forensic

Wed
04
Mar
Dennis Faas's picture

'Forensic Toolkit', and 'Vision'

Forensic Toolkit The Forensic ToolKit contains several Win32 command line tools that can help you examine the files on a NTFS disk partition for unauthorized activity. This open source tool includes AFind, which lists files by their last access time ... without tampering the data the way that right-clicking on file properties in Explorer will. http://www.foundstone.com Vision Vision, a host-based Forensic Utility, is the GUI successor to the well-known freeware tool, Fport. This innovative new product from Foundstone shows all of the open TCP and UDP ports on a machine, displays the service that ... (view more)

Tue
09
Dec
Dennis Faas's picture

Explicit Pop-Up Debacle Leads to Teacher's Guilty Plea

The unbelievable story of Julie Amero, the substitute teacher who became the scapegoat of the Norwich school system when a computer riddled with spyware was inundated with pop-up "nasties" that were viewed by children in her class, has finally come ... to an end -- albeit, what many consider an unjust end. Amero was originally charged with four felonies for letting impressionable students see pornographic pictures as she browsed the web in her classroom. According to the Hartford Courant, Amero, who has been hospitalized and suffers from declining health, agreed to plead guilty to a single ... (view more)

Thu
05
Oct
Dennis Faas's picture

'Pasco', and 'Forensic Tool Kit'

Pasco Tool for forensic analysis ofa subject's internet activity. Since this analysis technique is executed regularly, we researched the structure of the data found in Internet Explorer activity files (index.dat files). Pasco, the latin word meaning ... "browse," was developed to examine the contents of Internet Explorer's cache files. Pasco will parse the information in an index.dat file and output the results in a field delimited manner so that it may be imported into your favorite spreadsheet program. Pasco is built to work on multiple platforms and will execute on Windows (through Cygwin), ... (view more)

Subscribe to RSS - forensic