Difference between pages "License transition status" and "Windows Vista"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
 
Line 1: Line 1:
This page keeps track of the '''license status''' of the wiki.
+
== New Features ==
 +
* [[BitLocker Disk Encryption | BitLocker]]
 +
* [[Windows Desktop Search | Search]] integrated in operating system
 +
* [[ReadyBoost]]
 +
* [[SuperFetch]]
 +
* [[NTFS|Transactional NTFS (TxF)]]
 +
* [[Windows NT Registry File (REGF)|Transactional Registry (TxR)]]
 +
* [[Windows Shadow Volumes|Shadow Volumes]]; the volume-based storage of the Volume Shadow Copy data
 +
* $Recycle.Bin
 +
* [[Windows XML Event Log (EVTX)]]
 +
* [[User Account Control (UAC)]]
  
All contributions after '''March 19th, 2006''' are under the [http://creativecommons.org/licenses/by-sa/2.5/ Creative Commons Attribution-ShareAlike 2.5] license. Contributions prior to that date have an unclear license. We are currently contacting the authors of the respective content, asking them whether they agree to license their contributions under the [http://creativecommons.org/licenses/by-sa/2.5/ Creative Commons Attribution-ShareAlike 2.5] license...
+
== File System ==
 +
The file system used by Windows Vista is primarily [[NTFS]].
  
__TOC__
+
In Windows Vista, NTFS no longer tracks the Last Access time of a file by default. This feature can be enabled by setting the NtfsDisableLastAccessUpdate value to '0' in the Registry key:
 +
<pre>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem</pre>
  
== HOWTO ==
+
Note that this feature has been around since as early as Windows 2000 [http://technet.microsoft.com/en-us/library/cc959914.aspx].
  
If you have contributed to this wiki '''before March 19th, 2006''', please consider (re-)licensing your contributions under this license. You can do that by adding this small paragraph to your user page:
+
== Prefetch ==
 +
Note that the prefetch hash function is different then that of [[Windows XP]] and [[Windows 2003]].
  
'''I hereby license all my contributions to this wiki (before and after March 19th, 2006) under the [http://creativecommons.org/licenses/by-sa/2.5/ Creative Commons Attribution-ShareAlike 2.5] license.'''
+
== Registry ==
 +
The [[Windows_Registry|Windows Registry]] remains a central component of the Windows Vista operating system.
  
Thanks in advance.
+
== See Also ==
 +
* [[Windows]]
 +
* [[Windows 7]]
 +
* [[Windows 8]]
  
== Current License Status ==
+
== External Links ==
 +
* [https://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf Windows Vista Network Attack Surface Analysis], James Hoagland, Matt Conover, Tim Newsham, Ollie Whitehouse
  
=== Pages ===
+
[[Category:Operating systems]]
 
