Mon premier blog

File System Forensic Analysis Brian Carrier
Publisher: Addison-Wesley Professional

Symantec Security Response Blog. Recently, we discovered a threat that abuses the Encrypting File System (EFS), which Symantec detects as Backdoor.Tranwos. If you'd like to learn how to become a computer forensics investigator, also known as a computer forensic specialist, this article will guide you through the requirements as well as career pathways and salary information. One of my peers recently wrote an article providing a good introductory explanation of computer forensics in his review of a SANS course. Backdoor.Tranwos Abuses EFS to Prevent Forensic Analysis. This is a quick overview of the relevant features—details can be found in the fileXray User Guide and Reference ebook. For example, chapter 4 is dedicated to the HFS+ file system used by Macintosh computers and drills down to disk level file system forensics. Besides its other capabilities, fileXray has an extensive feature set geared for HFS+ file system forensics. At the time of choosing what to do, I was enrolled in another class focusing on file system forensics and we were doing in depth analysis of the FAT file system. This article dealt primarily with what we term system or file system forensics.