Encase 4.20 (the premier computer forensics tool) Posted

Discussion in 'Computer Security' started by nemo outis, Dec 11, 2004.

  1. nemo outis

    nemo outis Guest

    If you haven't tested it, you don't really know whether you're
    secure. QA/QC is a vital part of any security/privacy program.

    Accordingly, many would like to to test their security
    arrangements against serious forensic tools, such as those used
    by major LE organizations. Well, they're in luck! Encase 4.20
    (the latest and greatest of the heaviest of the heavyweights) has
    just been posted in alt.binaries.warez.win95-apps

    Regards,

    PS The posted version includes docs, but those who wish to
    have the **complete kit** will nip on over to the Encase site,
    www.guidancesoftware.com, and hoover down the scripts and
    filters (which are not included in the posted version but are
    available at the site). Better be quick about it - Encase may
    clue in and pull them!
     
    nemo outis, Dec 11, 2004
    #1
    1. Advertising

  2. On Sat, 11 Dec 2004, nemo (nemo outis) wrote:
    >If you haven't tested it, you don't really know whether you're
    >secure. QA/QC is a vital part of any security/privacy program.
    >
    >Accordingly, many would like to to test their security
    >arrangements against serious forensic tools, such as those used
    >by major LE organizations. Well, they're in luck! Encase 4.20
    >(the latest and greatest of the heaviest of the heavyweights) has
    >just been posted in alt.binaries.warez.win95-apps
    >
    >Regards,
    >
    >PS The posted version includes docs, but those who wish to
    >have the **complete kit** will nip on over to the Encase site,
    >www.guidancesoftware.com, and hoover down the scripts and
    >filters (which are not included in the posted version but are
    >available at the site). Better be quick about it - Encase may
    >clue in and pull them!


    Thanks very much!!! Got it. Been waiting a long time for it.
     
    Max Mustermann, Dec 11, 2004
    #2
    1. Advertising

  3. nemo outis

    tokaj Guest

    Max can you assist me a bit ???
    "Max Mustermann" <> wrote in message
    news:...
    > On Sat, 11 Dec 2004, nemo (nemo outis) wrote:
    > >If you haven't tested it, you don't really know whether you're
    > >secure. QA/QC is a vital part of any security/privacy program.
    > >
    > >Accordingly, many would like to to test their security
    > >arrangements against serious forensic tools, such as those used
    > >by major LE organizations. Well, they're in luck! Encase 4.20
    > >(the latest and greatest of the heaviest of the heavyweights) has
    > >just been posted in alt.binaries.warez.win95-apps
    > >
    > >Regards,
    > >
    > >PS The posted version includes docs, but those who wish to
    > >have the **complete kit** will nip on over to the Encase site,
    > >www.guidancesoftware.com, and hoover down the scripts and
    > >filters (which are not included in the posted version but are
    > >available at the site). Better be quick about it - Encase may
    > >clue in and pull them!

    >
    > Thanks very much!!! Got it. Been waiting a long time for it.
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
     
    tokaj, Dec 11, 2004
    #3
  4. On Sat, 11 Dec 2004, "tokaj" <> wrote:
    >Max can you assist me a bit ???


    What do you need? Be more than willing to try.
     
    Max Mustermann, Dec 11, 2004
    #4
  5. Hey cipher

    Ive updated my disk, it now runs TC3 and Eraser 5.7, if you want a copy
    gimme a shout n ill send u the url.

    Cheers

    Sheldon
     
    Sheldon Botha, Dec 11, 2004
    #5
  6. nemo outis

    tokaj Guest

    How do I combine this prog. downloaded it all incl. material from encase
    site.
    Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself if it
    is succesfull
    So n'bit of newbee.

    tokaj

    "Max Mustermann" <> wrote in message
    news:...
    > On Sat, 11 Dec 2004, "tokaj" <> wrote:
    > >Max can you assist me a bit ???

