Seagate Community Forum Closed

Dear Seagate Community User, We did want to inform you that the Seagate Community forums were permanently taken down on October 7, 2015.  All posts and discussions will be inaccessible. For any future Support questions, please utilize our other support offerings found at http://www.seagate.com/contacts/ Regards, Seagate Customer Technical Support Email Support Get your questions answered…

Read More

How to Become a Forensic Computer Professional

computerforensicprofessional A computer forensic professional collects electronic evidence and provides information to an investigation team. Being a computer forensic professional requires you to have skills to help criminal investigators solve computer crimes. You should have knowledge of criminology, business law and computer data analysis.

If you like crime scene investigation shows or the thought of cracking encrypted computer security codes excites you, then a career in computer forensics might be right up your alley. The requirements to become a computer forensics professional can vary. An associate or bachelor’s degree are two of the more common paths to a career in this field, but graduate degree programs are becoming more common. Forensic computer analysts made an average salary between $47,117 and $79,667 in 2010, according to PayScale.

  1. Obtain an associate or a bachelor’s degree. Having a degree in computer science or accounting will be more beneficial in finding a computer forensics job than having a criminology or criminal justice degree, says the U.S. Bureau of Labor Statistics. Associate and bachelor’s degree programs in the field of computer forensics are offered at schools such as ITT Technical Institute and Westwood College.
  2. Apply for positions with law enforcement agencies. Most law enforcement agencies will require you to pass an extensive background check and a series of written and psychological tests before they will hire you.
  3. Attend courses at a police academy. Although you can work in computer forensics as a civilian analyst, having insight into the criminal investigation process and police detective techniques can provide you with invaluable insight on how the criminal mind works and possibly provide you with a better understanding of how to access information that may be hidden on computer systems.
  4. Gain experience through hands-on training. Most computer forensics professionals learn about the specifics of their trade through the computer forensics training program offered by the law enforcement agency they work for, according to the U.S. Bureau of Labor Statistics. In fact, the bureau also notes that many utilize this training as a way to break into the field before moving on to the private sector.
  5. Obtain certification as a computer forensics investigator. Agencies and organizations such as the International Society of Forensic Computer Examiners offers certifications in the field that will give you the credentials that will set you apart from your competition for jobs or clients. Certification from the Society requires you to complete additional computer forensics training, have a minimum of 18 months of verified experience in the field and engage in self-study in digital forensics. Once your qualifications have been verified, you can then take the certification exam.

Be sure that the school that you enroll in is accredited. Be sure that you earn maintain an acceptable grade point average at the school you are enrolled in. Some two-year programs require that you complete 60 credit hours and earn nothing less than a 2.0 GPA. Ask the college you are applying to if you need to submit to a criminal background check. You may be excluded from admission to a post-secondary school if you have a previous felony conviction.

Read More

Learn Computer Forensics on Your Own

Expertise in examining computers and networks for evidence can not only lead to a well-paying career, it can be an exciting field to work in. Many people who work in computer forensics have received training through their employer as a law-enforcement professional or corporate sponsored training. This does not mean that someone can’t learn these skills on their own. Thanks to online training, hands-on practice, and dozens of books on the subject, anyone with an interest in computer forensics can learn the skill set needed for this job.

  1. Learn the basics. Before getting started in computer forensics, you need to have a foundation in what it entails.
  2. Download forensic software and see how it works. There are many different tools available that don’t cost anything; some of these can be found at Open Source Forensics. These solutions provide a perfect opportunity for someone to learn how to use different forensic software.
  3. Create virtual machines to use as target computers when learning the software. Virtual machine software, like VirtualBox allows you to create a virtual computing environment that you can use for testing.
  4. Locate online forensics training. Once you have a grasp of computer forensics, it is time to take your training to the next level. There are many tutorials that can be found online that will help you better learn the different forensic software. Additionally, you can look into training packages that for a price will teach specific skills and software.
  5. Read books on forensics. There are many different books written on the subject that cover software packages like EnCase, methodologies used in forensic cases, and certification study manuals.

