Difference between revisions of "Main Page"

From ForensicsWiki
Jump to: navigation, search
m
m (WIKI NEWS)
(37 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#faf0ff; align:right; border:1px solid #ddccff;">
 
<div style="margin-top:0.5em; padding:0.5em 0.5em 0.5em 0.5em; background-color:#faf0ff; align:right; border:1px solid #ddccff;">
 
This is the '''Forensics Wiki''', a [http://creativecommons.org/licenses/by-sa/2.5/ Creative Commons]-licensed [http://en.wikipedia.org/wiki/Wiki wiki] devoted to information about [[digital forensics]] (also known as computer forensics). We currently list a total of [[Special:Allpages|{{NUMBEROFARTICLES}}]] pages.
 
This is the '''Forensics Wiki''', a [http://creativecommons.org/licenses/by-sa/2.5/ Creative Commons]-licensed [http://en.wikipedia.org/wiki/Wiki wiki] devoted to information about [[digital forensics]] (also known as computer forensics). We currently list a total of [[Special:Allpages|{{NUMBEROFARTICLES}}]] pages.
+
 
Much of [[computer forensics]] is focused on the [[tools]] and [[techniques]] used by [[investigator]]s, but there are also a number of important [[papers]], [[people]], and [[organizations]] involved. Many of those organizations sponsor [[conferences]] throughout the year and around the world. You may also wish to examine the popular [[journals]] and some special [[reports]].
+
Much of [[computer forensics]] is focused on the [[tools]] and [[techniques]] used by [[investigator]]s, but there are also a number of important [[papers]], [[people]], and [[organizations]] involved. Many of those organizations sponsor [[Upcoming_events|conferences]] throughout the year and around the world. You may also wish to examine the popular [[journals]] and some special [[reports]].
</div>  
+
</div>
  
<!-- Selected Forensics Research --> 
 
  
 +
==WIKI NEWS==
 +
2013-MAR-18: We have moved to a new server on hostgator and upgraded the mediawiki installation. All accounts and images have been restored from backups. There may be some hiccups, but it seems to be working.
 +
 +
{| width="100%"
 +
|-
 +
| width="60%" style="vertical-align:top" |
 +
<!-- Selected Forensics Research --> 
 
<div style="margin-top:0.5em; border:2px solid #ff0000; padding:0.5em 0.5em 0.5em 0.5em; background-color:#ffff99; align:center; border:1px solid #ddccff;">
 
<div style="margin-top:0.5em; border:2px solid #ff0000; padding:0.5em 0.5em 0.5em 0.5em; background-color:#ffff99; align:center; border:1px solid #ddccff;">
<h2 style="margin:0; background-color:#ffff33; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;"> Sleuth Kit and Open Source Digital Forensics Conference </h2>
+
<h2 style="margin:0; background-color:#ffff33; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;"> Featured Forensic Research </h2>
  
<!-- ARTICLE GOES HERE -->
+
<small>Jan 2013</small>
The first ever Sleuth Kit and Open Source Digital Forensics Conference will be held on June 9, 2010 in Chantilly, Virginia (USA) and feature talks by leading digital forensics tool developers. Participants can learn about using open source tools, how to integrate them into automated analysis systems, and join in open discussions about the strengths and weaknesses of existing tools. The conference will be of interest to existing open source users and to investigators who want to learn more about using open source tools.  
+
<bibtex>
 +
@article{young:distinct,
 +
title="Distinct Sector hashing for Target Detection",
 +
author="Joel Young and Kristina Foster and Simson Garfinkel and Kevin Fairbanks",
 +
  year=2012,
 +
month=Dec,
 +
journal="IEEE Computer"
 +
}
 +
</bibtex>
 +
Using an alternative approach to traditional file hashing, digital forensic investigators can hash individually sampled subject drives on sector boundaries and then check these hashes against a prebuilt database, making it possible to process raw media without reference to the underlying file system.
  
