Print

Print


Testdisk and photorec are file recovery tools. We've been using them. Kali
is a pen testing OS, which we've been using.

On Sun, Feb 12, 2017, 12:12 PM Tom Heller <[log in to unmask]> wrote:

> Have you looked at Kali Linux <https://www.kali.org/> or Test Disc/Photo
> Rec <http://www.cgsecurity.org/wiki/TestDisk>?
>
> On Fri, Feb 10, 2017 at 9:56 AM, Michael Norkun <[log in to unmask]>
> wrote:
>
> Thanks for all the suggestions. I think we'll play with Metasploitable.
> Looks like it should be fun.
>
> Thanks again.
>
>
>
> On Fri, Feb 10, 2017 at 9:13 AM David McClellan <
> [log in to unmask]> wrote:
>
> My first thought was Metasploitable as well. It's probably not the best
> for data analysis, but should work just fine I would imagine.
>
> Thank you,
>
> On Thu, Feb 9, 2017, 10:24 Leslie, Ben <[log in to unmask]> wrote:
>
> You could check out metasploitable, its a linux VM designed with
> vulnerabilities built in to it for penetration testing.
> https://www.hackingloops.com/kali-linux-virtualbox-pentest-lab/  &
>  https://community.rapid7.com/docs/DOC-1875
> <https://community.rapid7.com/docs/DOC-1875>
>
> This link has resources for additional lab setups for forensics and
> pen-testing scenarios. http://resources.infosecinstitute.com/hacking-lab/
>
> If you're just looking to encrypt an OS or  hard drive, many Linux OSs
> offer disk encryption during the setup/install process or you can use
> trucrypt to encrypt a windows partition/folder or boot drive.
>
>
>
>
>
>
> Ben Leslie
> Battenkill Valley Supervisory Union
> P: 802-375-2589 ext. 144 <(802)%20375-2589>
> P: 802-375-6409 <(802)%20375-6409>
>
> On Thu, Feb 9, 2017 at 8:34 AM, Michael Norkun <[log in to unmask]>
> wrote:
>
> Quick question,
> This is posted on the slack channel as well...
>
> https://vt-school-it.slack.com/archives/general/p1486647110000038
>
>
>  I am doing some file forensics with some students. Does anyone know where
> I might find a mock os image that I could install on a machine to allow
> these students to practice their forensic skills? They have worked through
> most of the scenarios here http://www.cfreds.nist.gov/. I was hoping to
> hand them a laptop that has been encrypted and have them find some
> evidence. Any one have suggestions of where I could look? I suppose I could
> make an image, but to save some time it would be easier to just download
> one. Thanks in advance.
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>
> --
> David McClellan
> Technology Support Specialist
> Chittenden East Supervisory Union
> Mobile: (802) 458 - 7327 <(802)%20458-7327>
> Backup Mobile: (802) 448 - 0329 <(802)%20448-0329>
>
> This e-mail may contain information protected under the Family Educational
> Rights and Privacy Act (FERPA). If this e-mail contains student information
> and you are not entitled to access such information under FERPA, please
> notify the sender. Federal regulations require that you destroy this e-mail
> without reviewing it and you may not forward it to anyone.
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>
>
>
>
> --
> Tom Heller
> Tech Educator @ 802 Milton HS
> ------------------------------------------------
> Windows cleaner, Ubuntu user.
>
>
>
>
>
>
>
> *CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
> isfor the sole use of the intended recipient(s) and may contain
> confidentialand privileged information. Any unauthorized review, use,
> disclosure, ordistribution is prohibited. If you are not the intended
> recipient, pleasecontact the sender by reply e-mail and destroy/delete all
> copies of theoriginal message.*
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>