I was listening to the Cyberjungle and was reminded about the free Open Source The Sleuth kit and Autopsy. I guess you guys in Forensics already know about it, but I know some shops just have some tools and buy products like encase, and may not "get out" enough to see if there is anything else useful...





As always there are some other things peripheral to the pages to check out.

Eeeh nostalgia TSK / Autopsy =)

Other Distro's also worth a look:

Sift http://digital-forensics.sans.org/community/downloads
Deft http://www.deftlinux.net/ site also contains a windows live response Win-UFO
and
Caine http://www.caine-live.net/

Kali more leaning towards pentest but still a useful distro.

Usual DIY'er warnings:
Not forgetting "Forensic" is in compliance with the law, DIY'er sysadmins messing with a "suspect" PC could actually render it inadmissible and themselves liable to prosecution. Always check your country/state laws.

iirc, some parts of the US were pushing for all computer investigators to have PI licensing.

K

_________________
Когда хочется кушать – съешь всё.
Голод не тётка!