Some of the scheduled talks include:
+
(See also [[Past Selected Articles]])
* Brian Carrier speaking about The Sleuth Kit (TSK) and its new features.
+
* Jamie Butler speaking about using TSK in the MANDIANT software.
+
* Dario Forte speaking about the PTK interface to TSK.
+
* Rob Joyce speaking about using TSK in the Mac Marshall software.
+
* Simson Garfinkel speaking about AFFLib.
+
* Harlan Carvey speaking about making time lines of system activity with open source tools.
+
  
For more information about the conference, visit:
+
| width="40%" style="vertical-align:top" |
  
http://www.basistech.com/conference/2010/digital-forensics-overview.html
+
<div style="margin-top:0.5em; border:2px solid #00ff00; padding:0.5em 0.5em 0.5em 0.5em; background-color:#ffeeff; align:center; border:1px solid #ffccff;">
 +
<h2 style="margin:0; background-color:#ffff33; font-size:120%; font-weight:bold; border:1px solid #afa3bf; text-align:left; color:#000; padding-left:0.4em; padding-top:0.2em; padding-bottom:0.2em;">  Featured Article </h2>
 +
;[[Forensic Linux Live CD issues]]
 +
:Forensic Linux Live CD distributions are widely used during computer forensic investigations. Currently, many vendors of such Live CD distributions state that their Linux do not modify the contents of hard drives or employ "write protection." Testing indicates that this may not always be the case. [[Forensic Linux Live CD issues|Read More...]]
  
Program details and online registration will be available soon. Registration will be free to government employees. The conference is being held in conjunction with the Basis Technology Government Users Conference.
+
|}
 
+
<!--END OF ARTICLE-->
+
(Past selected articles [[Past Selected Articles|are archived here]].)
+
 
+
<!-- END OF NEWS -->
+
</div>
+
  
  
Line 62: Line 68:
 
* [[Steganography]], [[Steganalysis]]
 
* [[Steganography]], [[Steganalysis]]
 
* '''[[Metadata]]:''' [[MAC times]], [[ACLs]], [[Email Headers]], [[Exif]], [[ID3]], [[OLE-2]], ...
 
* '''[[Metadata]]:''' [[MAC times]], [[ACLs]], [[Email Headers]], [[Exif]], [[ID3]], [[OLE-2]], ...
 +
* '''[[Legal issues]]:''' [[Caselaw|Case law]]
 
* '''Further information:''' [[Books]], [[Papers]], [[Reports]], [[Journals]], [[Websites]], [[Blogs]], [[Mailing lists]], [[Organizations]], [[Vendors]], [[Conferences]]
 
* '''Further information:''' [[Books]], [[Papers]], [[Reports]], [[Journals]], [[Websites]], [[Blogs]], [[Mailing lists]], [[Organizations]], [[Vendors]], [[Conferences]]
 
</div>
 
</div>
Line 101: Line 108:
  
 
</div>
 
</div>
 
+
 
  
 
|}
 
|}

Revision as of 07:17, 19 March 2013

This is the Forensics Wiki, a Creative Commons-licensed wiki devoted to information about digital forensics (also known as computer forensics). We currently list a total of 725 pages.

Much of computer forensics is focused on the tools and techniques used by investigators, but there are also a number of important papers, people, and organizations involved. Many of those organizations sponsor conferences throughout the year and around the world. You may also wish to examine the popular journals and some special reports.


WIKI NEWS

2013-MAR-18: We have moved to a new server on hostgator and upgraded the mediawiki installation. All accounts and images have been restored from backups. There may be some hiccups, but it seems to be working.

Featured Forensic Research

Jan 2013

Joel Young, Kristina Foster, Simson Garfinkel, Kevin Fairbanks - Distinct Sector hashing for Target Detection
IEEE Computer , December 2012
Bibtex
Author : Joel Young, Kristina Foster, Simson Garfinkel, Kevin Fairbanks
Title : Distinct Sector hashing for Target Detection
In : IEEE Computer -
Address :
Date : December 2012

Using an alternative approach to traditional file hashing, digital forensic investigators can hash individually sampled subject drives on sector boundaries and then check these hashes against a prebuilt database, making it possible to process raw media without reference to the underlying file system.

(See also Past Selected Articles)

Featured Article

Forensic Linux Live CD issues
Forensic Linux Live CD distributions are widely used during computer forensic investigations. Currently, many vendors of such Live CD distributions state that their Linux do not modify the contents of hard drives or employ "write protection." Testing indicates that this may not always be the case. Read More...


Topics



You can help! We have a list of articles that need to be expanded. If you know anything about any of these topics, please feel free to chip in.