MAN (Metropolitan Area Network): This setup is a regional group of networks connected through various technologies such as optical regional phone lines and possibly wireless technologies such as microwave. MANs often connect several CANs, which can include LANs and WLANs. (more…)
Earlier we mentioned several types of networks with which investigators may come in contact. At a minimum, investigators should be familiar with the definition and concepts of the following networks: (more…)
In years past, computer forensics investigators would often seize a single standalone computer, process the disk evidence, and write a report detailing any artifacts of evidentiary value found on disks. The majority of the investigative challenges in these cases were found in the actual disk analysis phase. (more…)
Investigator Dave is examining the corporate evidence drive taken from the desktop computer of “John A. Suspect,” who is assigned the user network logon identification of “jasuspect.” In investigator Dave’s report, he states that “the user, John A. Suspect, performed a specified action on the computer because an event log showed that the user had accessed the file…” (more…)
Most challenges to computer evidence surround authenticity with questions such as, Was the data altered? Was the program that generated the forms or data reliable? and What was the identity of the author? (more…)
