses assigned.
 +
* DHCP information
 +
* ISPs that were in use
 +
* DNS information
 +
* Where the connections came from

Revision as of 09:09, 18 July 2013

The idea of a 1-Page Forensics Report is to have a single page that conveys information about a piece of media, a network capture, or a file.

Disk Forensics 1-Page Report

Thoughts about what should go on the report:

  • OS Release, Version and Patch Level
  • Kernel Release
  • Language
  • Distribution
  • Last Boot
  • Installation Date
  • Per-user information --- how many users? When was each logged on last
  • IP addresses assigned.
  • DHCP information
  • ISPs that were in use
  • DNS information
  • Where the connections came from