Linux Today: Linux News On Internet Time.

More on LinuxToday

Forensic Cop Journal 2(1): Ubuntu Forensic

Dec 02, 2009, 20:02 (0 Talkback[s])


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

"One essential reason why the author frequently uses Ubuntu for digital forensic purposes such as forensic imaging is forensically sound write protect. It is compulsory for every digital forensic analyst to apply it when dealing with the storage drive evidence. It is aimed not to change the contents of drive either incidentally or deliberately. Once the contents is changed, so the next actions of digital forensic become doubt or even refused by the court, unless digital forensic analyst can explain comprehensively why (i.e. the relevance) it is changed and what the implications of that action. It is usually performed on live analysis with strict procedures. On dead analysis (i.e. post mortem) the analyst is still required to keep the contents of hard drive not changed. To reach this purpose, Ubuntu can be modified in order to give forensically sound write protect."

Complete Story

Related Stories: