Next message: Tom Stowell: "Re: Handling, possibly, encrypted data"
- Previous message: Salvador Mandujano Vergara (782502-6): "Re: TCT / tctutils for HP-UX 11.00 + some insight into unrm'ing large files"
- Next in thread: Tom Stowell: "Re: Handling, possibly, encrypted data"
- Reply: Tom Stowell: "Re: Handling, possibly, encrypted data"
- Reply: John Howie: "RE: Handling, possibly, encrypted data"
- Reply: H C: "re: Handling, possibly, encrypted data"
- Reply: Jeroen Latour: "Re: Handling, possibly, encrypted data"
- Reply: Muhammad Faisal Rauf Danka: "Re: Handling, possibly, encrypted data"
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Hi all,
I am not into the forensic business, just like the subject and
read a bit on it. I have this issue that I would appreciate your input on.
Say you
image a hard disk and, then, proceed to analyze the copy in
order to produce evidence. If the files on the image are obvious
(like .doc and stuff) then you may be in a good place. But what
happens when you discover a chunk of binary data (a binary
file or something) ? How can you determine the file type and,
furthermore, how do you conclude that this file is encrypted
(if it is) ?
Are there any tools that can do this analysis and, maybe, try out
a decryption process ?
Regards,
Dimitris.
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Next message: Tom Stowell: "Re: Handling, possibly, encrypted data"
- Previous message: Salvador Mandujano Vergara (782502-6): "Re: TCT / tctutils for HP-UX 11.00 + some insight into unrm'ing large files"
- Next in thread: Tom Stowell: "Re: Handling, possibly, encrypted data"
- Reply: Tom Stowell: "Re: Handling, possibly, encrypted data"
- Reply: John Howie: "RE: Handling, possibly, encrypted data"
- Reply: H C: "re: Handling, possibly, encrypted data"
- Reply: Jeroen Latour: "Re: Handling, possibly, encrypted data"
- Reply: Muhammad Faisal Rauf Danka: "Re: Handling, possibly, encrypted data"
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
This archive was generated by hypermail 2b30
: Tue Aug 13 2002 - 10:47:16 PDT