Difference between pages "File Systems" and "PDAs"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Added reiserfs, HFS, and link to FAT)
 
 
Line 1: Line 1:
= Conventional File Systems =
+
[[Image:Zaurus-front.jpg|thumb|Sharp Zaurus]]
  
; HFS
+
'''Personal Digital Assistants''' ('''PDAs''') are handheld devices with features such as calendar, notes, and so on.
: Used by Apple systems, it has been succeed by HFS+
+
  
; ffs
+
== Current Popular PDA Operating Systems ==
: The Fast File System, a variant of ufs that is faster and supports symbolic links.
+
  
; ext2fs, ext3
+
* [[RIM BlackBerry]]
: ext2fs was introduced with Linux. ext3 is a journaled version of ext2 which allows for speedy disk recovery after a crash.
+
* [[Linux]]
 +
* [[Palm]]
 +
* [[Symbian]]
 +
* [[Microsoft PocketPC]]
 +
* [[Microsoft Windows Mobile]]
  
; reiserfs
+
== PDA Forensics ==
: A journaling filesystem for Linux
+
===PDD===
 +
PDD (pdd) is a forensic tool for capturing the contents off early Palm devices.  Originally developed by Joe Grand it was one of the first Win32 executable programs to perform such an acquisition. Unfortunately there are no published methods for analyzing the resulting data.
  
; [[FAT]]
+
==== PDD Links ====
: Originally used by MSDOS. Includes FAT12 (for floppy disks), FAT16 and FAT32
+
  
; NTFS
+
* [http://www.grandideastudio.com/files/security/mobile/pdd_palm_forensics.pdf Original paper by Grand]
: The New Technology File System, introduced by Microsoft with Windows NT 4.0. Now used on XP.
+
* [http://packetstormsecurity.org/palm/ Actual tool]
  
; ufs
+
White Paper:  [http://citeseer.ist.psu.edu/504282.html]
: The Unix File System, introduced with Unix.
+
ZDNET Whitepaper: [http://whitepapers.zdnet.co.uk/0,1000000651,260089033p,00.htm]
  
;
+
===Paraben's PDA Seizure===
 +
===Paraben's PDA Seizure Toolbox===
  
 +
==Links==
  
= Cryptographic File Systems =
+
* [http://www.grandideastudio.com/portfolio/index.php?id=1&prod=17 Joe Grand's PDD]
Cryptographic file systems encrypt information before it is stored on the media. Some of these file systems store encrypted files directly. Others are better thought of as device drivers, which are then used to store some of the file systems discussed above.
+
* [http://www.paraben-forensics.com/catalog/product_info.php?cPath=25&products_id=107 Paraben's PDA Seizure]
 
+
* [http://www.paraben-forensics.com/catalog/product_info.php?cPath=26&products_id=343&osCsid=4b73689660a05b833677fdc6a8646804 Paraben's PDA Seizure ToolBox]
; Apple's File Vault
+
* [http://www.mypocketpcmobile.com PDA FAQ,News,Reviews,Devices,Software,Freeware]
: A clever user interface to Apple's encrypted disk images. Uses the ".sparseimage" extension on disk files.
+
* [http://csrc.nist.gov/publications/nistpubs/800-72/sp800-72.pdf   Jansen, Ayers Guidelines on PDA Forensics]
 
+
* [http://csrc.nist.gov/publications/nistir/nistir-7100-PDAForensics.pdf   Ayers, Jansen PDA Forensic Tools: An Overview and Analysis]
; CFS - Matt Blaze's Cryptographic File System for Unix
+
: http://www.crypto.com/papers/cfskey.pdf Key Management in an Encrypting File System], Matt Blaze, USENIX Summer 1994 Technical Conference, Boston, MA, June 1994.
+
: http://www.crypto.com/papers/cfs.pdf A Cryptographic File System for Unix], Matt Blaze, Proceedings of the First ACM Conference on Computer and Communications Security, Fairfax, VA, November 1993.
+
 
+
 
+
; NCryptfs
+
: http://www.fsl.cs.sunysb.edu/docs/ncryptfs/ncryptfs.pdf NCryptfs: A Secure and Convenient Cryptographic File System ], Charles P. Wright, Michael C. Martino, and Erez Zadok, Stony Brook University ,USENIX 2003 Annual Technical Conference.
+
 
+
 
+
 
+
; Transparent Cryptographic File System
+
: http://www.tcfs.it/
+
 
+
; SFS - Secure File System
+
: http://atrey.karlin.mff.cuni.cz/~rebel/sfs/
+
 
+
== Full Disk Encryption ==
+
; Seagate FDE
+
: http://www.seagate.com/docs/pdf/marketing/PO-Momentus-FDE.pdf
+
 
+
; Network Appliance
+
: http://www.netapp.com/ftp/decru-fileshredding.pdf
+
 
+
; Jetico BestCrypt
+
: http://www.jetico.com/
+

Revision as of 14:27, 5 March 2008

Sharp Zaurus

Personal Digital Assistants (PDAs) are handheld devices with features such as calendar, notes, and so on.

Contents

Current Popular PDA Operating Systems

PDA Forensics

PDD

PDD (pdd) is a forensic tool for capturing the contents off early Palm devices. Originally developed by Joe Grand it was one of the first Win32 executable programs to perform such an acquisition. Unfortunately there are no published methods for analyzing the resulting data.

PDD Links

White Paper: [1] ZDNET Whitepaper: [2]

Paraben's PDA Seizure

Paraben's PDA Seizure Toolbox

Links