USB FORENSICS.pptx for the purpose of fo

SSPRCO 12 views 13 slides Jul 08, 2024
Slide 1
Slide 1 of 13
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13

About This Presentation

Forensics

Size: 422.2 KB
Language: en
Added: Jul 08, 2024
Slides: 13 pages

Slide Content

USB FORENSICS

Now we Will See USBDVIEW ..  USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used.  For each USB device, extended information is displayed: Device name/description, device type, serial number (for mass storage devices), the date/time that device was added, VendorID , ProductID , and more...   USBDeview also allows you to uninstall USB devices that you previously used, disconnect USB devices that are currently connected to your computer, as well as to disable and enable USB devices. You can also use USBDeview on a remote computer, as long as you login to that computer with admin user.

Lets See Practical Now  Download Link for USBDVIEW is given below :- http://www.nirsoft.net/utils/usb_devices_view.html Now we will download the zip file from the website and then we extract it and then we just click on the USBDVIEW.

Lets See Practical Now  After we click on the file we will get all the info of the usb which has been inserted in the particular pc.

Lets See Practical Now  We will just click on this file

What information we will get ? Device Name:  Specifies the device name. For some device, this column may display meaningless name, like "USB Device". If the device name is meaningless, try to look at the Description column. Device Description:  The description of the device. Device Type:  The device type, according to USB class code. Connected:  Specifies whether the device is currently connected to your computer. If the device is connected, you can use the 'Disconnect Selected Devices' option (F9) to disconnect the device.

What information we will get ? Safe To Unplug:  Specifies whether it's safe to unplug the device from the USB plug without disconnecting it first. If the value of this column is false, and you want to unplug this device, you must first disconnect this device by using the 'Disconnect Selected Devices' option (F9) of USBDeview utility, or by using the 'Unplug or Eject Hardware' utility of Windows operating system. Drive Letter:  Specifies the drive letter of the USB device. This column is only relevant to USB flash memory devices and to USB CD/DVD drives. Be aware that USBDeview cannot detect drive letters of USB hard-disks.

What information we will get ? Serial Number:  Specifies the serial number of the device. This column is only relevant to mass storage devices (flash memory devices, CD/DVD drives, and USB hard-disks). Created Date:  Specifies the date/time that the device was installed. In most cases, this date/time value represents the time that you first plugged the device to the USB port. However, be aware that in some circumstances this value may be wrong. Also, On Windows 7, this value is initialized with the current date/time on every reboot. Last Plug/Unplug Date:  Specifies the last time that you plugged/unplugged the device. This date value is mostly lost when you restart the computer.

What information we will get ? VendorID / ProductID :  Specifies the VendorID and ProductID of the device. USB Class/Subclass/Protocol:  Specifies the Class/Subclass/Protocol of the device according to USB specifications.  Hub/Port:  Specifies the hub number and port number that the device was plugged into. This value is empty for mass storage devices. Notice:  According to user reports, On some systems the 'Last Plug/Unplug Date' and the 'Created Date' values are initialized after reboot. This means that these columns may display the reboot time instead of the correct date/time.

USBDeview Icons Legend  The device is not connected. The device is connected. It's safe to physically unplug the device without disconnecting it. The device is connected. You must disconnect the device from USBDeview or from Windows "Safely Remove Hardware" option before you physically unplug it. The device is disabled.

Now how to Check out for Linux  Follow the link below  http://www.cyberciti.biz/faq/linux-log-files-location-and-how-do-i-view-logs-files/ http://www.dotkam.com/2009/01/06/find-usb-flash-drive-device-in-linux/

Now how to Check out for Mac  Follow the link below  https://marinersoftware.deskpro.com/kb/articles/134-how-to-locate-your-console-log

Thank You
Tags
forex
Categories
Finance
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 12
  • Slides 13
  • Age 511 days
Related Slideshows
FM I Chapter 3: Time Value of Money .ppt 22
FM I Chapter 3: Time Value of Money .ppt
belaywube
23 views
Financial Management I Chapter Three.pdf 40
Financial Management I Chapter Three.pdf
belaywube
22 views
Md. Sirajuddwla Vs. The State and Ors. [2016] 1LNJ(HCD)177. 9
Md. Sirajuddwla Vs. The State and Ors. [2016] 1LNJ(HCD)177.
SMAlamgirHossain3
22 views
business finance-2nd quarter week 1.pptx 26
business finance-2nd quarter week 1.pptx
DianaPingol2
21 views
bank-reconciliation-2-240226133520-7f66bb8a.pptx 37
bank-reconciliation-2-240226133520-7f66bb8a.pptx
NaizeJann
20 views
Create_a_Portfolio_Website_Showcasing_Projects_Skills_and_Contact_Info_Presentation.pdf.pdf 25
Create_a_Portfolio_Website_Showcasing_Projects_Skills_and_Contact_Info_Presentation.pdf.pdf
AluminicompSRESCoeKo
18 views
View More in This Category