[sleuthkit-users] anti-forensic
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-users] anti-forensic
|
From: nighty <nig...@gm...> - 2004-01-27 18:55:44
|
Hi everyone, today I found an interesting article titled "Defeating Forensic Analysis = on=20 Unix" in the phrack magazine #59 dealing with several anti-forensic=20 strategies, as well an with flaws of forensic tools, "The Coroner's Toolk= it"=20 in particular. The article can be found on: www.phrack.org/phrack/59/p59-0x06.txt It was published on 2002-07-28 (as stated in the magazine). I found it=20 usefull, at least interesting, and hope that you will have a look at it, = if=20 you haven't already done so. It would be interesting to know, whether the technical insufficiencies=20 presented in the article have also any validity for the Sleuth Kit's=20 capabilities of forensic analysis. Regards, Harald |
