Difference between revisions of "Main Page"

From ForensicsWiki
Jump to: navigation, search
m
m
Line 17: Line 17:
  
 
<!-- ARTICLE GOES HERE -->
 
<!-- ARTICLE GOES HERE -->
<small>July-2009</small>
+
<small>September-2009</small>
;'''[http://viaforensics.com/wpinstall/wp-content/uploads/2009/08/Android-Forensics-Andrew-Hoog-viaForensics.pdf Android Forensics]'''
+
;'''[http://www.blackhat.com/presentations/bh-dc-08/FX/Whitepaper/bh-dc-08-fx-WP.pdf Cisco IOS Forensics]'''
:Presentation on [http://viaforensics.com/android Android Forensics] by Andrew Hoog, Mobile Forensics World 2009. Presentation gives an overview of Android, explains how to root phones, and extract data from a phone once you have superuser access. One of the complications is that Android phones (like the T-Mobile G1) use YAFFS2, a flash-specific file system.
+
"Cisco System’s routers running Cisco IOS are still the prevalent routing platform on the Internet and corporate networks. Their huge population, architectural deficiencies and hugely diverse version distribution make them a valuable target that gains importance as common operating system platforms are closed down and secured.
 +
This paper takes the position that the currently used, well accepted practices for monitoring, debugging and post mortem crash analysis are insufficient to deal with the threat of compromised IOS devices. It sets forth a different method that reduces the requirement for constant logging, favoring on- demand in-depth analysis in case of suspicion or actual device crashes. The paper concludes by presenting the current state in the development of software supporting the proposed method and requesting feedback from the community on the software’s future directions."
 
<!--END OF ARTICLE-->
 
<!--END OF ARTICLE-->
  

Revision as of 18:06, 4 September 2009

This is the Forensics Wiki, a Creative Commons-licensed wiki devoted to information about digital forensics (also known as computer forensics). We currently list a total of 713 pages.

Much of computer forensics is focused on the tools and techniques used by investigators, but there are also a number of important papers, people, and organizations involved. Many of those organizations sponsor conferences throughout the year and around the world. You may also wish to examine the popular journals and some special reports.

Wiki Upgrade

27-AUG-09: We just got moved to a new server. Sorry about the downtime.


Selected Forensics Research

September-2009

Cisco IOS Forensics

"Cisco System’s routers running Cisco IOS are still the prevalent routing platform on the Internet and corporate networks. Their huge population, architectural deficiencies and hugely diverse version distribution make them a valuable target that gains importance as common operating system platforms are closed down and secured. This paper takes the position that the currently used, well accepted practices for monitoring, debugging and post mortem crash analysis are insufficient to deal with the threat of compromised IOS devices. It sets forth a different method that reduces the requirement for constant logging, favoring on- demand in-depth analysis in case of suspicion or actual device crashes. The paper concludes by presenting the current state in the development of software supporting the proposed method and requesting feedback from the community on the software’s future directions."


(Past selected articles are archived here.)


Topics


Categories

The contents of this wiki are organized into various categories:


You can help! We have a list of articles that need to be expanded. If you know anything about any of these topics, please feel free to chip in.