Introduction to the Evimetry Filesystem Bridge and How to Access it

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

19 minutes
Video Transcription
right. Welcome to the seventh in our series of Ah, cyber recourse is here. This is the ever Met Refile System Bridge.
All right, so the elementary file system bridge itself. It provides high speed access to your F F four images from your cool current tool set on Diz used. It's installed along with the controller.
So if you want to put your, uh, the F F four file system bridge or they have metropolises Umbridge
on all your systems that you're doing forensics from using a variety of forensics tools, you actually end up installing a controller on each one of them, which is, you know, honestly, not really a problem installs easy peasy. Uh, he did it before in one of our courses here. There's not much to it. It just just pops right in there
and the bridge becomes available in things like that.
Um, so, you know, simple stuff. No license required for doing that or anything else. Just download, please version go to town.
All right. So, by default, the file system bridge creates a virtual raw, filed out raw file, which is just a DD image available on by default. It defaults to the W drive, which I've never ran into a problem with, I suppose on some people's number, she might have a
network shares. W drive. You can sort that out. It's not a big deal. It's gonna configuration followed for that,
Um, so it presents. It is a raw file so that essentially any forensics tool you should have deal with Ah rah dee dee image. I can't think of a forensics tool out there that doesn't deal with that that most basic format.
Um, because it's being virtualized like that. It's actually really fast. It's funny. And if you go through and read that F F four paper that Dr Schatz put together, Ah, you can see all his charts and graphs and statistics and numbers on just how much faster it is actually running it virtualized
through the file System Bridge rather than
running a traditional easier one or easier one compressed filing things like this so important. Pretty good performance there. But of course, like anything else, the type of storage media that you have your effort four files on is also gonna play into the performance on. I'm sure when we talk to Bradley, we'll talk all about, you know,
running it from these ultra fast drives and things like that.
Um, and and he's right. It it just really fast when you do it like that. But, you know, reality is I don't necessarily always have great big stacks of envy Emmy drives available to me or flash a raise or things like this. But you can get really good performance of just regular
commodity USB drives and things like that, too.
Um, because it just works. Well,
all right, so, um ah, Full walkthrough of ah of the metro file system Bridge is available online at metro dot com under the accessing your image portion.
Um, actually, I think I might have that available right here
and because I said that I don't
That's awesome.
You can read through it yourself on the
the documentation. There were also going to do Ah, live demonstration here from a previously acquired image. Actually, the one of the images we acquired in the last episode of the last course there. Andi, we're gonna preview that f f for image using access data's free F t k image or tool,
which is available to you. Ah, the registration and download at access data dot com Such product downloads you can just download. I believe the latest version is 4.2 point. Oh, or something like this. You go ahead and load up now. Access Data's FBK imager does not natively understand how to address FF four files,
But that's what we're gonna use the file system bridge for,
So why don't we go ahead and do that?
Up Next