Welcome to computer forensic portal - your online resources to all computer foreniscs
 
Knowledge Articles
Books Database
Legal Cases
Forensic Dictionary
PDF documents
Web Resources
FAQ

 

Helix (Windows)
Page 1
Page 2
Page 3
Page 4
Page 5
Page 6
Page 7
 
Computer Forensic Tools
Image Acquisition
Expert Witness
Helix (Linux)

 
  Home > Knowledge Articles > Helix (Windows)

Helix (Windows)

Documentation

In the documentation options, there are 4 recommended and common reference documents in PDF format that you may need to use in an incident response. An investigator should review them before any forensic investigation.

(Click on image to view bigger version)

The documents are:

  • Chain of Custody Form
  • Preservation of Digital Evidence
  • Linux Forensic Guide for Beginners
  • Forensic Examination of Digital Evidence

Browse Contents

Acts like Windows Explorer which allows you to browse the content of the evidence media with this option. Allows you to see the drives, folders, subfolders and files.

(Click on image to view bigger version)

It displays the File Location, Date Created, Date Accessed, Date Modified, Data Attributes (eg, Read Only, Hidden), File Size, CRC and MD5*.

*NOTE: MD5 Hash will only appear if you click on “Calculate MD5 Hash on Files” checkbox

[Continue - Page 6]

 
 

© 2009
Computer Forensics Portal
All Rights Reserved

Disclaimer | Privacy Policy

Home | Contact | Sitemap

Knowledge Articles | Books Database | Legal Cases | Forensic Dictionary | Web Resources | Frequently Asked Questions