Difference between pages "Tools:Data Recovery" and "Federal Bureau of Investigation"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Carving)
 
(Key Cases relevant to FBI and CyberCrime)
 
Line 1: Line 1:
{{Wikify}}
+
{{Expand}}
  
= Partition Recovery =
+
[[Category:Federal investigative agency]]
  
; [[Partition Table Doctor]]
 
: http://www.ptdd.com/index.htm
 
  
; [[parted]]
+
The Federal Bureau of Investigation (or FBI) is a US government agency responsible the primary role in investigation of federal crimes except for those crimes allocated to other agencies.  
: The Linux partition management tool.
+
  
; [[Active Partition Recovery]]
+
Disambiguation on the [http://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation FBI]
: ...
+
  
; [[gpart]]
 
: http://www.stud.uni-hannover.de/user/76201/gpart/
 
  
; [[Testdisk]]
+
Relevant to computer forensics are the current Primary National Priorities include
: http://www.cgsecurity.org/wiki/TestDisk
+
Counterintelligence, Counterterrorism and Cyber Crime [http://www.fbi.gov/cyberinvest/cyberhome.htm  FBI role in Cyber Crime]. 
  
== See Also ==
+
Ongoing missions include Public Corruption, Civil rights, White Collar Crime, Organized Crime, and Major thefts and Violent Crime.
  
* [http://support.microsoft.com/?kbid=166997 Using Norton Disk Edit to Backup Your Master Boot Record]
+
== FBI and Cyber Crime ==
 +
  
== Notes ==
+
The FBI investigates computer intrusions (bots, malware, etc), predators, priacy and intellectual property theft, and internet fraud.
  
* "fdisk /mbr" restores the boot code in the [[MBR]], but not the partition itself.
+
== Key Cases relevant to FBI and CyberCrime ==  
= Data Recovery =
+
  
; [[BringBack]]
+
The Titan Rain attacks provides insight both into Chinese attacks on US companies and the limits of legal risks taken by non Law Enforcement persons in collecting data on foreign attackers[http://en.wikipedia.org/wiki/Titan_Rain Titan Rain]
: http://www.toolsthatwork.com/
+
: BringBack offers easy to use, inexpensive, and highly successful data recovery for Windows and Linux (ext2) operating systems and digital images stored on memory cards, etc.
+
  
; [[ByteBack Data Recovery Investigative Suite v4.0]]
+
Russian Attacks [http://en.wikipedia.org/wiki/Moonlight_Maze Moonlight Maze]
: http://www.toolsthatwork.com
+
: Now with UDMA, ATA & SATA support, memory management and greater ease and control of partition and MBR manipulations, ByteBack continues to uphold it's viability as the computer forensics and recovery application of professionals.
+
  
; [[RAID Reconstructor]]
 
: http://www.runtime.org/raid.htm
 
: Runtime Software's RAID Reconstructor will reconstruct [[RAID Level 0]] (Striping) and [[RAID Level 5]] drives.
 
  
; [[Salvation Data]]
+
== How to report cyber crime ==
: http://www.salvationdata.com
+
: Claims to have a program that can read the "[[bad blocks]]" of [[Maxtor]] drives with proprietary commands.
+
  
=Carving=
+
Do file an online report at the FBI's [http://www.ic3.gov/ IC3 Internet Crime Complaint Center]
; [[DataLifter DataLifter® - File Extractor Pro]]
+
: http://www.datalifter.com/products.htm
+
  
; [[Scalpel]]
+
Do not break wiretapping, pen register or trap and trace laws (which restrict this to Law Enforcement).
: Currently the most popular open-source carving tool.
+
  
; [[EnCase]]
+
== Forensic Evidence ==
: EnCase comes with some eScripts that will do carving.
+
  
; CarvFs
+
Carnivore and the Collection of Internet Data
A virtual filesystem (fuse) implementation that can provide carving tools
+
[http://en.wikipedia.org/wiki/Carnivore_(FBI) Carnivore]
with the posibility to do recursive multi tool zero-storage carving
+
(also called in-place carving). Patches and scripts for scalpel and
+
foremost are provided. Works on raw and encase images.
+
: http://ocfa.sourceforge.net/libcarvpath/
+
  
; LibCarvPath
+
== Limitations on the FBI and collection of Computer Forensic Evidence ==
: http://ocfa.sourceforge.net/libcarvpath/
+
 
A shared library that allows carving tools to use zero-storage carving on
+
The FBI is limited by specific laws including the [http://en.wikipedia.org/wiki/USA_PATRIOT_Act US Patriot Act],[http://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act Communications Assistance for Law Enforcement Act (CALEA)], and the [http://en.wikipedia.org/wiki/Foreign_Intelligence_Surveillance_Act Foreign Intelligence Surveillance Act of 1978 or FISA (USC 50)].
carvfs virtual files.
+
 
 +
== Books ==
 +
Diffie and Landau : Privacy on the Line (2007) MIT Press
 +
 
 +
== Other References  ==
 +
Source http://www.fbi.gov/cyberinvest/cyberhome.htm

Revision as of 15:13, 21 June 2007

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.


The Federal Bureau of Investigation (or FBI) is a US government agency responsible the primary role in investigation of federal crimes except for those crimes allocated to other agencies.

Disambiguation on the FBI


Relevant to computer forensics are the current Primary National Priorities include Counterintelligence, Counterterrorism and Cyber Crime FBI role in Cyber Crime.

Ongoing missions include Public Corruption, Civil rights, White Collar Crime, Organized Crime, and Major thefts and Violent Crime.

Contents

FBI and Cyber Crime

The FBI investigates computer intrusions (bots, malware, etc), predators, priacy and intellectual property theft, and internet fraud.

Key Cases relevant to FBI and CyberCrime

The Titan Rain attacks provides insight both into Chinese attacks on US companies and the limits of legal risks taken by non Law Enforcement persons in collecting data on foreign attackersTitan Rain

Russian Attacks Moonlight Maze


How to report cyber crime

Do file an online report at the FBI's IC3 Internet Crime Complaint Center

Do not break wiretapping, pen register or trap and trace laws (which restrict this to Law Enforcement).

Forensic Evidence

Carnivore and the Collection of Internet Data Carnivore

Limitations on the FBI and collection of Computer Forensic Evidence

The FBI is limited by specific laws including the US Patriot Act,Communications Assistance for Law Enforcement Act (CALEA), and the Foreign Intelligence Surveillance Act of 1978 or FISA (USC 50).

Books

Diffie and Landau : Privacy on the Line (2007) MIT Press

Other References

Source http://www.fbi.gov/cyberinvest/cyberhome.htm