    >
    > What do you need? Be more than willing to try.
    >
     
    tokaj, Dec 11, 2004
    #6
  7. On Sat, 11 Dec 2004, "tokaj" <> wrote:
    >How do I combine this prog. downloaded it all incl. material from encase
    >site.
    >Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself if it
    >is succesfull
    >So n'bit of newbee.
    >
    >tokaj


    You need to have Winrar to combine the files. I don't know if Winzip will
    work the same way as I only use Winrar. Extract each of the zipped files
    using Winzip or Winrar. You will wind up with files listed as following:

    crack.zip
    encse420.r00
    encse420.r01
    encse420.r02
    encse420.r03
    encse420.r04
    And some *.nfo files (information) Open them with notepad.


    Assuming you have Winrar installed:
    Right click on encse420.r00 and using Winrar extract to C:/encse420. Winrar
    creates the directory, combines the files to create the encase program file
    (EnSetup420.exe) and the manual (EFE_Manual_English_rev420_C.pdf).

    Run EnSetup420.exe and install Encase. Don't restart your computer after
    the install. Next, extract the file from the Crack.zip file named
    Enhkey.dll. Copy Enhkey.dll into C:\WINDOWS\SYSTEM32 directory (XP) and
    replace the existing file that was put there by Encase during the install
    with the cracked file. If your using something other than XP, search
    Windows or your OS directory for the location of Enhkey.dll and overwrite
    it with the one from the crack.zip file.

    Reboot you computer. Encase is now ready to run.

    Start Encase and go to the help pull down menu. Click on about encase:
    You should see the following:

    Thank you for using EnCase.
    www.encase.com
    Version 4.20
    3B00000030 10/27/04
    05:07:48PM

    Sales and Technical Support: (626) 229-9191
    Dongle ID #12345678
    Name: Registered User Order #12345

    EnCaseĀ® is a registered trademark of
    Guidance Software. All rights reserved.

    You will have to read the PDF file to learn how to use it. It is a very
    powerful program and is not intuitively obvious on how to check your
    system. I can't help much here as I am still learning the new version. The
    previous version for Win 98 was pretty simple by comparison.

    If you don't have Winrar, see the following link to find which newsgroup to
    download it from:

    http://www.newzbin.com/search/query/p/?q=winrar&Category=-1&searchFP=p

    Hope this helps and good luck.
     
    Max Mustermann, Dec 11, 2004
    #7
  8. nemo outis

    autodog Guest

    Hello Sheldon, any chance that I can get that url from you?



    On Sat, 11 Dec 2004 18:37:49 GMT, "Sheldon Botha"
    <> wrote:

    >Hey cipher
    >
    >Ive updated my disk, it now runs TC3 and Eraser 5.7, if you want a copy
    >gimme a shout n ill send u the url.
    >
    >Cheers
    >
    >Sheldon
    >
     
    autodog, Dec 11, 2004
    #8
  9. nemo outis

    tokaj Guest

    Yes that clear, busy doing so thanks so far
    Tokaj
    "Max Mustermann" <> wrote in message
    news:...
    On Sat, 11 Dec 2004, "tokaj" <> wrote:
    >How do I combine this prog. downloaded it all incl. material from encase
    >site.
    >Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself if it
    >is succesfull
    >So n'bit of newbee.
    >
    >tokaj


    You need to have Winrar to combine the files. I don't know if Winzip will
    work the same way as I only use Winrar. Extract each of the zipped files
    using Winzip or Winrar. You will wind up with files listed as following:

    crack.zip
    encse420.r00
    encse420.r01
    encse420.r02
    encse420.r03
    encse420.r04
    And some *.nfo files (information) Open them with notepad.


    Assuming you have Winrar installed:
    Right click on encse420.r00 and using Winrar extract to C:/encse420. Winrar
    creates the directory, combines the files to create the encase program file
    (EnSetup420.exe) and the manual (EFE_Manual_English_rev420_C.pdf).

    Run EnSetup420.exe and install Encase. Don't restart your computer after
    the install. Next, extract the file from the Crack.zip file named
    Enhkey.dll. Copy Enhkey.dll into C:\WINDOWS\SYSTEM32 directory (XP) and
    replace the existing file that was put there by Encase during the install
    with the cracked file. If your using something other than XP, search
    Windows or your OS directory for the location of Enhkey.dll and overwrite
    it with the one from the crack.zip file.

    Reboot you computer. Encase is now ready to run.

