SlideShare uma empresa Scribd logo

The design of forensic computer workstations

Transferir como PPTX, PDF
J
jkvr100

The design of digital forensic computer workstations is not overly complex, but it does require careful attention to the exacting requirements of retrieving and preserving evidence as quickly as possible. Because of this, forensic computer workstations are almost always custom designed and manufactured by companies like Ace Computers.

Tecnologia
1 de 21
The Design of Forensic Computer Workstations Presented by John Samborski, CEO Ace Computers Ace Computers 575 Lively Blvd. Elk Grove Village, IL 60007-2013 Contact 877-ACECOMP (877-223-2667) www.acecomputers.com
About the presenter John Samborski, P.E. is a recognized expert in forensic information technology, with an extensive history of innovation and thought leadership in system integration. Since founding Ace Computers in 1983, he has aggressively pursued the development of custom, cost-effective products and services in concert with well-known industry leaders. He was a founding member of the Intel Premier Board of Advisors in 2002 and was awarded a life-time position. Ace Computers is one of the largest, oldest, and most respected custom technology developers and builders in the U.S. and holds numerous federal and state level contracts.
Evidence … needs to be extractable from electronically stored information (ESI) sources without corrupting that evidence. Properly designed forensic computer workstations help accomplish that goal.
What is digital forensics? The acquisition, scientific examination, and analysis of data retrieved from digital devices in such a way that the information can be used in a court of law or for the purposes of the retriever without any disturbance to that evidence.
Designing forensic workstations In order to design forensic workstations, the first determination is what types of media need to be forensically read, retrieved from suspect data, and included in the chain of custody.
Evidence and accuracy One of the most important steps is to ensure that the evidence has been accurately collected and that there is a clear chain of custody from the scene of the crime, to the investigator, and ultimately to the court.
The workstation’s purpose Another key design decision is the workstation’s purpose: data acquisition, processing, or both. Many systems are multi- purpose and can perform forensic data acquisition and processing equally well.
Processors and speed Other important considerations are the required processing speed, the number of processors, processor cores, and amount of memory anticipated for the data processing. •Systems are available with 1-4 processors and up to 1TB of RAM. •A popular configuration involves two Intel® Xeon® 6-core (each) processors and 256GB of DDR4 memory. •The number of processors and cores per processor should be determined by the system requirements of the software that will run.
The media type Another consideration is the type of media the system needs to acquire data from. Once this is established, the next step is to plan and include write-protected data acquisition methods. The most basic media is a hard drive write-blocked forensic bridge.
Write-blocked forensic bridges Write-blocked drive-bay mounted forensic bridges are available for all common hard drive types such as IDE, SATA, SAS, SCSI, IEEE1394 (Firewire), USB and with adapters for using 3.5”, 2.5”, and 1.8” size drives. A write-blocked flash media card reader is also useful for forensically reading media cards such as SD cards, CompactFlash, and others; this prevents the addition of anything to the source data.
Read-write considerations A read-only media card reader is best, since it will prevent accidental corruption of the data. A read- write switchable reader can potentially be corrupted, but by using a model that is incapable of writing data, that source of error can be eliminated. It’s simple to add a standard external flash reader/writer to the system. Although it will be obvious to users that this external flash is capable of corrupting data, the internal model should be write-blocked at all times.
Optical media Optical media is another common source of forensic data. This media is typically not written to without specialized software, so a standard DVD reader/writer or Blu-Ray reader/writer will perform this work adequately.
The storage system Once the data can be read in a forensically safe manner, the data needs to be stored on either a target drive, a RAID array, or both. With the storage system defined, the design of the RAID system or the allowance of destination drive bays needs to be specified.
GPU considerations Another decision is whether graphic processing units (GPUs)--for assistance in breaking passwords--need to be included. Normally, systems are shipped with a single graphics card used for display purposes, but users can also leverage the intense processing power of the GPU for assistance in brute-force password cracking through massively parallelized iterative attempts.
Higher end graphics cards By using a higher-end graphics card or multiple graphics cards, the forensic system can also be used to shorten the time needed to break a password installed on a system or to open up files which have been encrypted.
Password decryption servers Specialized password/decryption servers and clusters with multiple GPU optimized systems designed for 24-7 operation are also available, and are frequently used in the federal market by major government and law enforcement agencies.
Ace Computers’ findings Ace Computers has benchmarked numerous platforms and found the optimal design and configuration for the optimal operation of the GPU subsystem for password cracking and it is one of our strongest areas of expertise.
The value of a system integrator There are numerous items to consider when designing a forensic workstation and since the system components change often, it is best to work with a systems integrator that is actively involved in the market.
What the system integrator does The systems integrator will know how to optimize the design based on the latest software, hardware, and thermal techniques.
Integrators for government entities For government agencies, it also makes sense to work with a firm that can custom-design a system to exacting specifications and has popular contracting vehicles available to facilitate the purchase directly without the complications of contracting procedures.
Thank you! Any questions? Contact Ace Computers 877-ACECOMP/(877-223-2667) www.acecomputers.com

