Gareth Digby

Visiting Lecturer In Computer Science

Accessing Autopsy V2 on the FOR2014 EC2 Instance

Summary

These instructions describe how to access Autopsy running on the FOR2014 Elastic Compute Cloud (EC2) instance used for the FOR classroom exercises. This post describes:
1. How to configure Autopsy on an Amazon Web Services (AWS) EC2 instance to use its default port from a specified remote host public IP address.
2. How to configure Autopsy on an AWS EC2 instance to use ssh Port Forwarding to authenticate the connection and encrypt the traffic between Autopsy and the remote host.

Creating and Accessing the FOR2014 EC2 Instance

Summary

These instructions describe how to create an Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instance from a customized Amazon Machine Image (AMI) for the FOR classroom exercises. The instructions also provide information on setting up an ssh session to log into the instance once it is running.

Creating an AMI for Classroom Use

Summary

In this post I describe how to create an Amazon Machine Image (AMI) from a customized Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instance. The AMI allows software and data to be prepackaged and distributed to students for use in classroom exercises.

Setting Up Sleuthkit and Autopsy on an AWS EC2 Instance

Summary

In this post I outline how to install and use Sleuthkit to conduct computer forensic analysis on an Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instance. The EC2 instance is used in classroom exercises by students using the Linux command line to investigate and analyze forensic evidence.

Using Amazon Web Services in Teaching

Summary

In this post I describe the decisions points I have been through as I have introduced AWS-based teaching resources into the course I teach. The post gives a high-level overview of the steps I took to identify, create and distribute the AWS-based teaching resources for use in my course.

Using Virtualisation in the Teaching of Computer Forensics

Summary

This post describes how I use virtual machines to create exercises and assignments for the course I teach. The post also shows how the distribution of the virtual machines to the students allows them to take the skills they have learned in class away with them.

Creating a Lubuntu Virtual Machine for Computer Forensics Teaching

Summary

This post describes how to create a Lubuntu-based virtual machine (VM) to be used when teaching of computer forensic analysis and investigation. The post discusses the background to the use of the VM, how the VM is created in VMware Fusion, and how Sleuthkit and other Linux-based utilities are installed. The post finishes with some suggestions on how the VM issued in class can be configured for the classroom teaching computers. This post assumes the reader is familiar with Linux and a virtualization application such as VMware. [While the applications and utilities used are appropriate for a computer forensics investigation, the use of a VM is most probably not an appropriate approach for setting up a production system to undertake computer forensic analysis and investigation because of the overhead the VM adds.]