![]() ![]() The product is capable of handling most common file systems, including Windows, Linux and Solaris Unix. Additionally, it can perform full live forensic analysis over the network. ![]() It can run ongoing hash comparisons that help spot changes to critical files. It can collect volatile data, such as open and hidden files, running processes and open ports. ProDiscover IR does a lot more than collect images or parts of images from remote computers. ProScript is remarkably robust and flexible. We have scripted common requirements, such as periodic remote acquisition and analysis, as well as exotic ones, such as performing vulnerability analysis during a forensic scan. We found in earlier tests and in day-to-day use that this product really exploits ProScript for its true power. Of all of the computer forensic products we tested, we found ProDiscover IR to be the easiest to use. A simple console-to-agent connection also provides simplicity and reduced cost over more complicated over-the-network acquisition schemes. For example, the notion of using Perl as the basis for ProScript makes sense because many IT professionals already are proficient in Perl. ![]() We like ProDiscover IR for its flexibility and simplicity. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |