Security Basics mailing list archives
RE: tools used to examine a computer
From: "Robinson, Sonja" <SRobinson () HIPUSA com>
Date: Fri, 21 Feb 2003 15:03:01 -0500
As a side to calling in Law Enforcement, normally you have to already have your case and prove a loss (felony loss) so document all of your costs (human, resource, downtime, etc.). I believe in calling in LE's when required and I think that more companies should prosecute offenders instead of only firing them. But before I call I have to pretty much have my case made and my reports done. Then I hand them a nice tidy report with all of the evidence. Also, not all LE agencies have the expertise and many locals do not have any at all. This is not to disparage them (on the contrary my husband is a detective) - it is a matter of fiscal budgets and training. Likewise many companies do not have forensic people either and for the same reasons. There are a large number of companies that DO have trained forensic personnel who can and do perform criminal and civil investigations for clients. LE and private all use the same tools. It's not like there's a secret society for Law Enforecement. Private individuals, after all, were the ones who WROTE the tools in 99.9% of the cases. We just restrict access to them obviously and in some cases we check references. In fact a lot of private forensic investigators do pro bono work for LE's - like myself. If you need to go to LE and you don't know who to contact in your area - try contacting your local District Attorney. Most DA's have a High Tech Crime Team. Larger PD's normally do as well. OR you can contact HTCIA or a list serv for a contact. Someone will be happy to help you out. ********************************************************************** This message is a PRIVILEGED AND CONFIDENTIAL communication, and is intended only for the individual(s) named herein or others specifically authorized to receive the communication. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender of the error immediately, do not read or use the communication in any manner, destroy all copies, and delete it from your system if the communication was sent via email. **********************************************************************
Current thread:
- Re: Checkpoint NG - SMTP Guard Features, (continued)
- Re: Checkpoint NG - SMTP Guard Features Steve Suehring (Feb 20)
- Message not available
- Re: Checkpoint NG - SMTP Guard Features Mel (Feb 20)
- RE: tools used to examine a computer Trevor Cushen (Feb 20)
- RE: tools used to examine a computer H C (Feb 20)
- RE: tools used to examine a computer Robinson, Sonja (Feb 20)
- RE: tools used to examine a computer Trevor Cushen (Feb 20)
- RE: tools used to examine a computer H C (Feb 20)
- RE: tools used to examine a computer Trevor Cushen (Feb 20)
- RE: tools used to examine a computer H C (Feb 20)
- RE: tools used to examine a computer Trevor Cushen (Feb 22)
- RE: tools used to examine a computer Robinson, Sonja (Feb 22)
- RE: tools used to examine a computer Trevor Cushen (Feb 24)
- RE: tools used to examine a computer H C (Feb 25)
- RE: tools used to examine a computer Tim V - DZ (Feb 25)
- RE: tools used to examine a computer Trevor Cushen (Feb 25)
- ntpasswd compatibility w/RAID systems David Moisan (Feb 26)
- RE: tools used to examine a computer Trevor Cushen (Feb 25)
- RE: tools used to examine a computer David Moisan (Feb 26)