Hey! How are you? Today I'm bringing a challenge for you guys, and for me too. I got pretty interested in Computer firensics due to a work colleagu...
For further actions, you may consider blocking this person and/or reporting abuse
Hi, this is really interesting, I had never thought of such use for netcat. Anyway, I just want to point out that MD5 hashes are no longer safe. You can make that two totally different files have the same MD5 hash in a pretty trivial way. You can see more here if you wish.
exploit-db.com/docs/english/46047-...
It is wise nowadays use 2 or more hash algorithms, although SHA256 is strong today no one knows in a few years, as shattered.io/ demonstrate on SHA1.
Using 2 or more it get way more troublesome to generate the same hash even on 2 not safe anymore algorithms.
thank you for the advise!
For data acquisition i recommend a forensic specific linux livecd, like caine-live.net/ or deftlinux.net/
Because on default settings linux distro usually don't mount storage as read-only, which it is a must on data acquisition.
Thanks Paula
your work about digital forensics is really good and very clear
thank you!
Yep good start to this topic. This is what I studied in school. Great read!
how secure is it to transfer the forensic data via network? couldn’t the network stack of the attacked machine be compromised, too? (e.g. send a copy of the data to the attacker?)
yay! thanks