[unisog] Forensic Training
Ken.Connelly at uni.edu
Wed Sep 28 21:02:39 GMT 2005
We used pieces of Autopsy, Sleuth Kit, Coroner's Toolkit, plus a few
other things on Linux, and Windows Forensic Toolchest for winders. We
also got the Helix CD, but didn't use it much.
Michael Grinnell wrote:
>I haven't taken the Forensics track at SANS, but I've seen some of
>the material in other tracks. IIRC, it's pretty good. I think it
>uses Encase for Windows forensics and the Coroner's Toolkit for
>Linux. Don't kill me if it's changed though, it's been a few years
>since I went to SANS.
>Network Security Administrator
>The American University
>e-mail: grinnell at american.edu
>On Sep 28, 2005, at 4:16 PM, Allison MacFarlan wrote:
>>I've taken the Encase class and it's good, but it's completely
>>Encase-centric. And you'd probably be the only non-Law-Enforcement
>>person in there. :-|
>>On Sep 28, 2005, at 12:44 PM, Jeff Gimbel wrote:
>>>Wondering if anyone has taken any forensic training and what you
>>>the best out there. We are looking at Foundstone, Encase, SANS, ...
>>>training. Any other suggestions?
>>>ITS/NDUS Help Desk Consultant
>>>jeff.gimbel at ndsu.edu
>>>unisog mailing list
>>>unisog at lists.sans.org
>>Allison S. MacFarlan
>>Information Security Officer
>>Academic Media and Technology
>>unisog mailing list
>>unisog at lists.sans.org
>unisog mailing list
>unisog at lists.sans.org
Ken Connelly Systems and Operations Manager, ITS Network Services
University of Northern Iowa Cedar Falls, IA 50614-0121
email: Ken.Connelly at uni.edu
phone: (319) 273-5850 fax: (319) 273-7373
It's much more important to know what you don't know than what you do know!
More information about the unisog