Upload File

using the forensic vm hard drives

2
USING THE FORENSIC VM HARD DRIVES 1. Plug the USB hard drie i!t" the #a$le "! the de%&. D" !"t u% the 'r"!t USB ("rt% a% the%e are %l")er. Ma&e %ure that the USB hard drie i% the "!l* USB %t"rage dei#e (lugged i!. +. Start , VMware WorkStation For Forensics - 'r" the VM/are '"lder "! the Start Me!u 0. Fr" the File e!u i! VM/are #h""%e O(e! a!d !d U$u!tu "r /i!d")% 2 'r" the I3 drie 4. The r%t ru! "' either )ill re5uire *"u t" %et u( *"ur hard drie. a. F"r /i!d")% i. O! the le't "' the VM/are )i!d") #li#& ,Edit virtual machine settings - ii.Sele#t , Hard Disk (SCSI)- a!d #li#& Re "e iii.Ch""%e add a!d %ele#t , Hard Disk - a!d #li#& Ne6t i. Ma&e %ure SCSI i% %ele#ted a!d the #li#& Ne6t . Ch""%e ,se a !h"sical disk - a!d #li#& Ne6t i.Sele#t , #h"sicalDrive $% a!d ,se individual !artitions - a!d the! #li#& Ne6t

Upload: james-webb

Post on 04-Nov-2015

5 views

Category:

Documents


0 download

Report

DESCRIPTION

How to use uwe forensic harddrives

TRANSCRIPT

USING THE FORENSIC VM HARD DRIVES

1. Plug the USB hard drive into the cable on the desk. Do not us the front USB ports as these are slower. Make sure that the USB hard drive is the only USB storage device plugged in.2. Start VMware WorkStation For Forensics from the VMWare folder on the Start Menu3. From the File menu in VMWare choose Open and find Ubuntu or Windows 7 from the I: drive4. The first run of either will require you to set up your hard drive.a. For Windowsi. On the left of the VMWare window click Edit virtual machine settings

ii. Select Hard Disk (SCSI) and click Removeiii. Choose add and select Hard Disk and click Nextiv. Make sure SCSI is selected and the click Nextv. Choose Use a physical disk and click Nextvi. Select PhysicalDrive 1 and Use individual partitions and then click NextIf PhysicalDrive1 is not available close VMWare and make sure the USB drive is plugged in and go back to step 1vii. Select Partition 0, Partition 1 and Partition 2 and click Next viii. Click Finish to save the disk configuration and then choose OK on the Virtual Machine Settings dialogue

b. For Linux i. Follow the same procedure as above but when selecting partitions choose Partition 0 and Partition 1 ONLY 5. You can now power on your virtual machines.


VM‑4HDT, VM-3HDT, VM-2HDT...Although this user manual describes the VM‑4HDT it also refers to VM‑3HDT and VM‑2HDT, unless specified otherwise. Note that: • VM‑4HDT has

Roadshow DC + Agile Controller · VM 1 VM 2 VM 3 1.1.1.1 1.1.1.2 1.1.1.3 VM 4 VM 5 VM 6 2.2.2.1 2.2.2.2 2.2.2.3 As Is: Subnet-based isolation To Be: VM-level isolation Fine-grained

Incident Handling in a Virtualized Data Center · • Forensic analysis of a seized VM must use the same version of ESX. Otherwise the VM image will need to be replicated and altered

z/VM V6.4 Enabling z/VM for OpenStack (Support for ... · z/VM OpenStack OpenStack

HITACHI UNIFIED STORAGE VM - Arrow Electronics Common DAM/HDS/Files/HDSAll... · bandwidth architecture drives up to 128 flash chips ... MAXIMIZE YOUR I.T. WITH HUS VM ALL FLASH EFFICIENCY

COEN 252 Computer Forensics Forensic Duplication of Hard Drives

LHC3174BU VMware Cloud on AWS: An Architectural and … · VMware Cloud on AWS: An Architectural and ... ELB RDS S3 ESX VM VM ESX VM VM ESX VM VM HA/DRS vCenter ... Native EC2 VM

FS-TST 2.0: Forensic Software filecopy or “image” hard disk drives. Forensic Software Testing Support Tools version 2.0 (FS-TST) is a software package that supports the testing

FORENSIC ENTROPY ANALYSIS OF MICROSOFT WINDOWS …cdn.entelectonline.co.za/wm-418498-cmsimages/Forensic.pdf · default VMware Fusion 3.1 virtual machines (VM) using the VMware “Easy

