Well, there was a company that produced a Linux product, but it was not cheap.
But I have not been able to find them with a Google search. It was put out
by one of the guys ( Andy Rosenburg I think was his name) who wrote Encase.
He had a falling out with the other programmer and left to do his own thing,
They were around last year. From the screen shots, it looked very much like
Encase, but I didn't try to order it. Now I can't find them or even recall
what the company name was. I think the product was called Expert Witness.
I have version 4 of Encase and I'm a certified computer forensic examiner. So
let me know if I can be of help.
Devin
On 04/19/2005 08:11 pm, Technomage wrote:
> On Tuesday 19 April 2005 19:45, Bryan.ONeal@asu.edu wrote:
> > When you say forensics suit, are you looking for something that will
> > extract deleted files, or something that will guide you through system
> > snooping, or something that will automatically produce an admissible
> > custody trail that is court trusted. The first is about getting your
> > information, the second some one elses, the third is only for law
> > enforcement.
>
> I am looking for something that will do EVERYTHING. recovery of undeleted
> files, magnetic field analysis, etc.
>
> > There are a number of good packages for the first, a few for the second
> > (though I always felt like working on one), and I do not know any Linux
> > solutions for the third, though computer forensics is a big deal,
> > particularly for the IRS. (What do you want Im an accountant ;)
>
> TMH
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)