Papers Back to ContentsPlease take Note!
I love what I do, including research, writing, testing, etc. And, I love to help others! However, please note that all of my work here is protected by applicable copyright laws. You do have my permission to view my papers. However, you do not have my permission to distribute my work in any manner or form without first receiving my express written consent. Examples of what you are not allowed to do include;
- posting a local copy of my paper on your web site
- putting my paper on your CD-ROM that you distribute to a class, at a conference, etc.
- copying and pasting my work into your presentation
If you are interested in referencing or distributing my work please contact me and let's talk! Thank you!
Independent Validation & Verification of SMART for Linux
An Independent Validation and Verification for the data forensic program SMART, developed by ASR Data Acquisition and Analysis, LLC. In this paper I verified the four critical functions all forensic examiners need; authentication, imaging, restoring, and wiping. (PDF format)
Next Generation Data Forensics & Linux
I wrote this article so that folks new to Linux could get a clear grasp of what makes Linux so powerful and an excellent platform for performing Data Forensics work, whether it be the analysis of standalone personal computers or network investigations. It was originally published in the June 2002 edition of Under the Brim, the monthly Red Hat publication. It is part one of a two part series. (PDF format)
Building a Super Kernel for Data Forensics
Updated January 2003
After receiving a number of e-mails and wanting to make updates I set out to revise my original paper. However, after a bit of work I opted for a clean start, a new write. So here it is, my new kernel paper. Please discard the old copy if you have it! This paper focuses on recompiling the Linux kernel for the benefit of data forensics.
If for some reason you want the old paper it will be here.
Independent Validation & Verification of SMART for BeOS
This paper is the result of an validation I performed on the SMART utility written by ASR Data & Acquisition, LLC. I tested four functions of the program; hashing, imaging, wiping, and restoring. View the results in this paper (PDF format).
Poor Man's Guide to Multi-Booting
A KISSing (Keeping it simple stupid) approach on partitioning a hard disk so that numerous operating systems can be installed and booted. Take you from A to Z, including some key technical information. Read this to jump start your system!
Analysis of Microsoft's AutoComplete Function
An in-depth analysis of how this function is used within Internet Explorer. I've also included a list of tools that can be used to monitor this activity.
A Brief on VPN Management Issues
The target audience are managers (systems and business). I feel there are 4 areas that are neglected during the design and research phase of a VPN solution - and I discuss them in this brief. These areas are: user/database, tunnel/key, software/hardware, and support.
A Guide to Penetration Testing
First Draft of a guide to penetration testing. Target audience are security engineers and management. Covers information gathering techniques, tools to use, and concerns to think about.
And You Thought DELETE Meant DELETE!
This is a very high level article aimed at the average computer user. When you delete a file, is it really deleted? Read this article to find out!
Evidence Seizure Methodology for Computer Forensics
I started writing this paper as a guideline for evidence seizure - sort of a step-by-step approach. As I got more and more involved with this subject area, I became aware that there is no one methodology for seizing evidence. From that, this paper branched out into how to prepare your department for a forensics investigation, the importance of developing a methodology, as well as the steps to take when seizing evidence.
Examples of using DD within UNIX to Create Physical Backups
In response to some questions I've received as well as listening to a few individuals at the Computer Crime Symposium, I decided to write a short paper on the UNIX DD command and how useful it is when creating a physical backup of evidence.
copyright © 2002-2010 info(at_sign_here_folks)crazytrain(dot)com