Images to play with
From other forums, I've found example images that can be used to sharpen your skills in forensic analysis. For example, there are some images at the CRFeDS Project at NIST...I've downloaded the "Hacking Case" images. There are also Digital Forensics Tool Testing images that are available.
There are also some things to play with over at the HoneyNet Project SotM site. Not only are there binaries you can look at and log files you can examine, but SotMs 24 and 26 involve examining the image of a floppy.
On a slightly tangential note, VMWare has made their Server product a free download...from there, you can find a list of community-built virtual machines. These are primarily various flavors of Linux/*nix, but would offer some practice if you ran the VMs and performed live imaging (I do this with my Windows VMs, using ProDiscover).
Are there any other example images of Windows systems out there, available for download?
On a side note, has anyone used some of the popular tools (such as the FSP, or WFT, or any of the various batch files) for retrieving volatile data from live Windows systems, and posted the data for analysis?
There are also some things to play with over at the HoneyNet Project SotM site. Not only are there binaries you can look at and log files you can examine, but SotMs 24 and 26 involve examining the image of a floppy.
On a slightly tangential note, VMWare has made their Server product a free download...from there, you can find a list of community-built virtual machines. These are primarily various flavors of Linux/*nix, but would offer some practice if you ran the VMs and performed live imaging (I do this with my Windows VMs, using ProDiscover).
Are there any other example images of Windows systems out there, available for download?
On a side note, has anyone used some of the popular tools (such as the FSP, or WFT, or any of the various batch files) for retrieving volatile data from live Windows systems, and posted the data for analysis?