Recomendados

Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.
Vishal Tandel
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
willemvandrunen
 
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
computerforensicsresources
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
Lalit Garg
 
Lecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file systemLecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file system
Alchemist095
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP Khartoum
OWASP Khartoum
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
deaneal
 

Recomendados

Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.
Vishal Tandel
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
willemvandrunen
 
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
computerforensicsresources
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
Lalit Garg
 
Lecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file systemLecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file system
Alchemist095
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP Khartoum
OWASP Khartoum
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
Online
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
deaneal
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Alchemist095
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
Nicholas Davis
 
Lecture #32: Forensic Duplication
Lecture #32: Forensic DuplicationLecture #32: Forensic Duplication
Lecture #32: Forensic Duplication
Dr. Ramchandra Mangrulkar
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
Shashi Mishra
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
Kranthi
 
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniInvestigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Dr Raghu Khimani
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics
00heights
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
Ledjit
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
AltheimPrivacy
 
cyber forensics
cyber forensicscyber forensics
cyber forensics
Ambuj Kumar
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT V
ArthyR3
 
Lecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemLecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file system
Alchemist095
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
Zyxware Technologies
 
Data Recovery Services in Utah
Data Recovery Services in UtahData Recovery Services in Utah
Data Recovery Services in Utah
Carl Miller
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
gaurang17
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
Alchemist095
 
Digital Forensic Case Study
Digital Forensic Case StudyDigital Forensic Case Study
Digital Forensic Case Study
MyAssignmenthelp.com
 
MFP Hard Drive Security
MFP Hard Drive SecurityMFP Hard Drive Security
MFP Hard Drive Security
DianaElarde
 
Lecture #31 : Windows Forensics
Lecture #31 : Windows ForensicsLecture #31 : Windows Forensics
Lecture #31 : Windows Forensics
Dr. Ramchandra Mangrulkar
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
ArthyR3
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
Singgih Prasetya
 
MattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemMattockFS Computer Forensic File-System
MattockFS Computer Forensic File-System
Rob Meijer
 

Mais conteúdo relacionado

Mais procurados

Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Alchemist095
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
Kranthi
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
AltheimPrivacy
 
Lecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemLecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file system
Alchemist095
 

Mais procurados (20)

Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Lecture #32: Forensic Duplication
Lecture #32: Forensic DuplicationLecture #32: Forensic Duplication
Lecture #32: Forensic Duplication
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
 
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniInvestigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
cyber forensics
cyber forensicscyber forensics
cyber forensics
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT V
 
Lecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemLecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file system
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
 
Data Recovery Services in Utah
Data Recovery Services in UtahData Recovery Services in Utah
Data Recovery Services in Utah
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Digital Forensic Case Study
Digital Forensic Case StudyDigital Forensic Case Study
Digital Forensic Case Study
 
MFP Hard Drive Security
MFP Hard Drive SecurityMFP Hard Drive Security
MFP Hard Drive Security
 
Lecture #31 : Windows Forensics
Lecture #31 : Windows ForensicsLecture #31 : Windows Forensics
Lecture #31 : Windows Forensics
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
 

Destaque

Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collection
Fakrul Alam
 
Elements Of Forensic Science
Elements Of Forensic ScienceElements Of Forensic Science
Elements Of Forensic Science
annperry09
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
bhavithd
 
