I think that all Elizabeth states is just great. I just wanted to add that portability may be something of an issue. We have a luggable rig from one of the vendors mentioned and it is too big and heavy to take out. It ends up costing $75-100 extra to check when flying and is a huge pita to drag through the airports and try to jam into rental cars. Also, it seems ground personnel at airlines seem to take offense at the "heavyweight" tag on the flight case and there is evidence that they have lavished abuse on it during recent flights. It sucks to pay and extra hundred to the airline only to find that the rig is busted when you get onsite. I know. When imaging, I try and use the target PC's disk controller and power supply, bringing a 60 or 80 gb HDD and boot floppy. This is when we have the opportunity to take the acquired data back to the home office for analysis. Occasionally, we have to analyze on site to establish probable cause and all that, in which case we use a very small desktop chasis running 98 that we carry on to the plane. It is usually not difficult to scrounge up a monitor on site. If I am back at the hotel and without a monitor, I generally use PCAnywhere and connect to my laptop for analysis. Maybe your circumstances are different, but the majority of my forensic duties are away games. Ed __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 10:26:57 PDT