Digital Forensics With Open Source Tools

The book I read to research this post was Digital Forensics With Open Source Tools by Harlan Carvey et al which is a very good book which I bought from kindle. It's worth mentioning I have done a post on xbox 360 forensics on my technology blog at scratbagroberts.com which might be of interest. At one time the only ways to become a digital forensics examiner were to join the armed forces or police or teach yourself, nowadays there are plenty of colleges offering courses. This book mostly deals with sleuth kit which is open source & runs on windows, linux or mac Os X. At one time almost all the digital forensics programs were commercial programs. If data is merely deleted it can be recovered, if however something is copied over it then it can't be recovered, often it won't all be copied over & fragments will be recovered. There is special software that destroys deleted data so it can't be recovered. Often the data that's retrieved will be things like pictures & emails. You can use a program like net stumbler to crack passwords. Although I can't see myself working as a digital forensics examiner it's a subject that interests me so watch this space as there will be more on this subject.