Computer Forensics in Fighting Crimes
Computer Forensics in Fighting CrimesComputer Forensics in Fighting Crimes
Computer Forensics in Fighting Crimes
Isaiah Edem
 
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
Grossmont College
 
Intro to Forensic Science
Intro to Forensic ScienceIntro to Forensic Science
Intro to Forensic Science
nicollins
 

Destaque (20)

Computer forensic
Computer forensicComputer forensic
Computer forensic
 
MattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemMattockFS Computer Forensic File-System
MattockFS Computer Forensic File-System
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collection
 
Capturing forensics image
Capturing forensics imageCapturing forensics image
Capturing forensics image
 
File000173
File000173File000173
File000173
 
Forensic Science - 01 What is forensic science?
Forensic Science - 01 What is forensic science?Forensic Science - 01 What is forensic science?
Forensic Science - 01 What is forensic science?
 
Elements Of Forensic Science
Elements Of Forensic ScienceElements Of Forensic Science
Elements Of Forensic Science
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic ExaminersBoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
 
Computer Forensics in Fighting Crimes
Computer Forensics in Fighting CrimesComputer Forensics in Fighting Crimes
Computer Forensics in Fighting Crimes
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Document clustering for forensic analysis an approach for improving compute...
Document clustering for forensic analysis an approach for improving compute...Document clustering for forensic analysis an approach for improving compute...
Document clustering for forensic analysis an approach for improving compute...
 
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
 
Introduction to forensic science
Introduction to forensic scienceIntroduction to forensic science
Introduction to forensic science
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
 
Principles of forensic science
Principles of forensic sciencePrinciples of forensic science
Principles of forensic science
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and Lessons
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
 
Intro to Forensic Science
Intro to Forensic ScienceIntro to Forensic Science
Intro to Forensic Science
 

Semelhante a The design of forensic computer workstations

ResearchPaperITDF2435
ResearchPaperITDF2435ResearchPaperITDF2435
ResearchPaperITDF2435
Manuel Garza
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
Gnanavi2
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
Kranthi
 
OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)
Scott Eiser
 
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docxComputer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
maxinesmith73660
 
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basicLec no. 4 hardware and software basic
Lec no. 4 hardware and software basic
Jiian Francisco
 
Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...
Damir Delija
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
Milap Oza
 

Semelhante a The design of forensic computer workstations (20)

Fs Ch 18
Fs Ch 18Fs Ch 18
Fs Ch 18
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic Investigator
 
Latest presentation
Latest presentationLatest presentation
Latest presentation
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentation
 
ResearchPaperITDF2435
ResearchPaperITDF2435ResearchPaperITDF2435
ResearchPaperITDF2435
 
MASAMUNE Clone Enterprise Edition
MASAMUNE Clone Enterprise EditionMASAMUNE Clone Enterprise Edition
MASAMUNE Clone Enterprise Edition
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
Network
NetworkNetwork
Network
 
Hardware
HardwareHardware
Hardware
 
Hardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. PoirotHardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. Poirot
 
Hwswb
HwswbHwswb
Hwswb
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)
 
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docxComputer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
 
Cat info mgt
Cat info mgtCat info mgt
Cat info mgt
 
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basicLec no. 4 hardware and software basic
Lec no. 4 hardware and software basic
 
Connecting hw peripheral Presentation1.pptx
Connecting hw peripheral Presentation1.pptxConnecting hw peripheral Presentation1.pptx
Connecting hw peripheral Presentation1.pptx
 
Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

The design of forensic computer workstations

  • 1. The Design of Forensic Computer Workstations Presented by John Samborski, CEO Ace Computers Ace Computers 575 Lively Blvd. Elk Grove Village, IL 60007-2013 Contact 877-ACECOMP (877-223-2667) www.acecomputers.com
  • 2. About the presenter John Samborski, P.E. is a recognized expert in forensic information technology, with an extensive history of innovation and thought leadership in system integration. Since founding Ace Computers in 1983, he has aggressively pursued the development of custom, cost-effective products and services in concert with well-known industry leaders. He was a founding member of the Intel Premier Board of Advisors in 2002 and was awarded a life-time position. Ace Computers is one of the largest, oldest, and most respected custom technology developers and builders in the U.S. and holds numerous federal and state level contracts.
  • 3. Evidence … needs to be extractable from electronically stored information (ESI) sources without corrupting that evidence. Properly designed forensic computer workstations help accomplish that goal.
  • 4. What is digital forensics? The acquisition, scientific examination, and analysis of data retrieved from digital devices in such a way that the information can be used in a court of law or for the purposes of the retriever without any disturbance to that evidence.
  • 5. Designing forensic workstations In order to design forensic workstations, the first determination is what types of media need to be forensically read, retrieved from suspect data, and included in the chain of custody.
  • 6. Evidence and accuracy One of the most important steps is to ensure that the evidence has been accurately collected and that there is a clear chain of custody from the scene of the crime, to the investigator, and ultimately to the court.
  • 7. The workstation’s purpose Another key design decision is the workstation’s purpose: data acquisition, processing, or both. Many systems are multi- purpose and can perform forensic data acquisition and processing equally well.
  • 8. Processors and speed Other important considerations are the required processing speed, the number of processors, processor cores, and amount of memory anticipated for the data processing. •Systems are available with 1-4 processors and up to 1TB of RAM. •A popular configuration involves two Intel® Xeon® 6-core (each) processors and 256GB of DDR4 memory. •The number of processors and cores per processor should be determined by the system requirements of the software that will run.
  • 9. The media type Another consideration is the type of media the system needs to acquire data from. Once this is established, the next step is to plan and include write-protected data acquisition methods. The most basic media is a hard drive write-blocked forensic bridge.
  • 10. Write-blocked forensic bridges Write-blocked drive-bay mounted forensic bridges are available for all common hard drive types such as IDE, SATA, SAS, SCSI, IEEE1394 (Firewire), USB and with adapters for using 3.5”, 2.5”, and 1.8” size drives. A write-blocked flash media card reader is also useful for forensically reading media cards such as SD cards, CompactFlash, and others; this prevents the addition of anything to the source data.
  • 11. Read-write considerations A read-only media card reader is best, since it will prevent accidental corruption of the data. A read- write switchable reader can potentially be corrupted, but by using a model that is incapable of writing data, that source of error can be eliminated. It’s simple to add a standard external flash reader/writer to the system. Although it will be obvious to users that this external flash is capable of corrupting data, the internal model should be write-blocked at all times.
  • 12. Optical media Optical media is another common source of forensic data. This media is typically not written to without specialized software, so a standard DVD reader/writer or Blu-Ray reader/writer will perform this work adequately.
  • 13. The storage system Once the data can be read in a forensically safe manner, the data needs to be stored on either a target drive, a RAID array, or both. With the storage system defined, the design of the RAID system or the allowance of destination drive bays needs to be specified.
  • 14. GPU considerations Another decision is whether graphic processing units (GPUs)--for assistance in breaking passwords--need to be included. Normally, systems are shipped with a single graphics card used for display purposes, but users can also leverage the intense processing power of the GPU for assistance in brute-force password cracking through massively parallelized iterative attempts.
  • 15. Higher end graphics cards By using a higher-end graphics card or multiple graphics cards, the forensic system can also be used to shorten the time needed to break a password installed on a system or to open up files which have been encrypted.
  • 16. Password decryption servers Specialized password/decryption servers and clusters with multiple GPU optimized systems designed for 24-7 operation are also available, and are frequently used in the federal market by major government and law enforcement agencies.
  • 17. Ace Computers’ findings Ace Computers has benchmarked numerous platforms and found the optimal design and configuration for the optimal operation of the GPU subsystem for password cracking and it is one of our strongest areas of expertise.
  • 18. The value of a system integrator There are numerous items to consider when designing a forensic workstation and since the system components change often, it is best to work with a systems integrator that is actively involved in the market.
  • 19. What the system integrator does The systems integrator will know how to optimize the design based on the latest software, hardware, and thermal techniques.
  • 20. Integrators for government entities For government agencies, it also makes sense to work with a firm that can custom-design a system to exacting specifications and has popular contracting vehicles available to facilitate the purchase directly without the complications of contracting procedures.
  • 21. Thank you! Any questions? Contact Ace Computers 877-ACECOMP/(877-223-2667) www.acecomputers.com