• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Security and Privacy / Helix – Computer Security Forensics

Helix – Computer Security Forensics

2009-03-17 by Jason

Computer security forensics can get pretty detailed and pretty involved. In fact, it’s almost always best left to the professionals. Even your standard, run-of-the-mill IT professional can get called into court to testify regarding evidence gathered at a scene. When it comes down to justice, you might not want to be the one that gets the blame for a case being dismissed through contamination of evidence.

There are two rules to computer forensics that I’ve heard:

  • Don’t touch it.
  • If you touched it, document everything (how it was before you touched it, date modified, what changes you made, when you touched it, etc. Everything!)

Helix provides a Live CD that is feature full for Incident Response. But just because you have a pipe wrench, it doesn’t make you a plumber. Similarly, just because you have some security tools, it doesn’t make you a certified computer security forensics professional. If you’re going to make a case for something with the evidence available, you might want to investigate your options first. Otherwise, if you’re just trying to analyze a machine for the fun of it or see what information you can gather, Helix is a great tool to play around with.
Helix comes as one CD with two different functionalities:

  1. A CD chock full of Windows-friendly, freeware security utilities.
  2. A Linux live CD so that the hard drive is untouched, but the system can be accessed.

When you start up Helix in a running Windows computer (or it auto-runs), you’ll first be greeted by a nice big warning. Basically, it wants to tell you that the tools you are running can (and technically already has) made changes to the system. Assuming this is what you want to do, choose your language and accept.

helix1

Along with computer information gathering utilities, the CD has three pages Incident Response tools. Everything from templates for your documentation to a lot of cool tools is on this CD. Some utilities, like the NetCat listener, are designed to be run from other computers that could see the suspect machine across the network.

helix2

Some of the other tools available on the Helix CD are very informative and help you paint a picture of what the computer has been doing recently. As a small sample, one utility called USBDeview provides a nice interface to list all the USB devices plugged into the computer and information regarding that connection. You can get the date and time the connection was created, the serial number of the device, and a lot more information. iPods, iPhones, external hard drives, mice, flash drives, they all show up on this list as you can see in this screenshot.

usbdeview

Another sample of the many utilities on this CD comes in the form of WinAudit. This utility gathers a lot of system information in terms of hardware, software, BIOS version, and it presents it in a pretty simple-to-understand interface. You can gather a lot of info in one place with this tool and then save it to an Excel spreadsheet, PDF, text file, or a few other formats.

winaudit

Now the Linux live CD part for me would not load, so I can’t cover that part in depth. I don’t know if it was a problem with video drivers or something, but it would usually crash right after the login screen for me. Perhaps if someone has had better luck, they can add some comments as to how it worked for them and what it offers.

Even without the live CD component, Helix offers a great compilation of security related tools that might come in handy more often than you’d think. The company is shifting away from a free model and plans to launch a pro version of their Helix3 product. In order to get Helix3, you have to register and you’ll get access to the download.

The pro version of the CD is set to launch April 5th. View more about registration information from e-fense.

Filed Under: Security and Privacy, Software, System Administration

Trending

  • University of Notre Dame moves to the cloud
    In Infographics
  • All in an Internet minute
    In Infographics
  • Adobe provides Photoshop and Illustrator CS5 security patches
    In Security and Privacy

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Troubleshooting time synchronization for domain-joined computers Troubleshooting time synchronization for domain-joined computers
  • What is the AllJoyn Router Service on Windows 10? What is the AllJoyn Router Service on Windows 10?
  • 3d rendering circuit cloud for cloud computing technology What Is An Ellucian Migration And Is It Important?
  • Remote monitoring of text messages on a mobile device Remote monitoring of text messages on a mobile device
  • ​Great Tech Tips For Remote Workers ​Great Tech Tips For Remote Workers
  • Ideas That Will Free up MacBook Hard Drive Ideas That Will Free up MacBook Hard Drive
  • Advantages Of Video Conferencing For Small Businesses Advantages Of Video Conferencing For Small Businesses
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • What Is An Ellucian Migration And Is It Important?
  • Remote monitoring of text messages on a mobile device
  • ​Great Tech Tips For Remote Workers

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2021 · Magazine Pro Theme on Genesis Framework · WordPress · Log in