This is a
bit late post about Prag forensic conference LTEC 2013 http://www.lawtecheuropecongress.com/.
It is a nice conference with goal to bringing digital forensic practinioer and
law practitioners into contact. A lot of panels workshops and presentations,
many presenters local and world wide vendors.
My task
there was to have a small 2 hour workshop on Encase Forensic v7, to present how
things are done in latest Encase, to show some basic set of features , about
20% of functionality.
Slides are
on the slideshare http://www.slideshare.net/DamirDelijadamirdeli/ltec-2013-encase-v70801-presentation.
It was supposed to be 20 people attending so nice cozy working environment. Required PCs were supposed to provided by
local conference partner in Prag, while we provide EnCase. As it goes in real
world delivered workshop machines were so weak and undersized, it was not possible to run workshop , to be
worse machines were delivered late, just evening before start of LTEC. So I've
canceled the workshop and went to just doing live presentation of scenario workshop,
My colleague Davorka Foit kept her part
on EnCase reporting also as presentation.
Steve
Gregory from GuidanceSoftware had very interesting presentation on the TD3 forensic
duplicator http://www.tableau.com/index.php?pageid=products&model=TD3
by Tableau. It was masterly done even when IT infrastructure, especially power was
giving some troubles. Whole presentation was about network access to TD3 in write blocking
mode, this feature was a bit buggy before last firmware update, but know works
perfect. It is interesting idea by FBI, which actually shows reality in the digital
forensic field, not enough trained people to go. Steve also helped us with
borrowing us one of his usb write blokers for modified workshop/presentation.
Just to
expand my digital forensic knowledge I visited a museum related to historical
fact finding methods http://www.museumtortury.cz/en/index.html.
It gives a very interesting ideas to solve problems with misdelivered
equipement.
No comments:
Post a Comment