Difference between revisions of "SMART"

From ForensicsWiki
Jump to: navigation, search
(License Notes)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
{{Infobox_Software |
 +
  name = SMART |
 +
  maintainer = [[ASR Data]] |
 +
  os = {{Linux}} |
 +
  genre = {{Analysis}} |
 +
  license = {{Commercial}} |
 +
  website = [http://www.asrdata.com/SMART/ asrdata.com/SMART/] |
 +
}}
  
=SMART=
+
'''SMART''' is a commercial forensics software package distributed by [[ASR Data]].
+
 
+
[http://www.asrdata.com/ Website]
+
 
+
  
 
=Features=
 
=Features=
 
SMART is a software utility that has been designed and optimized to support data forensic practitioners and Information Security personnel in pursuit of their respective duties and goals. The SMART software and methodology have been developed with the intention of integrating technical, legal and end-user requirements into a complete package that enables the user to perform their job most effectively and efficiently.
 
 
SMART is more than a stand-alone data forensic program. The features of SMART allow it to be used in many scenarios, including:
 
 
    *  "Knock-and-talk" inquiries and investigations
 
    *  on-site or remote preview of a target system
 
    *  post mortem analysis of a dead system
 
    *  testing and verification of other forensic programs
 
    *  conversion of proprietary "evidence file" formats
 
    *  baselining of a system
 
 
 
Who Uses SMART?
 
SMART is currently utilized by:
 
 
    *  Federal, State and local Law Enforcement
 
    *  U.S. Military and Intelligence Organizations
 
    *  Accounting Firms
 
    *  Data forensic examiners
 
    *  Data recovery specialists
 
    *  Disaster recovery professionals
 
    *  Information security professionals
 
    *  Health care privacy professionals
 
    *  Internal auditors
 
    *  System Administrators
 
 
  
 
==File Systems Understood==
 
==File Systems Understood==
 
(unknown)
 
  
 
==File Search Facilities==
 
==File Search Facilities==
Line 43: Line 18:
 
* Lists allocated and unallocated files.
 
* Lists allocated and unallocated files.
 
* Sorts files by type.
 
* Sorts files by type.
* Searches for keywords.
+
* Searches for keywords and regex.
* Registry Viewer
+
* [[Registry viewer]].
  
 
==Historical Reconstruction==
 
==Historical Reconstruction==
Line 53: Line 28:
  
 
* Can use basic keyword searching.
 
* Can use basic keyword searching.
* Offers full-text indexing.
 
  
 
==Hash Databases==
 
==Hash Databases==
  
* Offers the "Hash Library-KFF".
+
* [[SHA]]
 +
* [[MD5]]
 +
* [[CRC]]
  
 
==Evidence Collection Features==
 
==Evidence Collection Features==
  
Can it sign files? Does it keep an audit log?
+
* "''Just about everything you do is logged in SMART. You can selectively export these log events into a simple HTML report.''"
  
 
=History=
 
=History=
 
 
  
 
==License Notes==
 
==License Notes==
  
Is it commercial or open source? Are there other licensing options?
+
SMART is a commercial product with seperate pricing for law enforcement and commercial users.
  
 
= External Links =
 
= External Links =
 
[http://www.asrdata.com/Website}
 
  
 
==External Reviews==
 
==External Reviews==

Latest revision as of 14:01, 15 September 2006

SMART
Maintainer: ASR Data
OS: Linux
Genre: Analysis
License: Commercial
Website: asrdata.com/SMART/

SMART is a commercial forensics software package distributed by ASR Data.

Features

File Systems Understood

File Search Facilities

  • Lists allocated and unallocated files.
  • Sorts files by type.
  • Searches for keywords and regex.
  • Registry viewer.

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • Can use basic keyword searching.

Hash Databases

Evidence Collection Features

  • "Just about everything you do is logged in SMART. You can selectively export these log events into a simple HTML report."

History

License Notes

SMART is a commercial product with seperate pricing for law enforcement and commercial users.

External Links

External Reviews