If you are visually impaired or blind, you can visit the PDF version by Pressing CONTROL + ALT + 4
You need a JavaScript-enabled browser to view this Publication
Please follow these steps to view the Publication:
Enable JavaScript in your browser
Refresh this page
Best regards
Zmags
The Quarterly Magazine for Digital Forensics Practitioners
INSIDE
INSIDE
/ bill dean on detecting
commercial grade spyware
commercial grade spyware
/ cell site analysis
/ cell site analysis
/ imaging a macBOOK air
/ imaging a macBOOK air
/ advanced cyber probes
/ advanced cyber probes
Competition!
Win copies of Kuiper
Forensics Peerlab
GENETIC
ALGORITHMS
& DIGITAL FORENSICS
Tim Watson looks at the way that genetic
algorithms can be used in forensic tools
ISSUE 07
1st may 2011
02
9 772042 061110
Issue 7 / £11.99 TR Media
/ REGULARS / FROM THE LAB / INTRODUCING / Book Reviews
robservations, 360, peter jones looks our new legal editor hacking the human
news, irq & more… at cellebrite pa v2 scott zimmerman windows
The Quarterly Magazine for Digital Forensics Pract
Shape your future Forensic Computing MSc Forens
EDITORIAL We have another new member
www.sans.org/summit SANS What Works in Forensics
/ CONTENTS CONTENTS / DIGITAL FORENSICS
/ NEWS NEWS Epsilon Hack On the 5th April, t
The Keynote Theatre was no different with t
Mobile Development from Apress The lar
/ ROBSERVATIONS ROBSERVATIONS Law Is Not A Sci
/ ROBSERVATIONS
Forensic Computing 12-month stu
/ FEATURE FILE INTEGRITY MONITORING One of t
Figure 1. The default “/etc/passwd” file (with use
/ FEATURE some aspects of the entry that shou
Figure 3. The same “/etc/passwd” file, this time w
Cell site analysis Computer forensics Audio vi
/ COMPETITION COMPETITION / THIS ISSUE WE HAVE
/ LETTERS 360° TYour chance to have your say …
/ LEAD FEATURE THE NEXT GENERATION HOW GENETI
/ LEAD FEATURE / A Face in the Crowd Having tau
Ste
/ LEAD FEATURE GAs THEMSELVES ARE OFTEN QUITE E
So there we have it. We can evolve an accura
/ FEATURE IMAGING 10,000 DRIVES What you need
/ A New Set Of Skills And The Corporate Paradox N
/ FEATURE Figure 1. SIEM Ne
Figure 3. SIEM Being Used With Any Tool / Forens
Reviewing the latest sports highlights
/ LEGAL EDITORIAL LEGAL EDITORIAL Regular read
/ LEGAL FEATURE LOCARD'S EXCHANGE PRINCIPLE In
skin cells, for example if the floor were wooden,
/ LEGAL FEATURE machines. However, forensic e
This line, used several times in the script,
/ LEGAL NEWS ALERT LEGAL NEWS ALERT While the
/ FEATURE CELL SITE ANALYSIS TRIANGULATION OF
/ FEATURE Figure 1. Standard Cell
Figure 2. Cellular Sectorisation `sphere of cove
/ MEET THE PROFESSIONALS MEET THE DF PROFESSIO
participants must have a clear understanding of t
/ FEATURE CLONING DRIVES WITH FAULTY SECTORS
Drive name Drive type Size (GB) Numbe
/ FEATURE Faulty drive
Operating system Tool Device Bus
/ FEATURE ((INT((LBA of faulty sector/8))+l)
Operating system Tool Device Bus
/ APPLE AUTOPSY APPLE AUTOPSY Apple released the
/ FEATURE IMAGING THE NEW MACBOOK AIR Images c
/ FEATURE that doesn't have diskarbitration e
6. Advanced Options – Here one can control the ty
MD5 are recognised as one of the leading digital
/ FEATURE DETECTING COMPUTER MONITORING AND CO
/ FEATURE available applications provided by
protocols, providing simple drill-down capabiliti
/ FEATURE Figure C. Webwatcher DNS Reques
/ GET INVOLVED GET INVOLVED / Authors As we c
/ NEXT ISSUE COMING SOON… Some of the great
/ FEATURE DRONE ARCHITECTURE FOR WIRELESS FORE
/ FEATURE (WFM) after reviewing other publish
Figure 2. Potential Evidence from Wireless Networ
/ FEATURE Protocol (IP) address in an Interne
/ FEATURE CRIMINAL PROFILING A DETAILED LOOK A
/ FEATURE 2. When did the probes used, start
ask “what they needed that could not be possible
/ FEATURE In this phase we can find trac
Traditional Crime Computer Intrusion The kill
Maximise Prioritise Visualise Call IntaForen
/ FEATURE ADVANCED CYBERSECURITY PROBES Severa
/ FEATURE But I digress; a Cybersecurity
or SSH/port 22. And as attackers “attack” servers
/ FEATURE CPU/Nice PROCESS Network
ASSESSMENT VENDOR INDEPENDENCE t
/ FEATURE CELLEBRITE PHYSICAL ANALYSER V2.0 A
Figure 2 physical extraction or if you open up X
/ FEATURE Figure 4 The universal search ba
Digital ForensicS / magazine BACK ISSUES Digita
BOOK REVIEWS BOOK REVIEWS Hacking the Huma
There are moments in the book, however, whe
/ COLUMN IRQ FA rose by any other name?
With today’s ever-changing technologies and env
Digital Forensics for an Evolving World May 201