Hey! How are you? Today I'm bringing a challenge for you guys, and for me too. I got pretty interested in Computer firensics due to a work colleagu...
For further actions, you may consider blocking this person and/or reporting abuse
Hi, this is really interesting, I had never thought of such use for netcat. Anyway, I just want to point out that MD5 hashes are no longer safe. You can make that two totally different files have the same MD5 hash in a pretty trivial way. You can see more here if you wish.
exploit-db.com/docs/english/46047-...
It is wise nowadays use 2 or more hash algorithms, although SHA256 is strong today no one knows in a few years, as shattered.io/ demonstrate on SHA1.
Using 2 or more it get way more troublesome to generate the same hash even on 2 not safe anymore algorithms.
thank you for the advise!
Thanks Paula, nicely written and a good top-down start into forensics!
For those interested in learning more, I recommend the Forensics Wiki: forensicswiki.org/wiki/Main_Page which covers more interesting ways of imaging both volatile and persistent storage :)
yay! thanks
For data acquisition i recommend a forensic specific linux livecd, like caine-live.net/ or deftlinux.net/
Because on default settings linux distro usually don't mount storage as read-only, which it is a must on data acquisition.
Yep good start to this topic. This is what I studied in school. Great read!
your work about digital forensics is really good and very clear
thank you!
Thanks Paula
how secure is it to transfer the forensic data via network? couldn’t the network stack of the attacked machine be compromised, too? (e.g. send a copy of the data to the attacker?)