FORENSIC TOOLS

Forensic Tools



Forensic Tools

The forensics procedures to collect and process forensic evidence from these devices while following the fourth and fifth amendment guidelines.

The procedure digital forensics

When talking about a manual of procedures in cybercrime, it not only refers to define what steps are to be followed by the investigator to arrive at the scene of the crime. Define this procedure in terms of the researcher must open Windows Explorer locate the Program Files folder. Find the executable files that exist on the machine would fall into a simplistic case-that would not bring anything new to the assessment of evidence should make the prosecutor and the judge. This is to give judges and prosecutors elements to be taken into consideration when a researcher will present evidence of a digital nature, so you are able to decide whether to accept or reject it, depending on the level of certainty as to whether they reach this test has been modified in some way, at some point. The digital forensic process seeks precisely to avoid such changes to the data contained in the magnetic media to be analyzed, that may occur at any time, from the moment where there is alleged offense for reasons as diverse, simple step of time, because someone has decided to turn off the machine that it has executed a written application on the memory, anyway (Owen, 2000). They can also arise due to the direct intervention of the researcher, whose initial task is to "freeze" the evidence and secure, and later submit it for analysis. The insurance is solely and exclusively, through the use of software and hardware tools that, in turn, are using mathematical, complex enough to copy each in identical magnetic media, i.e., enabling them to obtain identical clones (identical copies, bit by bit) to the original. When a computer crime, before discussing the fact that the researcher should immediately cordon off the scene, which cannot be more than five inches long, if memory is a flash (of the USB). This cordon of the scene is not anything but a bit by bit clone data contained in it. Obtain a copy legally acceptable is not easy. However, industry and legal practice in other countries have set standards that, among others, refer to the need to sterilize the magnetic media on which the copy is saved, the step to be followed by the investigator; acceptance that the community gives scientific and mathematical methods behind the hardware and software tools used by him, and the error rate of these tools (Owen, 2000).

Identification of digital evidence

A hacking forensic investigation of a computer is the process of detecting hacking attacks and properly extracting evidence to report the possible crime and conduct audits to prevent future attacks. The computer forensics is the application of research techniques and computer analysis to determine potential legal digital evidence. The computer forensics may reveal: The way that the intruder entered the corporate network. It shows the way. It reveals the techniques of ...