DIY Computer Forensic Investigation

This is meant to be informative for those who are interested in computer forensic investigation and useful for those who have the authority to access the information and perform an investigation.

The how-to you find here http://www.myfixlog.com/fix.php?fid=32 will guide you through essentially the same methods that a Computer Forensics Investigator would follow. Each step is performed using free and/or open source software. This is not to say that this tutorial is watered down - some of the software used was developed for the Department of Defense's Cyber Crime Center. While what you find probably would not hold up in court, it may avoid you going there; or it may just be something that interests you.

The goal is to recover information concerning what the computer user is doing, what programs he is using, what files he has accessed, created or deleted, some of his browsing history, email etc. It assumes that you can have full access to the computer for a few hours.