Obtaining certification in computer forensics can show potential clients and employers that you have expertise in the field.

Check with law enforcement agencies in your area to see if you can shadow them on investigations.

Understand the chain of custody when dealing with computer evidence.

Certain states require someone who is performing a computer forensic investigation to be a licensed private investigator. Make sure you understand the laws of your state before you move forward with an investigation.

Read More

First Steps in Computer Forensics: Securing Your Network

First Steps in Computer Forensics: Securing Your NetworkNo matter how secure your infrastructure is, sooner or later you will become a victim of a computer crime. Someone may point a DDoS (Distributed Denial of Service) attack at your services, may sniff your network, or may copy/delete confidential information. You may not even realize such a thing has happened. However, in an organized and secured network, you will be notified at the first signs of an attack. Now what? Your first normal reaction would be to stop the attack with whatever means possible. However, that may not be the best response. If you don’t possess the needed knowledge yourself, it might be a good idea to leave the crime scene as it is and let a computer forensics investigator deal with it. Let’s focus on the steps that the investigator would take. You may choose to take these steps alone but you will most likely not have all the necessary support tools and systems for that.

  1. Document the system – name, date, time, purpose, hardware, software, it all matters.
  2. Collect evidence – all the information about the attack should be securely taken off the target system. This is usually done through specific software that hashes all the information. This way, the information is legitimate and can be used as formal evidence for prosecution. The evidence that is usually collected includes active network connections, processes loaded into memory, and a copy of all the information on the disk with the respective creation, modification, and access values. The collector should be confident about the security of the system used for storage and analysis of the copied evidence. Only after this step, is it beneficial to unplug or shut down the affected system. If the affected system is saving logs on a remote server, copy them as well, although they are less likely to be compromised by the attack. In Linux, programs could still be running even after their files have been deleted. You can search for such programs with the command: file /proc/[0-9]*/exe|grep “(deleted)” . If you want to make a copy of this list use: /bin/dd if=/proc/filename/exe of=filename .
  3. Recreate the timeline of the attack – once all the information is copied on a secured workstation, the timeline of the attack can be recreated from the times of creation, modification, and access of all the files. This should be done before anything else, because the other steps can change the original times of the files. The timeline will show the last executed file, the last created/deleted folder, executed scripts, etc.
  4. Deeper analysis of the affected system – using the information collected in the previous steps, a deeper analysis can be performed of the system in order to find suspicious installations, creation or deletion of folders, and the like. Forensics investigators have specific tools for this step.
  5. File information restoration – the slack or unallocated space can be investigated for parts of files that, when combined, may indicate the time of deletion of files. It can be useful for the recreation of the steps of the attacker.
  6. Search – use all the information gathered so far to search for specific names, IP addresses, and file names, that can point you to the intruder.
  7. Report – no matter if the compromised system is your company’s or another’s, it is always good to document all your findings during the investigation. If it’s done right it can even be used in court.

Don’t make the mistake of not taking computer crimes seriously! In today’s digital world, computer crimes are just as serious as any other ones. Don’t hesitate to call a specialist if you’re not sure you can handle the investigation process alone. If your organization is big enough and your budget allows it, think about creating a Computer Security Incident Response Team which will be prepared for computer crimes and will have procedures and resources in place to handle them properly.

http://blog.monitis.com/index.php/2012/05/17/first-steps-in-computer-forensics/

Syndicated stories and blog feeds, all rights reserved by the author.

Read More

Dell and AccessData Launched New Forensics Toolkit

Dell and computer forensics specialists Access Data have released their new Dell Digital Forensics Platform and Forensic Toolkit 4.0 at the International Security and National Resilience (ISNR) exhibition in Abu Dhabi.

adWP_logo

“Today’s launch of the FTK 4.0 is a significant milestone that marks the next phase of our efforts here in the Middle East. This release, which is unlike any other previously seen in the region, enables court-cited digital investigations and is built for speed, analytics and accuracy,” said Simon Whitburn, VP International Sales at AccessData.

