±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35750
New Yesterday: 1 Visitors: 108

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Clickbait - You will not believe how they register evidence!

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

LeGioN
Member
 

Clickbait - You will not believe how they register evidence!

Post Posted: Jun 06, 18 08:28

Hello! Very Happy

I was just wondering how you guys register seized evidence?

In my agency we use Microsoft Access to register information about the case and the seized evidence in a database, Which we then use to create custom-rapports from.

I was thinking about perhaps creating something using SQL, Excel and PHP.. But with much going on at the office at the moment a premade solution would be loved.

Looking forward to hear how you guys do stuff.

/Stig  
 
  

jaclaz
Senior Member
 

Re: Clickbait - You will not believe how they register evidence!

Post Posted: Jun 06, 18 08:54

- LeGioN
Clickbait - You will not believe how they register evidence!

Very Happy Lol!

Nice title.

What if I reply with "Tip: Free Case management software"? (credits to MDCR Smile ):
www.forensicfocus.com/...c/t=14486/

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

Bunnysniper
Senior Member
 

Re: Clickbait - You will not believe how they register evidence!

Post Posted: Jun 06, 18 10:40

- LeGioN


Looking forward to hear how you guys do stuff.

/Stig


The problem with managing evidence is not technology, it is the process. Getting the physical content of your evidence bag into a software. As long as all investigators do it properly and you get nice reports from Access `97 - why not? It is paid, mature, maintained, people know how to use it and the MS office files are "industry standard".

Never change a running team unless you have a really good reason to do so.

regards,
Robin
_________________
--
All opinions are mine and are not necessarily the opinions of my employer. 
 
  

Bunnysniper
Senior Member
 

Re: Clickbait - You will not believe how they register evidence!

Post Posted: Jun 06, 18 10:48

- jaclaz


What if I reply with "Tip: Free Case management software"? (credits to MDCR Smile ):
www.forensicfocus.com/...c/t=14486/

jaclaz


In this case I have to reply with "the project is dead"
From https://kirjuri.kurittu.org/demo/help.php
"NOTICE: Kirjuri is no longer actively developed since 09/2017, as I don't have time for this project anymore."

The mentioned link on dfir.training at www.dfir.training/inde...management is dead with a 404, too.

Another argument for using MS Office: xls will last forever! Excel will survive earth quakes, wars and the climate change Wink

regards,
Robin
_________________
--
All opinions are mine and are not necessarily the opinions of my employer. 
 
  

jaclaz
Senior Member
 

Re: Clickbait - You will not believe how they register evidence!

Post Posted: Jun 06, 18 13:42

- Bunnysniper

In this case I have to reply with "the project is dead"


I was just retaliating Wink for the provocative title.

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

Hwallbanger
Member
 

Re: Clickbait - You will not believe how they register evide

Post Posted: Jun 07, 18 00:33

Having been in IT for more than 30 + years (Mainframes to today's now Web developments) and seeing how Tech Creep effects all developed software regardless of publisher except maybe community supported software. Why not support Open Source software, with diminishing budgets ?

Legion's department has at least used a DataBase for their development. IMHO, this is better because it is NOT dependent upon main system RAM and it is more efficient when loading the needed information from a file - a database, minimally. This techniques is more common for the use of apps on a network for multiple user access.

This difference will end-up effecting system configuration's requirements by needing less and now with virtual becoming more and more the expected platform, this to will impact configurations.

In my agency we use Microsoft Access to register information about the case and the seized evidence in a database, Which we then use to create custom-rapports from.


So I would somewhat disagree with BunnySniper (Robin),
Another argument for using MS Office: xls will last forever ! ...


Having toyed with programming over the years, your choice is [in general] to use a commercial brand software that will try and pigeon hole you with tools and techniques that can only be used for their product and usually adds to the cost and complexity of the development versus the use of Community Open Source software.

I have also found that Open Source software, over the years, ends-up becoming Cross-Platform (available for Windows, Mac iOS, L/Unix). Thus providing you the Choice of which equipment and OpSys you wish to operate within.

An example of this pigeon holing, if you have used FrontPage versus programming in straight HTML, you would have experienced this for yourself. Such as the difference between website's that have been created with (now discontinued) FrontPage (.htm) versus website's created with standard HTML (.html). This same scenario can be found in most all of the commercial software.

I will admit, that I have not used all software, but from the ones that I have used and reviewed and considered, these are the general overall experiences that I have noticed about development platforms. I have watched development in languages being the standard to the move to creation of programs (apps) move to Databases, and they both now fight for this same market.

Why not consider such well known and supported Open Source Databases as :

• MariaDB (MySQL compatible)
• PostgreSQL (an engine for EnCase and FTK)

Here is an article about the top 7 Databases (in their opinion) where you will find links to the mentioned databases The Top 7 Free and Open Source Database Software Solutions - Blog Post

Here is a thought, why not work within one of the Digital Forensics standards groups to come-up with some of the Common needs of this type of program and provide your insights ?

These are just some of my thoughts on this subject having been involved within the IT community for so many years. I hope that these experiences have helped in some way. Smile  
 

Page 1 of 1