Video Transcription

00:00
All right. Welcome to basic elementary, dead boot forensic acquisition. And let's get right into this.
00:07
All right, Sy Berry viewers or Saira, what do we call you? Can't go to Sai Berry. And I think it's the people here. Right? You guys are Siberians and I were here in the beautiful side. Very studio in College Park, Maryland. Ah, so cyber rights separates now we'll work on this anyway, a couple of the items that we need here. So
00:26
got the dead boot dongle that I made things is one of our standard dead mood consoles.
00:30
I like to mark him with a little tag, so I confined him later. We put the version of Ephraim entry dead Buddha agent we're using on it things like that. But you can see nothing particularly special. Just your average little SanDisk thumb drive kind of handy. Um, we have our elementary boot dongle here.
00:47
Um, I don't know if you guys do this, but this is Ah,
00:50
a trick. We use it.
00:52
Atlantic data Forensics dangles air so easy to lose in the back of machines and get left and servers and things like this. So we hooked these
01:00
big dangly obnoxiously colored. Uh, we have been reds and bright yellows and oranges and stuff like this to him so that we don't lose our very valuable dong gal's for our licensing. They're, like, said Standard, not too much to get excited about. Blessed
01:18
Western digital USB drive
01:19
s not much. Do that. Um, this little nook here, this intel nook is going to be our our target computer. So this would be the computer will acquire a forensic image of not much to be said about that standing little device. And then, uh, this mess of
01:38
cables and things that we have here on the table that you can't quite see
01:42
thanks to the edge of it, we just have ah, little links is to provide us with with, ah, network connection. Normal is to be a client's, you know, actual wired network plugged into the wall, things like that. And this is also acting as our d c p server so that we have i p connectivity between our
02:00
our target system and our controller system.
02:04
So with that, we're gonna go ahead, take this dead boot agent, and we're going to go ahead and boot our, um, our little target system here. Not much to this. Go ahead, plug your your blessed USB drive in.
02:19
Get that in there, get my dead boot agent in there
02:23
and because we're gonna do this first. Locally, I don't have to use my license dongle locally on this system so that elementary will know that I'm licensed to go ahead and collect. So that's pretty straightforward. Just plugging in USB devices and then we'll get this fired up.
02:40
We'll show you the actual local boots screen for every metric.

Up Next

Basic Evimetry Deadboot Forensic Acquisition: Wired and Local

This course covers using the creating an Evimetry Deadboot dongle to create a forensic image from a bootable USB thumb drive. We’ll also walk through using the Evimetry Deadboot dongle to directly create a forensic image from the target computer.

Instructed By

Instructor Profile Image
Brian Dykstra
CEO and President of Atlantic Data Forensics
Instructor