The new forensics tool expands on AccessData’s existing solutions, to provide a turnkey solution for a wide range of investigative operations, including processing of forensic images and email archives; registry analysis; file decryption, password cracking, image creation and report building.

AccessData offers two expansion modules with the new version-Cerberus, a malware triage technology that provides threat scores and disassembly analysis to determine both the behaviour and intent of suspect binaries, and Virtualization for relationship analysis in multiple display formats, including timelines, cluster graphs, pie charts and more.

“We developed the combined platform in response to significant customer demand, in large part from this region. Dell has worked with us to provide a turn key digital forensics solution that enables our clients to get mobile very quickly. Partnerships with such leading organizations will play a pivotal role in our expansion in the region,” said Whitburn.

Access Data: http://accessdata.com/

AccessData is the leading provider of E-Discovery, Computer Forensics and Cyber Security software for law firms, corporations and government agencies

Dell Digital Forensics

In digital forensics cases, Dell can provide the tools and resources you need to process digital evidence, quickly and reliably. Click the below link to learn more:

http://content.dell.com/us/en/fedgov/fed-solutions-digital-forensics

Read More

Work in Forensics: 5 Key Steps

Work in Forensics: 5 Key StepsJoseph Naghdi, an experienced computer technologist, transitioned to digital forensics in early 2000 because he was intrigued by how data is stored and discovered on computers. Today, he’s a forensics analyst at Computer Forensics Lab, a U.K. consultancy specializing in computer forensic services and advanced data recovery. The high point of his work, he says, is when he solves tough cases, such as a recent phishing attack against a UK bank that almost led to the transfer of 3 million pounds.

With the rise in cyber-fraud and various breach incidents, digital forensics is becoming a growing field with plenty of opportunities. The job involves determining the cause, scope and impact of security incidents; stopping unwanted activity; limiting damage; preserving evidence and preventing other incidents. Digital forensics experts typically investigate networks, systems and data storage devices.

The average salary for digital forensic professionals is about $81,000 in the U.S., according to the salary research and data website PayScale, but specialization in mobile architecture, devices and cloud computing could lead to higher salaries.

Information security professionals interested in making a transition to a career in digital forensics, as Naghdi did, need to take five key steps, experts say.

1. Develop Windows Expertise
Because 90 percent of the systems that forensics experts investigate are Microsoft Windows-based, practitioners need to understand the core technology, says Rob Lee, director and IT forensics expert at Mandiant, a certified forensics instructor at SANS Institute.

“Kind of like in the Army, you need to know how to shoot a rifle – Windows is the rifle of computer forensics,” Lee says. Information security professionals who want to specialize in forensics must understand all aspects of how Windows works, including how information is stored, he contends. He also suggests developing expertise in mobile devices and cloud computing.

2. Obtain Specialized Training
Greg Thompson, security manager at Canada’s Scotia Bank, who is also an (ISC)2 advisory board member, believes the best way to learn about digital forensics is to obtain training at schools or certification bodies, including the International Association of Computer Investigative Specialists, Sans Institute and the International Information Systems Forensics Association.

Thompson recently hired two professionals from community colleges in Canada who were trained in applying forensic investigative techniques and skills. “The main skill is developing a creative mind-set to think like an attacker in responding to the situation,” says Thompson, who oversees the forensics practice at Scotia Bank.

He also recommends security professionals take online courses, seek help from professionals with law enforcement backgrounds and learn on the job. In particular, he encourages developing expertise in forensic investigations of mobile devices, firewalls and malware.

3. Build a Broad Technical Background
When investigating unauthorized data access, for example, forensics experts must know how to recover lost data from systems, analyze log entries and correlate them across multiple systems to understand specific user activity. “This requires a solid understanding of networks, systems and new types of malware intrusions and analysis,” says Marcus Ranum, CSO at Tenable Network Security. “Only a broad IT exposure can help professionals understand the different types of data and what is most critical to capture.”

Naghdi emphasizes the need for good computer programming skills to understand how data is stored and how hard disks operate. “Strong programming skills often help the forensic expert in understanding and discovering the different ways of storing and recovering data,” he says.

4. Gain Legal Knowledge
Forensics specialists need to understand breach notification regulations as well as the legal implications of not maintaining a proper chain of data custody. They also need to understand, for example, how a cloud computing provider will identify, locate, preserve and provide access to information when the need arises, as well as how to legally preserve data for litigation purposes. “More and more practitioners need to understand the legality around data retrieval, storage and protection,” Lee says.

5. Understand Upstream Intelligence
Gathering upstream intelligence involves such steps as observing outgoing messaging patterns or filtering infrastructure for suspicious source rules or inappropriate user behavior. This may provide significant insights into the security posture of an organization.

Forensics goes far beyond relying on recovering pictures, data and e-mails in order to solve a case. “We now require professionals to be engaged in intelligence gathering and analysis and to work across multiple machines, different environments and devices, which could lead to investigating advanced hackers that are moving within the organization,” Lee says.

Complexity of Investigations
Digital forensic investigations are becoming far more complex.

For example, Lance Watson, chief operating officer and forensic investigator for Avensic, a forensics and e-discovery consulting company, tackles such challenges as locating information in the cloud or helping clients track and analyze e-mails and text messages on mobile devices. “It’s become harder to investigate user activity or discover digital evidence quickly because of remote locations and multiple storage devices used,” he says.

The growth in cloud computing and mobile devices has further strengthened the market for forensic pros by increasing demand for eDiscovery services, which involve preserving, collecting, managing and producing electronic evidence relevant for a court case.

The demand for eDiscovery services is leading many companies to establish an internal eDiscovery team rather than relying on an outsourcer. And this is creating new job opportunities. For example, Thompson of Scotia Bank recently transitioned from outsourced eDiscovery to an in-house forensics and data recovery team largely to gain cost savings and get better control of investigations and data.

Naghdi of Computer Forensics Lab says information security professionals can expect demand for forensics experts to grow. “There is definitely an uptake in hires for forensic experts, and this trend will continue,” he says. But to make a successful transition to a role in forensics, Naghdi says, security professionals must “have an inquisitive mindset to find new ways of exploring emerging areas and finding digital evidence.”

Read More

EnCase Computer Forensics Training for Beginners

EnCase,Computer Forensics TrainingGuidance Software is recognized globally as a world leader in Digital Forensics, Cyber Security, and E-Discovery solutions. Their services include incident response, computer forensics, litigation support, and experts with hands-on experience in digital investigation. Each year they train over 6,000 corporate, law enforcement, and government professionals in digital forensics, e-discovery, security, and incident response.

This hands-on forensics training course involves practical exercises and real-life simulations in the use of EnCase® Forensic version 7 (EnCase v7). The class provides participants with an understanding of the proper handling of digital evidence from the initial seizure of the computer/media to acquisition, including the use of FastBloc® SE and LinEn. Instruction then progresses to the analysis of the data. It concludes with archiving and validating the data. Delivery method: Group-Live. NASBA defined level: basic.

Students attending this forensics training course will learn:

  • The EnCase v7 computer forensic methodology
  • What constitutes digital evidence and how computers work
  • Basic structures of the FAT and NT file systems
  • How to create a case and how to preview and acquire media
  • How to conduct raw and index searches
  • How to analyze file signatures and view files
  • How to conduct hash analysis and import hash sets
  • How to prepare reports, using templates provided with EnCase v7
  • How to restore evidence
  • How to archive files and data created through the analysis process
  • The proper techniques for handling and preserving evidence

Level: Introductory
Prerequlslte: Basic computer skills. Advance preparation for this course is not required.
Tuition: $2,495.00 USD per student.

Note: This training course is intended for IT security professionals, litigation support and forensic investigators Participants may have minimal computer skills and may be new to the field of computer forensics.

Details: http://www.guidancesoftware.com/computer-forensics-training-encase1.htm

Read More

Computer Forensics Needed to Pin Down GMA

Computer Forensics,GMA,PSAThe Aquino administration’s drive against corruption may need computer forensics to support the allegations against the Arroyo administration, a multinational risk consultancy said.

In a report dated Dec. 22, the Pacific Strategies and Assessments (PSA) said those involved in crimes like poll sabotage and plunder are secretive and are careful about avoiding a paper trail.

“Computer forensics might hold the key to finding the needed evidence,” said PSA managing director Scott Harrison.

“With the expanding use of computers and digital media in everyday transactions, evidence of criminal activities left in computers and other digital equipment clearly enhances court evidentiary procedures,” he added.

PSA though disclosed in the report that it is one of the companies practicing information technology (IT) forensics in the country. The company also has offices in Hong Kong, Shanghai, Beijing, Bangkok, Sydney and Milwaukee.

PSA said money laundering and convoluted business structures created to hide wrongdoing “increasingly require digital investigative techniques to prove a criminal case.”

“The majority of corruption cases in the Philippines are often hampered because much of the presented evidence is hearsay accusations of one or more people against others. Consequently languishing corruption cases are often dismissed or shelved due to a lack of concrete evidence,” Harrison said.

PSA said not one member of the Arroyos or their alleged co-conspirators in poll cheating and corruption have been convicted by the courts since President Aquino assumed office in 2010.

“The lack of investigative resources in the Philippines judicial system may prove to be a bigger impediment to President Aquino’s efforts to weed out corruption than the administration’s frustration with the Supreme Court,” the report read.

PSA said IT forensic specialists can create a mirror image of data inside a computer system and recover deleted, encrypted, or damaged files.

PSA claimed the recovery and analysis of hard disk drives, mobile phones and portable digital storage devices believed to be involved in crime are “critical digital evidence” that can boost one’s legal position in court.

Read More

McCann E-Investigations Grows its Computer Forensics Imaging Abilities

McCann E-Investigations, a Texas-based computer forensics and investigative firm grows its computer forensics abilities with the capital acquisition of condition from the art computer forensics tools because of its Houston division.

McCann E-Investigations,Computer Forensics

“We have experienced a amazing increase in our computer forensics cases whatsoever our locations.” Stated Serta Weiss, Partner at McCann E-Investigations. “Computer forensics is an extremely fluid industry. As technology gets to be more sophisticated, the pc forensics expert should have the versatility and insight to have the ability to adjust to the altering technology atmosphere.

“Having probably the most leading edge computer forensics tools guarantees that people can provide the greatest quality product to the clients” Weiss mentioned.

Gary Huestis leads the pc forensics team for Houston, Austin and Dallas. “While updates in computer forensics software and hardware tools are key, important too is our EnCase certification. “Stated Gary Huestis. EnCase may be the leading computer forensic solution and it is the standard. Gary continues to be an EnCase Licensed Examiner since 2005.

About McCann EI:

http://www.einvestigations.com

About McCann EI: McCann EI’s Texas-based digital forensics team supplies a one-stop solution for the Digitally Saved Information (ESI) investigative needs. McCann EI’s computer forensics, digital forensics, mobile forensics, and electronic discovery researchers serve lawyers, private industry, and government with similar dedication and expertise which has had clients embracing McCann for more than two-and-a-half decades.

Regardless whether your ESI is held in personal, corporate, mobile, or network drives, McCann EI’s computer forensics team has experience in electronic discovery and recuperating your digital files. Our researchers possess the experience to supply expert witness computer forensic testimony in courts across Texas. McCann EI services Companies, Lawyers, and People State-wide.