+
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
|- style="background:#bfbfbf; font-weight: bold"
+
! Page
+
! License Status
+
! Checked for copyright infringement
+
|-
+
| [[AFF]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[AFIS]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[AFOSI]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ASR]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ASR Data]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[AccessData]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Adobe PDF Format]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Afflib]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Anti-forensic techniques]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Applied Cellphone Forensics]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Audio Devices]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[BMP]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Bad blocks]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Bibliography]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Blackbag]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Blackberry Forensics]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Books]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Cellphones]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Conferences]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[DCFL]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[DIBS]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Data Reduction]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Dcfldd]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Dd]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Digital Evidence Bags]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[EVT]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[EXIF]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Email Headers]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[EnCase]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Epilogue to Gutmann's 1996 paper]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Exif]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[FAT]]
+
| ?
+
| style="background:lime" | OK
+
|-
+
| [[FCCU Gnu/Linux Boot CD]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[File Formats]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[File Systems]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Flash IDE Adapters]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Foremost]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Forensic Toolkit]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Forensic file formats]]
+
| ?
+
| style="background:lime" | OK
+
|-
+
| [[Full Disk Encryption]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Gfzip]]
+
| ?
+
| ?
+
|-
+
| [[Harvard Forensics Project]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Helix]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ILook]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ILook External Imager]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ILook Imager]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ILook Investigator]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ILook file format]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[IXimager]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[JPEG]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Jesse Kornblum]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Journals]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[LNK]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[License transition status]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Linux]]
+
| ?
+
| style="background:lime" | OK
+
|-
+
| [[Mailing lists]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Main Page]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Md5deep]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Metadata]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Microsoft PocketPC]]
+
| ?
+
| ?
+
|-
+
| [[Microsoft Windows]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Microsoft Windows Mobile]]
+
| ?
+
| ?
+
|-
+
| [[National Software Reference Library]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Ontrack Data Eraser]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Organizations]]
+
| style="background:lime" | OK (Not copyrightable)
+
| style="background:lime" | OK
+
|-
+
| [[Other Websites]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[PDAs]]
+
| ?
+
| ?
+
|-
+
| [[Palm]]
+
| ?
+
| ?
+
|-
+
| [[Papers]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Paraben]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[People]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Personal Digital Devices]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ProDiscover]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[ProDiscovery]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[PyFlag]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Pyflag]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[RIM Blackberry]]
+
| ?
+
| style="background:lime" | OK
+
|-
+
| [[Raw image file]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Raw image files]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Recovering Overwritten Data]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Recovering bad data]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Recovering deleted data]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Reports]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[SIM Cards]]
+
| ?
+
| ?
+
|-
+
| [[SMART]]
+
| style="background:lime" | OK (Original unlicensed, copyright-infringing content was removed)
+
| style="background:lime" | OK
+
|-
+
| [[Safeback]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Sanitization Standards]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Scalpel]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Simson Garfinkel]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Sleuthkit]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[SmartPhones]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[SpinRite]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Symbian]]
+
| ?
+
| ?
+
|-
+
| [[Techniques]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Tools]]
+
| style="background:lime" | OK (All content created after March 19)
+
| style="background:lime" | OK
+
|-
+
| [[UNIX]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[VMware]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Vendors]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Websites]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Wetstone]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
| [[Write Blockers]]
+
| style="background:lime" | OK
+
| style="background:lime" | OK
+
|-
+
|}
+
 
+
=== Files/Images ===
+
 
+
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
|- style="background:#bfbfbf; font-weight: bold"
+
! File
+
! License Status
+
! Comments
+
|-
+
| [[:Image:Simpic.jpg]]
+
| style="background:lime" | OK
+
| Replaced with free version.
+
|-
+
| [[:Image:Treo.jpg]]
+
| style="background:lime" | OK
+
| Deleted.
+
|-
+
| [[:Image:Pocketpc.jpg]]
+
| style="background:lime" | OK
+
| Replaced with free version.
+
|-
+
| [[:Image:Newton.jpg]]
+
| style="background:lime" | OK
+
| Deleted.
+
|-
+
| [[:Image:Zaurus-front.jpg]]
+
| style="background:lime" | OK
+
| Replaced with free version.
+
|-
+
| [[:Image:Sharp sl-c3100-thm.jpg]]
+
| style="background:lime" | OK
+
| Deleted.
+
|-
+
| [[:Image:Yale fat16 diagram.jpg]]
+
| style="background:lime" | OK
+
| Deleted.
+
|-
+
| [[:Image:Recover-FAT-volume-structur.jpg]]
+
| style="background:lime" | OK
+
| Deleted.
+
|-
+
| [[:Image:HelixGroupPaper.pdf]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Network Appliance DataFort.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Draft Paper.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Survey3.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Survey.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Biblio.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:HelixCFS.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Init2.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Init.doc]]
+
| style="background:lime" | OK
+
| Deleted
+
|-
+
| [[:Image:Securing Storage White Paper.pdf]]
+
| style="background:lime" | OK
+
| Decru white paper. Not Creative Commons licensed, but we'll keep it here, as it might disappear from the net.
+
|-
+
 
+
|}
+

Revision as of 13:14, 20 October 2013

New Features

File System

The file system used by Windows Vista is primarily NTFS.

In Windows Vista, NTFS no longer tracks the Last Access time of a file by default. This feature can be enabled by setting the NtfsDisableLastAccessUpdate value to '0' in the Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem

Note that this feature has been around since as early as Windows 2000 [1].

Prefetch

Note that the prefetch hash function is different then that of Windows XP and Windows 2003.

Registry

The Windows Registry remains a central component of the Windows Vista operating system.

See Also

External Links