General
This section contains various papers written and/or maintained by
members of The FTimes Project. The default format of these papers
will be PDF. To view these papers, we recommend Adobe
Acrobat Reader 5.0 or higher. Where possible, each paper will
be available in two formats: classic and on-screen. If you intend
to print the document, you should download the classic format. If
you just want to read it at your terminal, you should download the
on-screen format.
Note: No matter which format you select, we have found that
the best viewing results are obtained when you download the document
and view it outside your Web browser. To download these documents
without having them automatically displayed in your Web browser,
try using a right click on the link followed by "Save {Target|Link}
As..." or whatever option your browser provides to save the document
directly to disk.
Note: The on-screen documents have been known to lock up or
become sluggish when viewed by Acrobat Reader from within a Web
browser. This behavior has been confirmed on Windows NT/2K systems
for both Netscape and Internet Explorer. Upgrading to Acrobat Reader
5.0 or higher seems to eliminate this problem.
System Baselining -- A Forensic Perspective
This paper defines baselining terminology, explains the mechanics
of baselining, compares and contrasts different baselining techniques,
and describes FTimes -- a system baselining and evidence collection
tool. The paper also explores some of the criteria that evidence
collection tools and techniques must satisfy if they are going to
support prosecutions. In closing, it presents a pair of war stories
that are typical of the times.
|