Austin Computer Forensics: 512-377-6142
Houston Computer Forensics: 832-628-4904
Dallas Computer Forensics: 214-329-9059
Lubbock Computer Forensics: 806-589-0320
Lufkin Computer Forensics: 936-585-4070
Brownsville Computer Forensics: 956-465-0849

Give us a call toll-free at 800-713-7670

Read More

Computer Forensics Salary

Computer Forensics Salary,Computer Forensics Laptop forensics wage graph has seen an incline, as cyber crime went up and also the preference for information storage went in the traditional paper books to computer unfold sheets. Computer forensic experts are fast rising, because the modern detectives of crime has moved base from real life towards the virtual world. The September 11 attack around the world commerce middle in New You are able to has additionally place the primary focus back on terrorism and cyber terrorists. Id theft, charge card fraud, and pedophiles browsing the web for prey exist several the crooks some type of computer forensic knowledgeable helps law enforcement to trap. Laptop computer forensic expert finds employment with regulation enforcement, detective companies, company companies, and private players who are inclined to laptop crimes. Laptop computer forensics job outlook for that approaching years is thought to become lucrative, as data goes digital and our dependence on the internet and computer develops.

Laptop Forensics Job Description
The pc forensic analyst uses refined software and hardware program instruments to analyze cyber crime, laptop hacking and also to decrypt understanding which could help in advancing a situation. The analyst utilizes various methods to obtain data on suspects like IP tackle tracing and packet sniffing at. In IP handle tracing a trace is completed to look for out information online company after which get information on the suspect. This technique is broadly accustomed to trace lower pedophiles who use computer systems to lure kids. Nowadays, the conventional ransom notice or risk notes happen to be changed by e-mails. The analyst tracks email ripoffs using the e-mail header which benefits source Ip, server data and data around the time and date of email generation. Laptop computer forensic analyst likewise helps decrypt data that’s on storage machine just like a Compact disc, DVD, hard disk or USB. Digital media is fast proving itself to be the brand new way of bandwith and devices like desktop computer systems, laptop systems, Private Digital Assistants (Smartphones), and cell phones really are a couple of from the tools that the analyst needs to undergo to find the information they need. The strategy of packet sniffing at can be used to collect useful info from systems, like electronic mail ids, passwords and private information. To get the job done, pc experts use instruments like hex editors the industry software program that allows these to control the binary data and be sure community security. Different tools they use are decryptors, disk analyzers, packet sniffers, and DNS tools. The experts make use of all the various tools available along with technical understand how, to sniff out digital clues. Pc experts need to trace lower cyber-terrorist, who trigger a menace inside the lives of remarkable people, corporates and pose a menace to network security.

Laptop Forensics Wage Vary
The area of pc forensics is comparatively new and people focusing on this filed didn’t have particular qualification apart from intensive understanding about personal computers and Internet crimes. Nowadays, you will find forensic science schools who offer diploma and certificates programs in computer forensics and understanding techniques security. Some schools even provide on-line diploma packages which may be quite useful in acquiring an excellent laptop forensics salary. The most popular wage for laptop forensic jobs is between USD 47,000 to USD 80,000. Police force and legal companies are proving itself to be top companies of laptop forensic experts and also the salaries provided are furthermore at componen with a few non-public organizations who supply jobs to individuals with fundamental cyber forensics and methods understand how. Legislation enforcement average salaries are between USD 50,000 to USD 75,000 and legal services pay round USD fifty four,000 to USD 70 five,000. Wage ranges for jobs in urban centers new You are able to and La happen to be considered to be as excessive as USD 90,000 to USD a hundred,000. Detective companies will also be good companies because they appear to provide everywhere between USD forty-five,000 to USD 80,000 with respect to the expertise and qualifications from the computer forensic analyst.

Computer forensics salary largely will rely on the business as well as your physical location. And like other IT jobs this subject promises a lucrative future, too.

Read More