Picking a Toolkit

Picking a Toolkit - Selamat datang di situs media global terbaru Xivanki, Pada halaman ini kami menyajikan informasi tentang Picking a Toolkit !! Semoga tulisan dengan kategori ini bermanfaat bagi anda. Silahkan sebarluaskan postingan Picking a Toolkit ini ke social media anda, Semoga rezeki berlimpah ikut dimudahkan Allah bagi anda, Lebih jelas infonya lansung dibawah -->


And some power tools


All blog posts to date
Introduction
My dad is a handyman. He is a handyman around the house, in the garage, in the yard, and he even has renovated and sold four houses, one of which was in decrepit shape and required a complete overhaul. Like a good father does, he taught me all I need to know to be a handyman around the house and in the garage. Did I retain it all? Debatable. One thing I absolutely learned is that I need a good set of tools.

When I was growing up, he had two entire walls of the garage covered in tools, including an impressive set of mechanic's wrenches, a drill press, several handheld power drills including a 1970's era drill in perfect condition that would still take your arm off if you hold it wrong, a good table saw, a radial arm saw, sanders, paint brushes, rollers, more screwdrivers than I know how to count, all matters of screws, nails, bolts, and other hardware, and the list just keeps going. So what defines a good set of tools? Here's some criteria …
  • appropriate for the jobs at hand. It's great to have a top of the line lawnmower, but it won't do you much good if the current task is to replace drywall.
  • high quality. There's a reason I buy good tools by the best brands. They hold up best and get the job done most efficiently.
  • collected and maintained throughout the years. While it is natural to replace tools with better ones when needed, some of the best tools are the ones you bought for a job a decade or more ago. Any handyman has some especially old tools and can tell you exactly what job he was doing which required him to buy a specific tool and some success stories which would not be possible without that specific tool.
  • organized in a way that makes sense for you and you alone. You should create a toolkit and continually add to it and keep it organized in a way that allows you to find whatever tool you need quickly and store it in a place that just seems right. I can’t tell you the number of times my family has said that my tool bench makes no sense, but it works for me. I use no tool more frequently than my good power drill, so it is the easiest thing for me to grab.

In the world of digital forensics, every examiner develops a toolkit. The toolkit includes all kinds of forensic tools, cables, kits, and of course a forensic computer. The forensic computer, where the examiner acquires a digital image, examines it to find files which are considered of value, analyzes evidence found (from the digital media being examined and also relationally with evidence from other sources), and saves all findings and analyses in a report. And of course, a good examiner documents all along the way.

A forensic computer needs an operating system (OS). Before diving into tools, I need to discuss operating systems. As I said previously, a good toolkit should be organized in a way that makes sense for you, so in that vein, I will not specify an exact operating system. However, all of the tools I will be going over are either Windows or Linux, so you will need access to both a Windows machine and a Linux machine. You can run either or both of these in virtual machines (VMs) if you wish, or you can do what I do and have a computer with multiple hard drives and choose an operating system at boot.

Linux comes in a lot of varieties. A common variant of Linux is Ubuntu (www.ubuntu.com) and is an excellent OS to use if you are new to Linux. There are distributions of Linux designed for specific purposes, ranging from penetration testing to multimedia production. Believe it or not, there are even versions of Linux designed specifically for mobile forensics. Two great ones are Santoku (santoku-linux.com) by the group ViaForensics out of Chicago, and Open Source Android Forenics (OSAF) (www.osaf-community.org). Both of these distributions come loaded with all kinds of good mobile forensic tools. I personally use Santoku for my OS in my main computer.

I’m not here to recommend on OS over another. Try out whatever Linux variant you care to try, and pick whatever you like. Santoku and OSAF both come loaded with much of what I will be going over in this blog, so if you pick another OS you will need to download and install the tools I demonstrate. Again, I’m not here to recommend any OS and am not a representative of any OS distribution effort.

Getting started
To get started, you’re going to need your toolkit, and your toolkit starts with an OS. For what I will demonstrate on this blog, you will need both a Linux environment and a Windows environment. You can install either or both in VMs or on physical machines.

You also will need a method to transfer files, possibly particularly large files, from your Linux to your Windows environment and perhaps vice versa. Please be advised, if you use external storage, like a flash drive or external hard drive, and you have formatted it FAT32, the max file size you can copy to the drive is 4 gigabytes, and chances are you’ll be creating larger files than that.

You will also need some tools. I will go over more of these as I go on, but for now I will highlight two that I use all the time.

  • FTK Imager for Windows. Great and free tool for examining a digital image. It also has some other great uses, including imaging a volume or a physical drive, but I don’t intend to go over those capabilities. It is on this page: www.accessdata.com/support/product-downloads
  • Android SDK for Linux. developer.android.com/sdk/index.html - download the link that says Linux 32 & 64 bit and follow the instructions to install at developer.android.com/sdk/installing/index.html?pkg=tools. (Note, this is included in the distributions I highlighted.)
  • You can also set up the SDK in the Windows environment if you like. I personally prefer to interact with the phone in Linux because the way I will demonstrate how to live image uses Linux tools.

Forensic 4Cast awards
I would be humbled and honored if you would consider nominating my blog, Free Android Forensics, for the award "Digital Forensic Blog of the Year" presented by Forensic 4Cast.

Forensic 4Cast is an excellent resource for all things digital forensics. They run an annual awards ceremony for digital forensics achievements for the year.

2017 was a banner year for Free Android Forensics. From imaging an Android car stereo to studying the Waze app to imaging newer devices and some other fun topics, there was a lot to cover last year. I continually hope to serve the forensic community well by providing interesting topics.

As always, I thank you for reading. If you found my content useful, insightful, interesting, or maybe even funny, please consider nominating Free Android Forensics for Digital Forensic Blog of the Year.

Summary
  • You'll need both a Linux and a Windows environment
  • Pick a Linux distribution you like, and I've recommended a couple
  • Go ahead and download and install both FTK Imager for Windows and the Android SDK for Linux

That’s all for now. Next page introduces imaging a device.

Questions, comments, suggestions, or experiences?  House projects you may be working on right now?  Leave a comment below, or send me an email.



Demikian info Picking a Toolkit, Semoga dengan adanya postingan ini, Anda sudah benar benar menemukan informasi yang memang sedang anda butuhkan saat ini. Bagikan informasi Picking a Toolkit ini untuk orang orang terdekat anda, Bagikan infonya melalui fasilitas layanan Share Facebook maupun Twitter yang tersedia di situs ini.

Previous Post Next Post