CICADA - USENIX · 1 vm 2 vm 3 vm 4 vm 5vm 6 vm 7 vm 8 vm 9 vm 2 vm 3 vm 4 vm 5 vm 6 vm 7 vm 8 vm 9 vm 1 rigid application (similar to VOC [1]) vm 1 vm 2 vm 3 vm 4 vm 5vm 6 vm 7 vm

BOOTSTORM AND VM DISK ACCESS: NVME VS. · PDF fileBOOTSTORM AND VM DISK ACCESS: NVME VS. SATA Technical Report ABSTRACT As solid state drives (SSDs) technology matures, the performance

FortiManager - Corporate Armor · 3 specifications foRtiManage R ViRtUal appliances fMg-VM-Base fMg-VM-10-Ug fMg-VM-100-Ug fMg-VM-1000-Ug fMg-VM-5000-Ug fMg-VM-U-Ug capacity Licensed

Solid State Drives: The Beginning of the End for Current Practice in Digital Forensic Recovery?

Forensic Anthropology Forensic Anthropology

VM Import/Export - User Guide - AWS Documentation · VM Import/Export User Guide Features of VM Import/Export What Is VM Import/Export? VM Import/Export enables you to import …

Forensic Applications of Foraminifera · Forensic Applications of Foraminifera 1 Andrew M. Bowen Stoney Forensic, Inc.* KEYWORDS Forensic geology, forensic geoscience, forensic soil

Chapter 7 Forensic Duplicationcybersd.com/sec2/lect/Chapter 7.pdf · HD Development When hard drives grew beyond 512MB, the PC-BIOS needed to be updated (to recognize larger drives)

Innovation That Drives Modern Transformation€¦ · Automation: Simplify to Move Faster Automate across the entire VMware stack to streamline management of VM growth and the entire

Cisco Unified Computing System · Virtualization Step2 10 GE VM VM VM VM VM VM VM VM Hypervisor s er Server Unified IO LAN SAN A SAN B •Unified I/O - LAN & SAN consolidation •Reduce

Using z/VM VSWITCH · Using z/VM VSWITCH Prepared by: David Kreuter VM RESOURCES LTD. [email protected] Presented by: Dave …

VM&feature=related VM&feature=related

Forensic Anthropology - FORENSIC SCIENCE

Vyapam Manthan FB Page VM Telegram VM Twitter VM INSTA …

Virtual Forensics - Black Hat Briefings · PDF fileVMC VM's configuration file: disks, ... •Virtualized environments can make forensic ... @ChristiaanBeek Blog:

+31 (0)615 83 50 64€¦ · rox Tape Device iSCSl or direct-attached VM VM Backup Repository .vbk VM for backup copies and leplicat VM VM VM vmware Production Storage for Hype proxy

Introduction to Virtualization: z/VM Basic Concepts and ... · IBM Virtualization Technology Evolution CP-67 VM/370 VM/SP VM/HPO VM/XA VM/ESA z/VM 1960s 1972 1980 1981 1988 1995 2001

REPRINT Solid State Drives: The Beginning of the End for · PDF fileVolume 5, Number 3 2010 REPRINT Solid State Drives: The Beginning of the End for Current Practice in Digital Forensic

Creating VM Guest Using VM Manager

VM-SERIES ON MICROSOFT AZURE - BOLL · tained by Microsoft Azure, combined with the VM-Series, allows you to build secure, cloud-centric architectures. VM-Series VM-Series VM-eres

Digital Forensics Case Studies - Microsoft · • Forensic soundness when manual processing is required • Cloud forensics • Virtual machines (VM) forensics • Acquisi8on of evidence

8mm Video Camcorder VM-H620A / VM-H720A

Miray Evidence Manual · {Complete forensic image (E01, Ex01 and AFF) {Complete image (RAW universal format, HDClone format, VM formats) {Data image (HDClone SmartImage format, VM

Transforming Server Virtualization with Cisco VN-Link...#3 VM #3 VM #2 VM #2 VM #1 VM #1 VM #4 VM #4 VM #3 VM #3 VM #2 VM #2 VM #1 VM #1 VN-Link Property Mobility • VMotion for the

Print Serving and VM - IBM: z/VM · PDF filez/VM or VM/ESAz/VM or VM/ESA ... Optional translation to EBCDICOptional translation to EBCDIC ... Freelance Graphics - Untitled1 Author:

Forensic Labdock S5 and U5 - CRU...6 Protecting Your Digital Assets TM Forensic LabDock S5 and U5 User Manual 2.3.3 SAS Hard Drives (Available only on S5 models) a. Insert the hard