• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Security and Privacy / Helix – Computer Security Forensics

Helix – Computer Security Forensics

2009-03-17 by Jason

Computer security forensics can get pretty detailed and pretty involved. In fact, it’s almost always best left to the professionals. Even your standard, run-of-the-mill IT professional can get called into court to testify regarding evidence gathered at a scene. When it comes down to justice, you might not want to be the one that gets the blame for a case being dismissed through contamination of evidence.

There are two rules to computer forensics that I’ve heard:

  • Don’t touch it.
  • If you touched it, document everything (how it was before you touched it, date modified, what changes you made, when you touched it, etc. Everything!)

Helix provides a Live CD that is feature full for Incident Response. But just because you have a pipe wrench, it doesn’t make you a plumber. Similarly, just because you have some security tools, it doesn’t make you a certified computer security forensics professional. If you’re going to make a case for something with the evidence available, you might want to investigate your options first. Otherwise, if you’re just trying to analyze a machine for the fun of it or see what information you can gather, Helix is a great tool to play around with.
Helix comes as one CD with two different functionalities:

  1. A CD chock full of Windows-friendly, freeware security utilities.
  2. A Linux live CD so that the hard drive is untouched, but the system can be accessed.

When you start up Helix in a running Windows computer (or it auto-runs), you’ll first be greeted by a nice big warning. Basically, it wants to tell you that the tools you are running can (and technically already has) made changes to the system. Assuming this is what you want to do, choose your language and accept.

helix1

Along with computer information gathering utilities, the CD has three pages Incident Response tools. Everything from templates for your documentation to a lot of cool tools is on this CD. Some utilities, like the NetCat listener, are designed to be run from other computers that could see the suspect machine across the network.

helix2

Some of the other tools available on the Helix CD are very informative and help you paint a picture of what the computer has been doing recently. As a small sample, one utility called USBDeview provides a nice interface to list all the USB devices plugged into the computer and information regarding that connection. You can get the date and time the connection was created, the serial number of the device, and a lot more information. iPods, iPhones, external hard drives, mice, flash drives, they all show up on this list as you can see in this screenshot.

usbdeview

Another sample of the many utilities on this CD comes in the form of WinAudit. This utility gathers a lot of system information in terms of hardware, software, BIOS version, and it presents it in a pretty simple-to-understand interface. You can gather a lot of info in one place with this tool and then save it to an Excel spreadsheet, PDF, text file, or a few other formats.

winaudit

Now the Linux live CD part for me would not load, so I can’t cover that part in depth. I don’t know if it was a problem with video drivers or something, but it would usually crash right after the login screen for me. Perhaps if someone has had better luck, they can add some comments as to how it worked for them and what it offers.

Even without the live CD component, Helix offers a great compilation of security related tools that might come in handy more often than you’d think. The company is shifting away from a free model and plans to launch a pro version of their Helix3 product. In order to get Helix3, you have to register and you’ll get access to the download.

The pro version of the CD is set to launch April 5th. View more about registration information from e-fense.

Filed Under: Security and Privacy, Software, System Administration

Trending

  • A Rant on Cyber-Bullying or ‘They’re 11. You, the Parent, Take Responsibility!’
    In Media, Security and Privacy, Software, Talking Points
  • Google Takes Strides Against Insecure Javascript
    In Security and Privacy, Software
  • TurboTax resumes state tax filing after fraud investigation
    In Security and Privacy, Software

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Command line to take ownership and change permissions Command line to take ownership and change permissions
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • Creating and editing views in phpMyAdmin Creating and editing views in phpMyAdmin
  • customer contactless payment for drink with mobile phon at cafe counter bar,seller coffee shop accept payment by mobile.new normal lifestyle concept The Latest Innovations In Payment Technology
  • How Digital Technology Brought the Rise of the CMO   How Digital Technology Brought the Rise of the CMO  
  • How to Purchase Cryptocurrencies? How to Purchase Cryptocurrencies?
  • Top 6 necessary aspects to consider when hiring Angular developers Top 6 necessary aspects to consider when hiring Angular developers
  • Full guide on drawbacks and benefits of Node.js for making the perfect choice for your business Full guide on drawbacks and benefits of Node.js for making the perfect choice for your business
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • The Latest Innovations In Payment Technology
  • How Digital Technology Brought the Rise of the CMO  
  • How to Purchase Cryptocurrencies?

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in