Well put Ralph. The great problem will be to separate procedures from technology. Our common conception of procedure is, per definition, technology oriented. The definition of that "process" concept if what we're lacking. And example of such an approach would help to shed some light. Regards, Matías Bevilacqua Trabado CYBEX ___________________________________________________________________ PGP-ID: 0x40A4869F PGP Fingerprint: 2052 98A0 F0F0 2914 D7FA 4E7C 0488 7E8C 40A4 869F ___________________________________________________________________ CYBEX Grupo Intelligence Bureau Rambla de Catalunya, 32 4º-2ª 08007 Barcelona Tel. 93 215 53 23 Fax. 93 215 50 72 http://www.cybex.info > -----Mensaje original----- > De: Ralph S. Hoefelmeyer [mailto:ralph.hoefelmeyerat_private] > Enviado el: martes, 06 de mayo de 2003 5:48 > Para: Kruse, Warren G, II (Warren); 'Matías Bevilacqua-Brechbühler > Trabado'; 'Jonathan A. Zdziarski'; 'yannick'san'; 'William Cimo'; > forensicsat_private > Asunto: RE: Computer Forensics > > > Process > > Process is the glue that binds the procedures and the technology > in a legal > sense. Develop a process. Match procedures to that process. Match the > current technologies to the procedures. Develop methods to layer in new > technologies as they appear. > > Technologies are changing at a very fast pace, and it will only > get faster. > We need to ensure the forensics process will provide a legally > binding link > between the procedures and the technologies that will withstand legal > scrutiny. Part of this process will be a procedure for explaining complex > technical issues in layman's terms to juries and/or judges with little > technical knowledge. > > Ralph S. Hoefelmeyer, CISSP > Senior Engineer, Cyborg > MCI Strategic and Intelligent QA/Test > 719.535.4576 Office > "Security is a process, not a product" : Bruce Schneier > > -----Original Message----- > From: Kruse, Warren G, II (Warren) [mailto:wgkruseat_private] > Sent: Monday, May 05, 2003 12:23 PM > To: 'Matías Bevilacqua-Brechbühler Trabado'; 'Jonathan A. Zdziarski'; > 'yannick'san'; 'William Cimo'; forensicsat_private > Subject: RE: Computer Forensics > > > Very true, that plus the technology changes so fast. We fought > that problem > for two years when we were writing our computer forensics book. You don't > want it to be outdated before it hits the shelves. > > -wk > > Warren G. Kruse II, CISSP, CFCE > Investigations Manager > Lucent Technologies > 732-949-8713 > wgkruseat_private > > -----Original Message----- > From: Matías Bevilacqua-Brechbühler Trabado [mailto:mbevilacquaat_private] Sent: Sunday, May 04, 2003 2:45 PM To: 'Jonathan A. Zdziarski'; 'yannick'san'; 'William Cimo'; forensicsat_private Subject: RE: Computer Forensics > > Will it be only technical procedures or will it integrate > some kind of > > process like "In case of a crisis situation" process ? > > This is the heart of what annoys me about computer forensics > books. They are excellent resources for methodology and > procedure but are void of most any hands-on technical > information. It would be very nice to have a reference of > hands-on technical information to consult when performing > different types of forensics scenarios. This is because Computer Forensics depends so much on methodology and procedures. Both are critical for a successful Forensic process. I will be taking this into consideration when creating the survey I talked about, let's see what the rest of the community thinks about it. Regards, Matías Bevilacqua Trabado CYBEX ___________________________________________________________________ PGP-ID: 0x40A4869F PGP Fingerprint: 2052 98A0 F0F0 2914 D7FA 4E7C 0488 7E8C 40A4 869F ___________________________________________________________________ CYBEX Grupo Intelligence Bureau Rambla de Catalunya, 32 4º-2ª 08007 Barcelona-SPAIN Tel. 93 215 53 23 Fax. 93 215 50 72 http://www.cybex.info ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue May 06 2003 - 05:59:03 PDT