Difference between pages "Logfile Analysis" and "Defeating Whole Disk Encryption"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
 
Line 1: Line 1:
Web logfile analytics software can process a log file and print a clever report. Normally this software is used by organizations that want to know how their website is doing, but it can also be used for network forensic analysis of logfiles.
+
PGP [[Whole Disk Encryption]] has the ability to generate a "temporary key". Normally the use of the temporary key leaves a trace on the disk being cracked. But according to a recent cyberspeak podcast, when this feature is used on a hard drive that has a write-blocker attached, it still works.
  
; Analog
+
[[BitLocker]]: You can unlock a drive with the cscript command, leaving the master key in the clear by using these commands:
: http://www.analog.cx/
+
  cscript manage-bdg.wsf unlock c:
: Claims to be 'the most popular logfile analyser in the world'
+
  cscript manage-bdg.wsf autounlock enable c:
  
; Webalizer
+
[[Category:Disk encryption]]
: http://www.mrunix.net/webalizer/
+
: "A fast, free web server log file analysis program"
+
 
+
; phpmyVisites
+
: http://www.phpmyvisites.us/
+
: New "clicks heatmap" shows where people are clicking on your website; depends on JavaScript. (on the other hand, doesn't need access to your logfiles)
+
 
+
; AWStats
+
: http://awstats.sourceforge.net/
+
: "Free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically."
+
 
+
; JasperReports
+
; http://jasperforge.org/sf/projects/jasperreports
+
: Java reporting tool.
+
 
+
; Open Web Analytics
+
: http://wiki.openwebanalytics.com/index.php?title=Main_Page
+
: "an open source web analytics framework written in PHP"
+
 
+
; Breadboard BI Web Analytics
+
: http://sourceforge.net/projects/web-analytics/
+
: "uses open source tools to collect and distribute web analytics data."
+

Latest revision as of 19:31, 29 December 2008

PGP Whole Disk Encryption has the ability to generate a "temporary key". Normally the use of the temporary key leaves a trace on the disk being cracked. But according to a recent cyberspeak podcast, when this feature is used on a hard drive that has a write-blocker attached, it still works.

BitLocker: You can unlock a drive with the cscript command, leaving the master key in the clear by using these commands:

 cscript manage-bdg.wsf unlock c:
 cscript manage-bdg.wsf autounlock enable c: