SlideShare ist ein Scribd-Unternehmen logo

Case study on Physical devices used in Computer forensics.

Vishal Tandel
Vishal Tandel

Physical devices that help in resolving the forensics cases in computer forensics.

Geräte & Hardware
1 von 31
Downloaden Sie, um offline zu lesen
Case Study on Physical devices used in Computer forensics Presented by – Vishal Tandel
Introduction • Computer forensics is the practice of collecting, analysing and reporting on digital data in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally. Computer forensics follows a similar process to other forensic disciplines, and faces similar issues. • Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
Forensics Systems • The F.R.E.D. family of forensic workstations consists of integrated forensic processing platforms capable of handling the most challenging computer case. Available in mobile, stationary and laboratory configurations, these systems are designed for both the acquisition and examination of computer evidence. F.R.E.D. professional forensic systems, and the Digital Intelligence UltraBay 3d universal write protected imaging bay, deliver the ability to easily duplicate evidence directly from IDE/SAS/SATA hard drives, USB devices, Firewire devices, CDs, DVDs, LTO-4 tapes and PC Card/Smartmedia/SD-MMC/Memory Stick/Compact Flash media in a forensically sound environment.
FRED and FRED DX • FRED is our Forensic Recovery of Evidence Device. The FRED family of forensic workstations are highly integrated, flexible and modular forensic platforms and now include DI's exclusive UltraBay 3d Write Protected Imaging Bay. • The UltraBay 3d™ and UltraBay 3™ (available on FREDDIE and uFRED) are the industry's first USB 3.0 integrated forensic bridge that includes a touch screen display and a graphical user interface for acquisition process monitoring (when using Tableau Imager).
• The industry's first USB 3.0 integrated forensic bridge. • Completely integrated / internal system solution. • Integrated Write Blocked (Read-Only) Ports: • SAS • SATA • IDE • USB 3.0/2.0/1.1 • FireWire 400/800 • Touch screen with a graphical user interface (GUI) for acquisition process monitoring. • Full multi-LUN FireWire acquisition support is provided for Write Protected imaging of Apple Mac systems booted to FireWire device mode. • Firmware updates available at no charge through Tableau Firmware Update. • Full HPA/DCO support for SATA and IDE devices. • FireWire write-blocked port has 9-pin FW800 connector and supports both FW400 and FW800 devices.
FRED FRED with 1 RAID FRED with 2 RAID FRED - Core I7 MB $5,999 (Standard Configuration) FRED DX - Dual Xeon MB $7,999 (Standard Configuration) FRED - Core I7 MB $8,549 (Standard Configuration) FRED DX - Dual Xeon MB $10,549 (Standard Configuration) FRED - Core I7 MB $9,349 (Standard Configuration) FRED DX - Dual Xeon MB $11,349 (Standard Configuration)
FREDDIE • Forensic Recovery of Evidence Device (Diminutive Interrogation Equipment) is FREDDIE. FREDDIE is a highly portable solution which meets both imaging and processing requirements. FREDDIE Standard w/UltraBay 3 SKU: F2010 $7,999.00 • FREDDIE is the ultimate solution in mobile forensic processing power. FREDDIE is the little brother of our larger FRED unit. Like its older brother, FREDDIE is a highly integrated, flexible and modular forensic platform designed from the ground up for both the acquisition and analysis of computer evidence with the added advantage of being highly portable. FREDDIE uses the same motherboard, and many of the same components, as our larger FRED unit. The removable devices in our custom forensic bays can be used in both FRED and FREDDIE
• FREDDIE is designed for use “On Location” at electronic crime scenes. Remove the hard drive(s) from the suspect system and plug them into FREDDIE and acquire the electronic evidence. FREDDIE is designed to acquire data directly from IDE/EIDE/ATA/SATA/ ATAPI/ SAS/USB/Firewire hard drives and storage devices.No more worrying about the problems encountered trying to configure parallel devices on suspect equipment in order to use external backup devices.  Baseline FREDDIE Specifications. • 14" High, 17 1/4" Wide, 10 1/4" Deep - 55 lbs • Intel Core i7-4820K CPU (Quad Processor), 3.7 GHz, 10MB Intel Smart Cache, 5 GT/s DMI • 32 GB (4x8GB)PC3-12800 DDR3 1600 MHz Memory • 1 x 500 GB 10,000 RPM SATA III Hard Drive - OS Drive • 1 x 128 GB Solid State SATA III Hard Drive - Temp/Cache/DB Drive • 1 x 2.0 TB 7200 RPM SATA III Hard Drive - Data Drive.
FRED SR • FRED SR (Dual Xeon) is the highest performance member of the FRED family of forensic workstations. FRED SR has all the functional capabilities of a FRED system with the addition of components optimized for the absolute highest level of processor, memory, and I/O performance. FRED SR Standard SKU: F3120 $14,999.00
• Baseline FRED SR Specifications • Dual(2) Intel Xeon E5-2620 v2 CPU, (Hex Core) 2.1 GHz, 15MB Cache, 7.2 GT/s Intel QPI • 32 GB PC3-12800 DDR3 1600 MHz ECC Memory • 1 x 500 GB 10,000 RPM SATA III Hard Drive - OS Drive • 1 x 128 GB Solid State SATA III Hard Drive - Temp/Cache/DB Drive • 1 x 2.0 TB 7200 RPM SATA III Hard Drive - Data Drive installed in HotSwap Bay1 • 22" WideScreen LCD Monitor with Built-in Speakers.
FREDL • FREDL is our Forensic Recovery of Evidence Device - Laptop. FREDL is the ultimate solution in mobile forensic imaging convenience and includes our UltraKit - the preferred mobile forensic acquisition solution. FREDL w/UltraKit SKU: F4110 $4,999.00 • The FREDL forensic laptop and the included UltraKit work together to quickly, efficiently and securely image IDE, SATA, SAS and USB hard drives in a forensically sound environment. FREDL is built on the very latest and fastest in i7 Processor technology.
LEFT VIEW FRONT VIEW RIGHT VIEW TOP VIEW BACK VIEW BOTTOM VIEW
 Baseline FREDL Specifications • Intel Core i7-4810MQ Quad Core Processor, 2.8 GHz, 6MB L3 Cache • 8 GB DDR3 1600 PC3-12800 Memory • 256 GB Solid State internal SATA Drive • Intel HM87 Chipset • 15.6" Full HD(1920x1080) LED Backlit Display • nVidia GeForce GTX 870M with 6 GB GDDR5 VRAM • Internal 6x BD-R BluRay Burner /8x DVD +- R/2.4x +DL Super Multi Combo Drive • Integrated Components: • 10/100/1000 Mbps Ethernet LAN • 802.11a/b/g/n Wireless LAN + Bluetooth (Intel 6235AGN) • Card Reader 9-in-1 (MMC/RSMMC/MS/MS Pro/MS Duo/SD/Mini-SD/SDHC/SDXC) • 2.0 Megapixel Digital Video Camera • High Definition Audio • Microphone • Speakers (2) • 19mm Full-Size Keyboard with numeric keypad - Illuminated • Touch Pad pointing device(2 buttons)with scroll function • Finger Print Reader 1 HDMI Port 1 DisplayPort 1.2 1 Mini DisplayPort 1.2 1 Headphone jack 1 Microphone jack 1 Line-In jack 1 S/PDIF output jack 1 RJ45 LAN jack 1 USB 2.0 ports 3 USB 3.0 ports 1 IEEE 1394a 1 E-SATA Port (USB 3.0 Combo) Li-Polymer 8 Cell, 5200mAh, 79.96Wh Battery Pack Kensington Lock Universal AC Adapter (100~240V AC 50/60hz) Dimensions: 14.76 x 10.55 x 1.73 (inch) Weight: 7.28 lbs (complete system + battery) Operating Systems Included: Windows 7 Ultimate (64 bit), Windows 98 Standalone DOS.
FREDC FORENSIC NETWORK • A Forensic Network is a series of processing and imaging computers connected and integrated directly with a high-speed, high-capacity server to share resources. The file server operates as the core of the Forensic Network and can be used as a central storage facility for Forensic Images as well as applications software for use by the client processing and imaging stations. Workstation clients on the network perform the actual imaging and processing tasks, while the central file server stores the images and case work. • The FREDC is a fully configured, private cloud, for Forensic Storage. Centralized Storage, centralized administration, centralized security, and centralized backup! All the things that made REAL file servers great - all in a platform fast enough to make it worthwhile! Unlike other generic "IT-Centric" network solutions, the FREDC has been designed from the ground up to be fast and reliable for direct forensic imaging and processing to/from the server itself. While other solutions require secondary copies to network storage, the FREDC systems have been designed for the direct ingest and processing of data. No need for closets full of old hard drives or massive amounts of local workstation storage!
 FREDC Features • 10GB Ethernet Network (10GBase-T) for Compatibility 10GBase-T Network Infrastructure is backwardly compatible with Standard Gigabit Ethernet Interfaces and Cables. Use Cat6A cables and 10GBase-T adapters for 10G speeds. Connect legacy Gigabit devices using standard Cat5e cables and Interfaces. Even legacy Gigabit workstations can achieve forensic imaging speeds of up to 6.6 GB/Min using this network! Use what you have now and upgrade your connectivity as you move forward! • Integrated Backup/Archive Software and Hardware A 16-Tape Robotic Tape Library and Enterprise-class software is included with each system. Fifteen Ultrium-5 Tapes (3TB Compressed/1.5 TB Native capacity per tape) are included. We even include a cleaning cartridge! The Enterprise-class Backup and Archive software has been pre- installed and configured. Training is provided on the use of the software with special focus on suggested methods to protect and archive your forensic case work. FREDC Configured With 4 RAIDs and 3 FREDs
FORENSIC WRITE BLOCKERS • With operating systems becoming more complex, it is increasingly important to protect fragile computer evidence. Be confident about maintaining the integrity of your data during examination with hardware write protection devices from Digital Intelligence. • Digital Intelligence designs and offers parallel IDE, serial ATA and SCSI hardware write blockers, as well as other custom solutions, to effectively address specific write blocking requirements. Learn how our UltraKit, UltraBlock, FireFly, FireBlock, SCSIBlock and FireChief devices can maintain the integrity of your evidence. • The UltraKit III is a portable kit which contains a complete family of UltraBlock hardware write blockers along with adapters and connectors for use in acquiring a forensically sound image of virtually any hard drive or storage device you may encounter. Simply select the appropriate Write Protected UltraBlock and attach it to the source drive and use your desktop or laptop to acquire a forensically protected disk image to an internal drive or externally connected drive enclosure.
UltraKit III SKU: W3705 $1,419.00 UltraKit III + FireWire SKU: W3712 $1,649.00 UltraKit III + FireWire + TD2 SKU: W3825 $2,999.00 UltraKit III (T35U) + FireWire + TD3 + TDPX8-RW + TDPX6 SAS Protocol Module SKU: W3880 $4,299.00 UltraKit III (T35ES) + FireWire + TD3+ TDPX8-RW + TDPX6 SAS Protocol Module SKU: W3885 $4,349.00
ULTRABLOCK USB 3 IDE / SATA (Read Only) • The Read-Only UltraBlock USB 3 IDE/SATA is used to acquire data from an IDE or SATA hard drive in a forensically sound write-protected environment. • The Read Only UltraBlock USB 3.0 IDE-SATA (USB 2.0 compatible) is used to acquire data from an IDE or SATA hard drive in a forensically sound write-protected environment. The USB 3.0 family of portable forensic bridges offer faster imaging speeds, reliable performance, and an easy to use USB 3.0 host computer connection. • UltraBlock USB 3.0 IDE-SATA Write Blocker • The UltraBlock USB 3.0 Forensic IDE/SATA Bridge supports write-blocked, forensic acquisitions of both SATA and IDE storage devices through a fast USB 3.0 host connection. It offers forensic examiners the ease of use, reliability, and imaging speed necessary to image today's larger and faster hard-disk drives - in both lab or field environments.
UB USB 3.0 IDE-SATA Read Only Kit SKU: W2710 $349.00 Extra Power Supply SKU: X1000 $25.00 PC Interface: One USB 3.0 Type B (9- pin, super/ high/full/low speed) Drive Interfaces: SATA Signal Connector, IDE signal Connector User Configurable: Read-Only or Read-Write via DIP switch
ULTRABLOCK USB 3 IDE / SATA (Read Write) • The Read Write UltraBlock USB 3 IDE/SATA is used to write data to an IDE or SATA hard drive. • The Read Write UltraBlock USB 3.0 IDE-SATA (USB 2.0 compatible) is used to write data to an IDE or SATA hard drive. The USB 3.0 family of portable forensic bridges offer faster imaging speeds, reliable performance, and an easy to use USB 3.0 host computer connection • UltraBlock USB 3.0 IDE/SATA pre-configured for read/write operation. It's available in a yellow case so that you can easily distinguish a pre-configured read/write device from a read-only device. It offers forensic examiners the ease of use, reliability, and imaging speed necessary to image today's larger and faster hard-disk drives - in both lab or field environments.
UB USB 3.0 IDE-SATA Read Write Kit SKU: W2760 $349.00 Extra Power Supply SKU: X1000 $25.00 PC Interface: One USB 3.0 Type B (9- pin, super/ high/full/low speed) Drive Interfaces: SATA Signal Connector, IDE signal Connector User Configurable: Read-Only or Read-Write via DIP switch
ULTRABLOCK eSATA IDE / SATA (Read Only) The Read-Only UltraBlock eSATA IDE/SATA is used to acquire data from an IDE or SATA hard drive in a forensically sound write-protected environment. ULTRABLOCK eSATA IDE / SATA (Read Write) The Read Write UltraBlock eSATA IDE/SATA is used to write data to an IDE or SATA hard drive. ULTRABLOCK SAS The UltraBlock SAS is used to acquire data from a Serial Attached SCSI hard drive in a forensically sound write-protected environment. ULTRABLOCK FIREWIRE WRITE BLOCKER The UltraBlock Firewire Write Blocker brings secure, hardware-based write blocking to the world of Firewire devices. ULTRABLOCK USB (V2) WRITE BLOCKER The UltraBlock Forensic USB Write Blocker brings secure, hardware-based write blocking to the world of USB mass storage devices. Version 2 offers manyimprovements over the initial release. ULTRABLOCK FORENSIC CARD READER These units can be used for writing and the forensic acquisition of information found on multimedia and memory cards.
STANDALONE FORENSIC DEVICES • Standalone forensic devices which address specific needs of the Computer Forensics Investigator. GPU PowerStation The GPU Power Station is the first commercially available SuperComputer expansion chassis designed and optimized for massive parallel processing and computation. SUPERCHIEF USB3 IDE / SATA The SuperChief (IDE/SATA) is a dual bay USB3 to IDE and SATA enclosure that is completely configurable for Read Only or Read Write operation. 3.5 INCH USB3 SATA HD ENCLOSURE The 3.5" HD enclosure connects to a SATA drive and is read-write and read-only switchable. The enclosure operates at USB 3.0 speeds and includes a power supply and USB3 data cable.
FORENSIC IMAGER 3 The Forensic Imager 3, with a color touchscreen interface, provides forensic write blocking for IDE, SATA, SAS, USB3 and Firewire devices. FORENSIC DUPLICATOR 2U The Forensic Duplicator 2U natively images USB 3.0, SATA, and IDE/PATA storage devices. Investigators can (optionally) image SAS drives by using the same TDP6 module used with Forensic Duplicator 1 and 2. FORENSIC DUPLICATOR 2 Provides forensic (write-protected source drive) disk-to-file or disk-to-disk duplication for IDE to SATA and SATA to SATA hard disk drives. This version is 1:2 which allows you to copy from one IDE or SATA drive to two SATA destinations simultaneously. FORENSIC DUPLICATOR Provides forensic disk-to-file or disk-to-disk duplication for IDE to IDE, IDE to SATA, SATA to SATA and SATA to IDE hard disk drives. HARDCOPY 3P 1:2 Portable Forensic Hard Drive Duplicator. The HardCopy has been refined and redesigned to meet the ever-growing needs of progressive and committed forensic investigators. SHADOW 3 This completely unique and patented forensic tool allows you to boot and run a suspect computer on the spot and in minutes without compromising evidence - no drive imaging required.
ACCESSORIES • Here you'll find adapters, power supplies, hard drive trays, cables and other hardware and accessories for our products PRECISION ELECTRONICS TOOL KIT • The Precision Electronics Tool Kit is a complete comprehensive standard in precision screwdriver bit sets, featuring 30pcs of selected bits and 10pcs of essential repair devices. The devices are organized in a durable carrying case. This kit allows disassembly of most branded smart phones, video games, notebooks, electronic devices and more.
Precision Electronics Tool Kit SKU: X1250 $34.95
MULTIDRIVE ADAPTER • The MultiDrive Adapter allows 2.5 inch, 1.8 inch pin connector and 1.8 inch ZIF connector IDE hard drives to be connected to a write blocker or standard 40 pin IDE connector. • This adapter will not connect to a MacBook Air SATA LIF Hard Drive. MultiDrive Adapter SKU: A4400 $69.95 Replacement ZIF to PIN Adapters (2) SKU: A4405 $16.00
BLADE TYPE SSD ADAPTER Connect your Mac Air BLADE Type SSD (128Gb or 256Gb) to a SATA power and data cable. Pentalobe screwdrivers are also available to disassemble your iPhone or MacBook Air. SATA LIF ADAPTER Easily connect your 1.8 inch Mac Air SATA LIF hard drive to a SATA cable. Each adapter features a SATA LIF female drive interface, 2 interchangeable SATA LIF connector cables, and convenient carrying case. ADAPTER PACK Includes 2" IDE Cable, 2.5" hard drive adapter, 1.8" pin Hard Drive Adapter, MicroSATA Adapter and ZIF Adapter in zippered case. ZIF ADAPTER This kit is offered by Digital Intelligence to meet the high duty cycle required for Forensic applications. Rugged pocket size enclosure with structurally mounted power connection. Easily connect your 1.8 inch notebook IDE hard drive to a 40-pin IDE cable. Each adapter features a ZIF female laptop drive interface, 4 interchangeable ZIF connector cables, and a and convenient carrying case. 1.8 INCH ZIF or PIN HD ENCLOSURE The 1.8" HD enclosure connects to either a ZIF or PIN drive. The enclosure operates at USB 2.0 speeds and requires no additional power supply. Available with or without a hard drive pre- installed. 2.5 INCH USB3 SATA HD ENCLOSURE The 2.5" HD enclosure connects to a SATA drive. The enclosure operates at USB 3.0 speeds and requires no additional power supply. 3.5 INCH HARD DRIVE ENCLOSURE This enclosure holds a single 3.5 inch SATA Hard Drive and uniquely supports all of the following interfaces: eSATA, FireWire 400 (1394a), FireWire 800 (1394b), and USB 2.0.
USBPROTOCOLMODULE ConnectandcopyUSBdevicesonyour ForensicDuplicator. SASPROTOCOLMODULE ConnectandcopySASharddrivesonyour ForensicDuplicator. PROTOCOLMODULEBUNDLE ConnectandcopyUSBandSASharddriveson yourForensicDuplicator. FAR - FORENSIC ARCHIVE AND RESTORE Fernico FAR systems are specifically designed for Digital Forensic Investigators who need a complete solution for backup, restoration and acquisition of forensic data evidence. Backup Digital Evidence Automatically to DVD, HD- DVD or Blu-Ray Disc. Restore Disks to Rebuild or Review Cases. Acquire Evidence From a Variety of Media. MICROSATA ADAPTER The MicroSATA Adapter can be used to adapt a SATA interface to a Micro SATA drive. This is for the adapter only, the Micro SATA HD pictured is for graphic representation only and not included. RoHS compliant. SD ADAPTERS The SD Adapters are used to adapt a MicroSD and MiniSD card to an SD form factor.
Conclusion • These are a few popular digital forensics devices used by various law enforcement agencies in performing crime investigations. In this paper all kind of devices like premium, computer forensics, mobile forensics and others. If you are going to start learning digital forensics, you can download or buy these devices and start working on those. It will help you in better understanding the whole process and devices. • These are not the only devices. There are various other free and premium devices available in the market. So, you can do more research on the devices to know more about those devices. These devices are added in random order. So, please don’t consider it as a ranking of the devices. I just tried to make a list of popular digital forensics devices only. • With the increasing use of digital data and mobile phones, digital forensics has become more important. Cyber crimes are also increasing day by day. So companies are also trying to launch more powerful version of the devices, and you need to be in touch of latest digital forensics news to know about recent releases.
References 1. Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations, Computer Crime and Intellectual Property Section (CCIPS) July-2002. http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.html 2. Thomas Welch, “Handbook of information Security Management”, CRC Press LLC, 1999. 3. G.Shpantzer and T.Ipsen, “Law Enforcement Challenges in Digital Forensics.” Proc. 6th National Colloquium Information System Security Education. NCISSE Colloquium press,2002. 4. http://en.wikipedia.org/wiki/EnCase. 5. http://www.digitalintelligence.com/ 6. www.accessdata.com/ 7. www.sleuthkit.org/

Empfohlen

Data Acquisition
Data AcquisitionData Acquisition
Data Acquisitionprimeteacher32
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics toolSreekanth Narendran
 
Encase Forensic
Encase ForensicEncase Forensic
Encase ForensicMegha Sahu
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 

Empfohlen

Data Acquisition
Data AcquisitionData Acquisition
Data Acquisitionprimeteacher32
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics toolSreekanth Narendran
 
Encase Forensic
Encase ForensicEncase Forensic
Encase ForensicMegha Sahu
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
E-mail Investigation
E-mail InvestigationE-mail Investigation
E-mail Investigationedwardbel
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Computer Forensics Working with Windows and DOS Systems
Computer Forensics Working with Windows and DOS SystemsComputer Forensics Working with Windows and DOS Systems
Computer Forensics Working with Windows and DOS SystemsJyothishmathi Institute of Technology and Science Karimnagar
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime sceneSKMohamedKasim
 
Solid state drive (ssd)
Solid state drive (ssd)Solid state drive (ssd)
Solid state drive (ssd)Mukesh Mirrey
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imagerParminderKaurBScHons
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Windows forensic
Windows forensicWindows forensic
Windows forensicMD SAQUIB KHAN
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicTawhidur Rahman
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Superworkflow of Graph Neural Networks with K8S and Fugue
Superworkflow of Graph Neural Networks with K8S and FugueSuperworkflow of Graph Neural Networks with K8S and Fugue
Superworkflow of Graph Neural Networks with K8S and FugueDatabricks
 
E mail forensics
E mail forensicsE mail forensics
E mail forensicssaddamhusain hadimani
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - NotesKranthi
 
Cell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsCell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsArthyR3
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 
Letter Written In 2070
Letter Written In 2070Letter Written In 2070
Letter Written In 2070Raymund Sanchez
 
Market and Customer Development - Entrepreneurship 101
Market and Customer Development - Entrepreneurship 101 Market and Customer Development - Entrepreneurship 101
Market and Customer Development - Entrepreneurship 101 MaRS Discovery District
 

Weitere ähnliche Inhalte

Was ist angesagt?

Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime sceneSKMohamedKasim
 
Solid state drive (ssd)
Solid state drive (ssd)Solid state drive (ssd)
Solid state drive (ssd)Mukesh Mirrey
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Superworkflow of Graph Neural Networks with K8S and Fugue
Superworkflow of Graph Neural Networks with K8S and FugueSuperworkflow of Graph Neural Networks with K8S and Fugue
Superworkflow of Graph Neural Networks with K8S and FugueDatabricks
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - NotesKranthi
 
Cell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsCell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsArthyR3
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 

Was ist angesagt? (20)

Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Computer Forensics Working with Windows and DOS Systems
Computer Forensics Working with Windows and DOS SystemsComputer Forensics Working with Windows and DOS Systems
Computer Forensics Working with Windows and DOS Systems
 
Handling digital crime scene
Handling digital crime sceneHandling digital crime scene
Handling digital crime scene
 
Solid state drive (ssd)
Solid state drive (ssd)Solid state drive (ssd)
Solid state drive (ssd)
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imager
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidence
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
 
Windows forensic
Windows forensicWindows forensic
Windows forensic
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Superworkflow of Graph Neural Networks with K8S and Fugue
Superworkflow of Graph Neural Networks with K8S and FugueSuperworkflow of Graph Neural Networks with K8S and Fugue
Superworkflow of Graph Neural Networks with K8S and Fugue
 
E mail forensics
E mail forensicsE mail forensics
E mail forensics
 
Network security
Network securityNetwork security
Network security
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
 
Cell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices ForensicsCell Phone and Mobile Devices Forensics
Cell Phone and Mobile Devices Forensics
 
Memory forensics
Memory forensicsMemory forensics
Memory forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software tools
 

Andere mochten auch

Market and Customer Development - Entrepreneurship 101
Market and Customer Development - Entrepreneurship 101 Market and Customer Development - Entrepreneurship 101
Market and Customer Development - Entrepreneurship 101 MaRS Discovery District
 
“How to build and market a new product category” by Niklas Jansen, co-founder...
“How to build and market a new product category” by Niklas Jansen, co-founder...“How to build and market a new product category” by Niklas Jansen, co-founder...
“How to build and market a new product category” by Niklas Jansen, co-founder...TheFamily
 
Accounting Scandal- Waste management Inc
Accounting Scandal- Waste management IncAccounting Scandal- Waste management Inc
Accounting Scandal- Waste management IncSaurabh Maloo
 
Laptop industry analysis porter pestel By Saurabh Maloo
Laptop industry analysis porter pestel By Saurabh MalooLaptop industry analysis porter pestel By Saurabh Maloo
Laptop industry analysis porter pestel By Saurabh MalooSaurabh Maloo
 
Introduction to Market Segmentation
Introduction to Market SegmentationIntroduction to Market Segmentation
Introduction to Market SegmentationRaymund Sanchez
 
Is there a market for my new product nf programme 2012 mirc athlone
Is there a market for my new product nf programme 2012 mirc athloneIs there a market for my new product nf programme 2012 mirc athlone
Is there a market for my new product nf programme 2012 mirc athloneGreg Byrne
 
Cluster analysis for market segmentation
Cluster analysis for market segmentationCluster analysis for market segmentation
Cluster analysis for market segmentationVishal Tandel
 

Andere mochten auch (9)

Letter Written In 2070
Letter Written In 2070Letter Written In 2070
Letter Written In 2070
 
Market and Customer Development - Entrepreneurship 101
Market and Customer Development - Entrepreneurship 101 Market and Customer Development - Entrepreneurship 101
Market and Customer Development - Entrepreneurship 101
 
“How to build and market a new product category” by Niklas Jansen, co-founder...
“How to build and market a new product category” by Niklas Jansen, co-founder...“How to build and market a new product category” by Niklas Jansen, co-founder...
“How to build and market a new product category” by Niklas Jansen, co-founder...
 
Accounting Scandal- Waste management Inc
Accounting Scandal- Waste management IncAccounting Scandal- Waste management Inc
Accounting Scandal- Waste management Inc
 
Csr presentation
Csr presentationCsr presentation
Csr presentation
 
Laptop industry analysis porter pestel By Saurabh Maloo
Laptop industry analysis porter pestel By Saurabh MalooLaptop industry analysis porter pestel By Saurabh Maloo
Laptop industry analysis porter pestel By Saurabh Maloo
 
Introduction to Market Segmentation
Introduction to Market SegmentationIntroduction to Market Segmentation
Introduction to Market Segmentation
 
Is there a market for my new product nf programme 2012 mirc athlone
Is there a market for my new product nf programme 2012 mirc athloneIs there a market for my new product nf programme 2012 mirc athlone
Is there a market for my new product nf programme 2012 mirc athlone
 
Cluster analysis for market segmentation
Cluster analysis for market segmentationCluster analysis for market segmentation
Cluster analysis for market segmentation
 

Ähnlich wie Case study on Physical devices used in Computer forensics.

Dell precision-t3400-workstation-en
Dell precision-t3400-workstation-enDell precision-t3400-workstation-en
Dell precision-t3400-workstation-enEwerton gon?lves
 
INNOWAVE FREEDOM NANO PACS
INNOWAVE FREEDOM NANO PACS INNOWAVE FREEDOM NANO PACS
INNOWAVE FREEDOM NANO PACS Vivek Mehrotra
 
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basicLec no. 4 hardware and software basic
Lec no. 4 hardware and software basicJiian Francisco
 
Electronics Engineer Portfolio
Electronics Engineer PortfolioElectronics Engineer Portfolio
Electronics Engineer PortfolioAnupama Sujith
 
Hardware and networking detailed ppt
Hardware and networking detailed pptHardware and networking detailed ppt
Hardware and networking detailed pptIICT Chromepet
 
2.-HARDWARE.pptx
2.-HARDWARE.pptx2.-HARDWARE.pptx
2.-HARDWARE.pptxAndrewBeka
 
Case study for it03 roshan
Case study for it03 roshanCase study for it03 roshan
Case study for it03 roshanrosu555
 
QNAP for IoT
QNAP for IoTQNAP for IoT
QNAP for IoTqnapivan
 
dell precision t5500 specsheet & youer computer
dell precision t5500 specsheet & youer computerdell precision t5500 specsheet & youer computer
dell precision t5500 specsheet & youer computerssuser002ebc
 
OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)Scott Eiser
 
Unified Computing System - PC Without CPU
Unified Computing System - PC Without CPUUnified Computing System - PC Without CPU
Unified Computing System - PC Without CPUErAnalSalshingikar
 
Computer specifications.ppsx
Computer specifications.ppsxComputer specifications.ppsx
Computer specifications.ppsxmnm Lastopop
 

Ähnlich wie Case study on Physical devices used in Computer forensics. (20)

Fred server
Fred serverFred server
Fred server
 
Dell precision-t3400-workstation-en
Dell precision-t3400-workstation-enDell precision-t3400-workstation-en
Dell precision-t3400-workstation-en
 
INNOWAVE FREEDOM NANO PACS
INNOWAVE FREEDOM NANO PACS INNOWAVE FREEDOM NANO PACS
INNOWAVE FREEDOM NANO PACS
 
Dell precision 380
Dell precision 380Dell precision 380
Dell precision 380
 
Hardware
HardwareHardware
Hardware
 
Hardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. PoirotHardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. Poirot
 
Hwswb
HwswbHwswb
Hwswb
 
Network
NetworkNetwork
Network
 
Peripherals
PeripheralsPeripherals
Peripherals
 
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basicLec no. 4 hardware and software basic
Lec no. 4 hardware and software basic
 
Electronics Engineer Portfolio
Electronics Engineer PortfolioElectronics Engineer Portfolio
Electronics Engineer Portfolio
 
Hardware and networking detailed ppt
Hardware and networking detailed pptHardware and networking detailed ppt
Hardware and networking detailed ppt
 
2.-HARDWARE.pptx
2.-HARDWARE.pptx2.-HARDWARE.pptx
2.-HARDWARE.pptx
 
Case study for it03 roshan
Case study for it03 roshanCase study for it03 roshan
Case study for it03 roshan
 
QNAP for IoT
QNAP for IoTQNAP for IoT
QNAP for IoT
 
Prueba
PruebaPrueba
Prueba
 
dell precision t5500 specsheet & youer computer
dell precision t5500 specsheet & youer computerdell precision t5500 specsheet & youer computer
dell precision t5500 specsheet & youer computer
 
OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)
 
Unified Computing System - PC Without CPU
Unified Computing System - PC Without CPUUnified Computing System - PC Without CPU
Unified Computing System - PC Without CPU
 
Computer specifications.ppsx
Computer specifications.ppsxComputer specifications.ppsx
Computer specifications.ppsx
 

Mehr von Vishal Tandel

honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Introduction of Windows azure and overview
Introduction of Windows azure and overviewIntroduction of Windows azure and overview
Introduction of Windows azure and overviewVishal Tandel
 
Mobile transport layer - traditional TCP
Mobile transport layer - traditional TCPMobile transport layer - traditional TCP
Mobile transport layer - traditional TCPVishal Tandel
 
Introduction on Prolog - Programming in Logic
Introduction on Prolog - Programming in LogicIntroduction on Prolog - Programming in Logic
Introduction on Prolog - Programming in LogicVishal Tandel
 
Case Study on Google.
Case Study on Google.Case Study on Google.
Case Study on Google.Vishal Tandel
 

Mehr von Vishal Tandel (6)

honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Introduction of Windows azure and overview
Introduction of Windows azure and overviewIntroduction of Windows azure and overview
Introduction of Windows azure and overview
 
Mobile transport layer - traditional TCP
Mobile transport layer - traditional TCPMobile transport layer - traditional TCP
Mobile transport layer - traditional TCP
 
Route maps
Route mapsRoute maps
Route maps
 
Introduction on Prolog - Programming in Logic
Introduction on Prolog - Programming in LogicIntroduction on Prolog - Programming in Logic
Introduction on Prolog - Programming in Logic
 
Case Study on Google.
Case Study on Google.Case Study on Google.
Case Study on Google.
 

Case study on Physical devices used in Computer forensics.

  • 1. Case Study on Physical devices used in Computer forensics Presented by – Vishal Tandel
  • 2. Introduction • Computer forensics is the practice of collecting, analysing and reporting on digital data in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally. Computer forensics follows a similar process to other forensic disciplines, and faces similar issues. • Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.
  • 3. Forensics Systems • The F.R.E.D. family of forensic workstations consists of integrated forensic processing platforms capable of handling the most challenging computer case. Available in mobile, stationary and laboratory configurations, these systems are designed for both the acquisition and examination of computer evidence. F.R.E.D. professional forensic systems, and the Digital Intelligence UltraBay 3d universal write protected imaging bay, deliver the ability to easily duplicate evidence directly from IDE/SAS/SATA hard drives, USB devices, Firewire devices, CDs, DVDs, LTO-4 tapes and PC Card/Smartmedia/SD-MMC/Memory Stick/Compact Flash media in a forensically sound environment.
  • 4. FRED and FRED DX • FRED is our Forensic Recovery of Evidence Device. The FRED family of forensic workstations are highly integrated, flexible and modular forensic platforms and now include DI's exclusive UltraBay 3d Write Protected Imaging Bay. • The UltraBay 3d™ and UltraBay 3™ (available on FREDDIE and uFRED) are the industry's first USB 3.0 integrated forensic bridge that includes a touch screen display and a graphical user interface for acquisition process monitoring (when using Tableau Imager).
  • 5. • The industry's first USB 3.0 integrated forensic bridge. • Completely integrated / internal system solution. • Integrated Write Blocked (Read-Only) Ports: • SAS • SATA • IDE • USB 3.0/2.0/1.1 • FireWire 400/800 • Touch screen with a graphical user interface (GUI) for acquisition process monitoring. • Full multi-LUN FireWire acquisition support is provided for Write Protected imaging of Apple Mac systems booted to FireWire device mode. • Firmware updates available at no charge through Tableau Firmware Update. • Full HPA/DCO support for SATA and IDE devices. • FireWire write-blocked port has 9-pin FW800 connector and supports both FW400 and FW800 devices.
  • 6. FRED FRED with 1 RAID FRED with 2 RAID FRED - Core I7 MB $5,999 (Standard Configuration) FRED DX - Dual Xeon MB $7,999 (Standard Configuration) FRED - Core I7 MB $8,549 (Standard Configuration) FRED DX - Dual Xeon MB $10,549 (Standard Configuration) FRED - Core I7 MB $9,349 (Standard Configuration) FRED DX - Dual Xeon MB $11,349 (Standard Configuration)
  • 7. FREDDIE • Forensic Recovery of Evidence Device (Diminutive Interrogation Equipment) is FREDDIE. FREDDIE is a highly portable solution which meets both imaging and processing requirements. FREDDIE Standard w/UltraBay 3 SKU: F2010 $7,999.00 • FREDDIE is the ultimate solution in mobile forensic processing power. FREDDIE is the little brother of our larger FRED unit. Like its older brother, FREDDIE is a highly integrated, flexible and modular forensic platform designed from the ground up for both the acquisition and analysis of computer evidence with the added advantage of being highly portable. FREDDIE uses the same motherboard, and many of the same components, as our larger FRED unit. The removable devices in our custom forensic bays can be used in both FRED and FREDDIE
  • 8. • FREDDIE is designed for use “On Location” at electronic crime scenes. Remove the hard drive(s) from the suspect system and plug them into FREDDIE and acquire the electronic evidence. FREDDIE is designed to acquire data directly from IDE/EIDE/ATA/SATA/ ATAPI/ SAS/USB/Firewire hard drives and storage devices.No more worrying about the problems encountered trying to configure parallel devices on suspect equipment in order to use external backup devices.  Baseline FREDDIE Specifications. • 14" High, 17 1/4" Wide, 10 1/4" Deep - 55 lbs • Intel Core i7-4820K CPU (Quad Processor), 3.7 GHz, 10MB Intel Smart Cache, 5 GT/s DMI • 32 GB (4x8GB)PC3-12800 DDR3 1600 MHz Memory • 1 x 500 GB 10,000 RPM SATA III Hard Drive - OS Drive • 1 x 128 GB Solid State SATA III Hard Drive - Temp/Cache/DB Drive • 1 x 2.0 TB 7200 RPM SATA III Hard Drive - Data Drive.
  • 9. FRED SR • FRED SR (Dual Xeon) is the highest performance member of the FRED family of forensic workstations. FRED SR has all the functional capabilities of a FRED system with the addition of components optimized for the absolute highest level of processor, memory, and I/O performance. FRED SR Standard SKU: F3120 $14,999.00
  • 10. • Baseline FRED SR Specifications • Dual(2) Intel Xeon E5-2620 v2 CPU, (Hex Core) 2.1 GHz, 15MB Cache, 7.2 GT/s Intel QPI • 32 GB PC3-12800 DDR3 1600 MHz ECC Memory • 1 x 500 GB 10,000 RPM SATA III Hard Drive - OS Drive • 1 x 128 GB Solid State SATA III Hard Drive - Temp/Cache/DB Drive • 1 x 2.0 TB 7200 RPM SATA III Hard Drive - Data Drive installed in HotSwap Bay1 • 22" WideScreen LCD Monitor with Built-in Speakers.
  • 11. FREDL • FREDL is our Forensic Recovery of Evidence Device - Laptop. FREDL is the ultimate solution in mobile forensic imaging convenience and includes our UltraKit - the preferred mobile forensic acquisition solution. FREDL w/UltraKit SKU: F4110 $4,999.00 • The FREDL forensic laptop and the included UltraKit work together to quickly, efficiently and securely image IDE, SATA, SAS and USB hard drives in a forensically sound environment. FREDL is built on the very latest and fastest in i7 Processor technology.
  • 12. LEFT VIEW FRONT VIEW RIGHT VIEW TOP VIEW BACK VIEW BOTTOM VIEW
  • 13.  Baseline FREDL Specifications • Intel Core i7-4810MQ Quad Core Processor, 2.8 GHz, 6MB L3 Cache • 8 GB DDR3 1600 PC3-12800 Memory • 256 GB Solid State internal SATA Drive • Intel HM87 Chipset • 15.6" Full HD(1920x1080) LED Backlit Display • nVidia GeForce GTX 870M with 6 GB GDDR5 VRAM • Internal 6x BD-R BluRay Burner /8x DVD +- R/2.4x +DL Super Multi Combo Drive • Integrated Components: • 10/100/1000 Mbps Ethernet LAN • 802.11a/b/g/n Wireless LAN + Bluetooth (Intel 6235AGN) • Card Reader 9-in-1 (MMC/RSMMC/MS/MS Pro/MS Duo/SD/Mini-SD/SDHC/SDXC) • 2.0 Megapixel Digital Video Camera • High Definition Audio • Microphone • Speakers (2) • 19mm Full-Size Keyboard with numeric keypad - Illuminated • Touch Pad pointing device(2 buttons)with scroll function • Finger Print Reader 1 HDMI Port 1 DisplayPort 1.2 1 Mini DisplayPort 1.2 1 Headphone jack 1 Microphone jack 1 Line-In jack 1 S/PDIF output jack 1 RJ45 LAN jack 1 USB 2.0 ports 3 USB 3.0 ports 1 IEEE 1394a 1 E-SATA Port (USB 3.0 Combo) Li-Polymer 8 Cell, 5200mAh, 79.96Wh Battery Pack Kensington Lock Universal AC Adapter (100~240V AC 50/60hz) Dimensions: 14.76 x 10.55 x 1.73 (inch) Weight: 7.28 lbs (complete system + battery) Operating Systems Included: Windows 7 Ultimate (64 bit), Windows 98 Standalone DOS.
  • 14. FREDC FORENSIC NETWORK • A Forensic Network is a series of processing and imaging computers connected and integrated directly with a high-speed, high-capacity server to share resources. The file server operates as the core of the Forensic Network and can be used as a central storage facility for Forensic Images as well as applications software for use by the client processing and imaging stations. Workstation clients on the network perform the actual imaging and processing tasks, while the central file server stores the images and case work. • The FREDC is a fully configured, private cloud, for Forensic Storage. Centralized Storage, centralized administration, centralized security, and centralized backup! All the things that made REAL file servers great - all in a platform fast enough to make it worthwhile! Unlike other generic "IT-Centric" network solutions, the FREDC has been designed from the ground up to be fast and reliable for direct forensic imaging and processing to/from the server itself. While other solutions require secondary copies to network storage, the FREDC systems have been designed for the direct ingest and processing of data. No need for closets full of old hard drives or massive amounts of local workstation storage!
  • 15.  FREDC Features • 10GB Ethernet Network (10GBase-T) for Compatibility 10GBase-T Network Infrastructure is backwardly compatible with Standard Gigabit Ethernet Interfaces and Cables. Use Cat6A cables and 10GBase-T adapters for 10G speeds. Connect legacy Gigabit devices using standard Cat5e cables and Interfaces. Even legacy Gigabit workstations can achieve forensic imaging speeds of up to 6.6 GB/Min using this network! Use what you have now and upgrade your connectivity as you move forward! • Integrated Backup/Archive Software and Hardware A 16-Tape Robotic Tape Library and Enterprise-class software is included with each system. Fifteen Ultrium-5 Tapes (3TB Compressed/1.5 TB Native capacity per tape) are included. We even include a cleaning cartridge! The Enterprise-class Backup and Archive software has been pre- installed and configured. Training is provided on the use of the software with special focus on suggested methods to protect and archive your forensic case work. FREDC Configured With 4 RAIDs and 3 FREDs
  • 16. FORENSIC WRITE BLOCKERS • With operating systems becoming more complex, it is increasingly important to protect fragile computer evidence. Be confident about maintaining the integrity of your data during examination with hardware write protection devices from Digital Intelligence. • Digital Intelligence designs and offers parallel IDE, serial ATA and SCSI hardware write blockers, as well as other custom solutions, to effectively address specific write blocking requirements. Learn how our UltraKit, UltraBlock, FireFly, FireBlock, SCSIBlock and FireChief devices can maintain the integrity of your evidence. • The UltraKit III is a portable kit which contains a complete family of UltraBlock hardware write blockers along with adapters and connectors for use in acquiring a forensically sound image of virtually any hard drive or storage device you may encounter. Simply select the appropriate Write Protected UltraBlock and attach it to the source drive and use your desktop or laptop to acquire a forensically protected disk image to an internal drive or externally connected drive enclosure.
  • 17. UltraKit III SKU: W3705 $1,419.00 UltraKit III + FireWire SKU: W3712 $1,649.00 UltraKit III + FireWire + TD2 SKU: W3825 $2,999.00 UltraKit III (T35U) + FireWire + TD3 + TDPX8-RW + TDPX6 SAS Protocol Module SKU: W3880 $4,299.00 UltraKit III (T35ES) + FireWire + TD3+ TDPX8-RW + TDPX6 SAS Protocol Module SKU: W3885 $4,349.00
  • 18. ULTRABLOCK USB 3 IDE / SATA (Read Only) • The Read-Only UltraBlock USB 3 IDE/SATA is used to acquire data from an IDE or SATA hard drive in a forensically sound write-protected environment. • The Read Only UltraBlock USB 3.0 IDE-SATA (USB 2.0 compatible) is used to acquire data from an IDE or SATA hard drive in a forensically sound write-protected environment. The USB 3.0 family of portable forensic bridges offer faster imaging speeds, reliable performance, and an easy to use USB 3.0 host computer connection. • UltraBlock USB 3.0 IDE-SATA Write Blocker • The UltraBlock USB 3.0 Forensic IDE/SATA Bridge supports write-blocked, forensic acquisitions of both SATA and IDE storage devices through a fast USB 3.0 host connection. It offers forensic examiners the ease of use, reliability, and imaging speed necessary to image today's larger and faster hard-disk drives - in both lab or field environments.
  • 19. UB USB 3.0 IDE-SATA Read Only Kit SKU: W2710 $349.00 Extra Power Supply SKU: X1000 $25.00 PC Interface: One USB 3.0 Type B (9- pin, super/ high/full/low speed) Drive Interfaces: SATA Signal Connector, IDE signal Connector User Configurable: Read-Only or Read-Write via DIP switch
  • 20. ULTRABLOCK USB 3 IDE / SATA (Read Write) • The Read Write UltraBlock USB 3 IDE/SATA is used to write data to an IDE or SATA hard drive. • The Read Write UltraBlock USB 3.0 IDE-SATA (USB 2.0 compatible) is used to write data to an IDE or SATA hard drive. The USB 3.0 family of portable forensic bridges offer faster imaging speeds, reliable performance, and an easy to use USB 3.0 host computer connection • UltraBlock USB 3.0 IDE/SATA pre-configured for read/write operation. It's available in a yellow case so that you can easily distinguish a pre-configured read/write device from a read-only device. It offers forensic examiners the ease of use, reliability, and imaging speed necessary to image today's larger and faster hard-disk drives - in both lab or field environments.
  • 21. UB USB 3.0 IDE-SATA Read Write Kit SKU: W2760 $349.00 Extra Power Supply SKU: X1000 $25.00 PC Interface: One USB 3.0 Type B (9- pin, super/ high/full/low speed) Drive Interfaces: SATA Signal Connector, IDE signal Connector User Configurable: Read-Only or Read-Write via DIP switch
  • 22. ULTRABLOCK eSATA IDE / SATA (Read Only) The Read-Only UltraBlock eSATA IDE/SATA is used to acquire data from an IDE or SATA hard drive in a forensically sound write-protected environment. ULTRABLOCK eSATA IDE / SATA (Read Write) The Read Write UltraBlock eSATA IDE/SATA is used to write data to an IDE or SATA hard drive. ULTRABLOCK SAS The UltraBlock SAS is used to acquire data from a Serial Attached SCSI hard drive in a forensically sound write-protected environment. ULTRABLOCK FIREWIRE WRITE BLOCKER The UltraBlock Firewire Write Blocker brings secure, hardware-based write blocking to the world of Firewire devices. ULTRABLOCK USB (V2) WRITE BLOCKER The UltraBlock Forensic USB Write Blocker brings secure, hardware-based write blocking to the world of USB mass storage devices. Version 2 offers manyimprovements over the initial release. ULTRABLOCK FORENSIC CARD READER These units can be used for writing and the forensic acquisition of information found on multimedia and memory cards.
  • 23. STANDALONE FORENSIC DEVICES • Standalone forensic devices which address specific needs of the Computer Forensics Investigator. GPU PowerStation The GPU Power Station is the first commercially available SuperComputer expansion chassis designed and optimized for massive parallel processing and computation. SUPERCHIEF USB3 IDE / SATA The SuperChief (IDE/SATA) is a dual bay USB3 to IDE and SATA enclosure that is completely configurable for Read Only or Read Write operation. 3.5 INCH USB3 SATA HD ENCLOSURE The 3.5" HD enclosure connects to a SATA drive and is read-write and read-only switchable. The enclosure operates at USB 3.0 speeds and includes a power supply and USB3 data cable.
  • 24. FORENSIC IMAGER 3 The Forensic Imager 3, with a color touchscreen interface, provides forensic write blocking for IDE, SATA, SAS, USB3 and Firewire devices. FORENSIC DUPLICATOR 2U The Forensic Duplicator 2U natively images USB 3.0, SATA, and IDE/PATA storage devices. Investigators can (optionally) image SAS drives by using the same TDP6 module used with Forensic Duplicator 1 and 2. FORENSIC DUPLICATOR 2 Provides forensic (write-protected source drive) disk-to-file or disk-to-disk duplication for IDE to SATA and SATA to SATA hard disk drives. This version is 1:2 which allows you to copy from one IDE or SATA drive to two SATA destinations simultaneously. FORENSIC DUPLICATOR Provides forensic disk-to-file or disk-to-disk duplication for IDE to IDE, IDE to SATA, SATA to SATA and SATA to IDE hard disk drives. HARDCOPY 3P 1:2 Portable Forensic Hard Drive Duplicator. The HardCopy has been refined and redesigned to meet the ever-growing needs of progressive and committed forensic investigators. SHADOW 3 This completely unique and patented forensic tool allows you to boot and run a suspect computer on the spot and in minutes without compromising evidence - no drive imaging required.
  • 25. ACCESSORIES • Here you'll find adapters, power supplies, hard drive trays, cables and other hardware and accessories for our products PRECISION ELECTRONICS TOOL KIT • The Precision Electronics Tool Kit is a complete comprehensive standard in precision screwdriver bit sets, featuring 30pcs of selected bits and 10pcs of essential repair devices. The devices are organized in a durable carrying case. This kit allows disassembly of most branded smart phones, video games, notebooks, electronic devices and more.
  • 27. MULTIDRIVE ADAPTER • The MultiDrive Adapter allows 2.5 inch, 1.8 inch pin connector and 1.8 inch ZIF connector IDE hard drives to be connected to a write blocker or standard 40 pin IDE connector. • This adapter will not connect to a MacBook Air SATA LIF Hard Drive. MultiDrive Adapter SKU: A4400 $69.95 Replacement ZIF to PIN Adapters (2) SKU: A4405 $16.00
  • 28. BLADE TYPE SSD ADAPTER Connect your Mac Air BLADE Type SSD (128Gb or 256Gb) to a SATA power and data cable. Pentalobe screwdrivers are also available to disassemble your iPhone or MacBook Air. SATA LIF ADAPTER Easily connect your 1.8 inch Mac Air SATA LIF hard drive to a SATA cable. Each adapter features a SATA LIF female drive interface, 2 interchangeable SATA LIF connector cables, and convenient carrying case. ADAPTER PACK Includes 2" IDE Cable, 2.5" hard drive adapter, 1.8" pin Hard Drive Adapter, MicroSATA Adapter and ZIF Adapter in zippered case. ZIF ADAPTER This kit is offered by Digital Intelligence to meet the high duty cycle required for Forensic applications. Rugged pocket size enclosure with structurally mounted power connection. Easily connect your 1.8 inch notebook IDE hard drive to a 40-pin IDE cable. Each adapter features a ZIF female laptop drive interface, 4 interchangeable ZIF connector cables, and a and convenient carrying case. 1.8 INCH ZIF or PIN HD ENCLOSURE The 1.8" HD enclosure connects to either a ZIF or PIN drive. The enclosure operates at USB 2.0 speeds and requires no additional power supply. Available with or without a hard drive pre- installed. 2.5 INCH USB3 SATA HD ENCLOSURE The 2.5" HD enclosure connects to a SATA drive. The enclosure operates at USB 3.0 speeds and requires no additional power supply. 3.5 INCH HARD DRIVE ENCLOSURE This enclosure holds a single 3.5 inch SATA Hard Drive and uniquely supports all of the following interfaces: eSATA, FireWire 400 (1394a), FireWire 800 (1394b), and USB 2.0.
  • 29. USBPROTOCOLMODULE ConnectandcopyUSBdevicesonyour ForensicDuplicator. SASPROTOCOLMODULE ConnectandcopySASharddrivesonyour ForensicDuplicator. PROTOCOLMODULEBUNDLE ConnectandcopyUSBandSASharddriveson yourForensicDuplicator. FAR - FORENSIC ARCHIVE AND RESTORE Fernico FAR systems are specifically designed for Digital Forensic Investigators who need a complete solution for backup, restoration and acquisition of forensic data evidence. Backup Digital Evidence Automatically to DVD, HD- DVD or Blu-Ray Disc. Restore Disks to Rebuild or Review Cases. Acquire Evidence From a Variety of Media. MICROSATA ADAPTER The MicroSATA Adapter can be used to adapt a SATA interface to a Micro SATA drive. This is for the adapter only, the Micro SATA HD pictured is for graphic representation only and not included. RoHS compliant. SD ADAPTERS The SD Adapters are used to adapt a MicroSD and MiniSD card to an SD form factor.
  • 30. Conclusion • These are a few popular digital forensics devices used by various law enforcement agencies in performing crime investigations. In this paper all kind of devices like premium, computer forensics, mobile forensics and others. If you are going to start learning digital forensics, you can download or buy these devices and start working on those. It will help you in better understanding the whole process and devices. • These are not the only devices. There are various other free and premium devices available in the market. So, you can do more research on the devices to know more about those devices. These devices are added in random order. So, please don’t consider it as a ranking of the devices. I just tried to make a list of popular digital forensics devices only. • With the increasing use of digital data and mobile phones, digital forensics has become more important. Cyber crimes are also increasing day by day. So companies are also trying to launch more powerful version of the devices, and you need to be in touch of latest digital forensics news to know about recent releases.
  • 31. References 1. Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations, Computer Crime and Intellectual Property Section (CCIPS) July-2002. http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.html 2. Thomas Welch, “Handbook of information Security Management”, CRC Press LLC, 1999. 3. G.Shpantzer and T.Ipsen, “Law Enforcement Challenges in Digital Forensics.” Proc. 6th National Colloquium Information System Security Education. NCISSE Colloquium press,2002. 4. http://en.wikipedia.org/wiki/EnCase. 5. http://www.digitalintelligence.com/ 6. www.accessdata.com/ 7. www.sleuthkit.org/