by Nikhil Wagholikar, NII ConsultingIntroduction One of the recommended file-system for Linux is Ext-3. Ext-3 file-system might not be as robust and powerful as compared to the Microsoft NTFS file-system but it has some built-in features that makes Linux a power performer. Here we will explore one such feature of Ext-3 file-system here. This feature […]
by Kush Wadhwa, NII Consulting In this article I will cover the basic concepts of NTFS file system. In NTFS (New Technologies File System) all important data like the basic file system administrative data are stored in a file and these files can be stored anywhere in a particular volume. These files don’t have reserved […]
by Chetan Gupta, NII Consulting Many a times as an investigator, I have to deal with the issue of carving data from unallocated spaces in a partition. There are many commercial data carving tools such as Encase, Winhex, Accessdata FTK, DataLifter, ILookInvestigator. Well, I have tried most of these and must say most of them […]
by Chetan Gupta, NII Consulting Well, last week was abuzz with activity when we had to recover data from a corrupt Linux hard disk. Thought it would be pretty easy but as soon as I loaded the hard disk, I knew something was amiss.
By Kush Wadhwa, NII Consulting Have you ever thought of hiding data in such a manner that it cannot be deleted even after the hard disk is formatted? Well, in this this article , we’ll look at just that; we will see how you can hide and unhide crucial data on your hard disk. The […]
by Bhushan Shah, NII Consulting Mrs Carol L. Stimmel has taken upon her to start a Computer Forensic Volunteer Project to provide low-cost services to those who cannot assert advantage from our skills. Here is a bit taken from the press release:- “As expert members of the international computer forensics community which provides unique and […]
by Bhushan Shah, NII Consulting The index.dat is a file which contains the list of the websites that one has visited. It comes from “indexing” which is used to speed up query responses. The autocomplete feature in Internet Explorer compares the addresses to the index.dat to find an appropriate match. The size and life of […]
By Chetan Gupta, NII Consulting In accordance with NII’s mantra of innovation and research, we have developed our own tool to conduct initial response on compromised Linux systems. This tool is appropriately titled LINReS which stand for “Linux INcident Response Script”. LINReS is a Live Response script designed to run on suspect/compromised Linux systems. LINReS […]
Securing your passwords against Rainbow Table Attacks By Bhushan Shah, NII Consulting In the previous article we looked at the Rainbow Tables and how it can crack windows passwords in a matter of seconds. In this article we will look at different ways to add complexity to the passwords and protocols to secure your system […]
NII Consulting’s Chetan Gupta (GCFA) has published an article at ForensicFocus on the Alternate Data Streams in NTFS, and how these can be detected. This article discusses a “…particular feature of this file system which was designed to offer compatibility with Macintosh Hierarchical File System (HFS) and store additional data called metadata for a file. […]