    Start Encase and go to the help pull down menu. Click on about encase:
    You should see the following:

    Thank you for using EnCase.www.encase.comVersion 4.203B00000030 10/27/04
    05:07:48PMSales and Technical Support: (626) 229-9191Dongle ID #12345678
    Name: Registered User Order #12345EnCaseĀ® is a registered trademark of
    Guidance Software. All rights reserved.

    You will have to read the PDF file to learn how to use it. It is a very
    powerful program and is not intuitively obvious on how to check your
    system. I can't help much here as I am still learning the new version. The
    previous version for Win 98 was pretty simple by comparison.

    If you don't have Winrar, see the following link to find which newsgroup to
    download it from:

    http://www.newzbin.com/search/query/p/?q=winrar&Category=-1&searchFP=p

    Hope this helps and good luck.
     
    tokaj, Dec 11, 2004
    #9
  10. On Sat, 11 Dec 2004, "tokaj" <> wrote:
    >How do I combine this prog. downloaded it all incl. material from encase
    >site.
    >Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself if it
    >is succesfull
    >So n'bit of newbee.


    You might also want to get Steganos Internet Anonym Pro Multilingual v7.0.9

    You can find it here:
    http://www.e-lunatic.org/

    It does a neat job of erasing your browsing tracks.
     
    Max Mustermann, Dec 11, 2004
    #10
  11. nemo outis

    tokaj Guest

    Look into it think it is wise.
    Thanks
    "Max Mustermann" <> wrote in message
    news:...
    > On Sat, 11 Dec 2004, "tokaj" <> wrote:
    > >How do I combine this prog. downloaded it all incl. material from encase
    > >site.
    > >Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself if

    it
    > >is succesfull
    > >So n'bit of newbee.

    >
    > You might also want to get Steganos Internet Anonym Pro Multilingual

    v7.0.9
    >
    > You can find it here:
    > http://www.e-lunatic.org/
    >
    > It does a neat job of erasing your browsing tracks.
    >
     
    tokaj, Dec 11, 2004
    #11
  12. nemo outis

    tokaj Guest

    Maybe it works already ????
    "tokaj" <> wrote in message
    news:41bb5a5e$0$218$...
    > Look into it think it is wise.
    > Thanks
    > "Max Mustermann" <> wrote in message
    > news:...
    > > On Sat, 11 Dec 2004, "tokaj" <> wrote:
    > > >How do I combine this prog. downloaded it all incl. material from

    encase
    > > >site.
    > > >Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself

    if
    > it
    > > >is succesfull
    > > >So n'bit of newbee.

    > >
    > > You might also want to get Steganos Internet Anonym Pro Multilingual

    > v7.0.9
    > >
    > > You can find it here:
    > > http://www.e-lunatic.org/
    > >
    > > It does a neat job of erasing your browsing tracks.
    > >

    >
    >
     
    tokaj, Dec 11, 2004
    #12
  13. nemo outis

    winged Guest

    Sigh, I must live a totally unexciting life, I have no data in my life I
    must so utterly destroy. At least none I would put on an exposed
    computer....Never tell where the body is buried....

    Cover my browsing tracks? From who? If you are on a network the network
    sys admin can log or recover, and possibly replicate all IP activity,
    and usually decipher the activity that was occurring. Shucks we can go
    back a year and look at traffic. If it's your wife, she prolly doesn't
    even know how to undelete a file, if it's from the police, there is an
    electron microscope scanner that makes "any" amount of erasure/overwrite
    a mute point, if they want the data bad enough, but they would probably
    just ask your ISP for the records they are required by law to keep. If
    sufficiently warranted they would place a sniffer in the pipe and record
    replicate and possible view all network activity (The Patriot act makes
    even a search warrant unneeded). Shucks, it would raise flags that I
    had a user who needed this capability and I would just put a hidden
    process key logger on the system and they could erase things all day
    long. Lamplight the system and it wouldn't matter much what the user
    "did" to hide tracks (except totally destroying the HDD).

    So I have to ask a silly question; What does this total analization of
    browser tracks do? Why on earth does one need it? I am really curious.

    Winged


    tokaj wrote:
    > Maybe it works already ????
    > "tokaj" <> wrote in message
    > news:41bb5a5e$0$218$...
    >
    >>Look into it think it is wise.
    >>Thanks
    >>"Max Mustermann" <> wrote in message
    >>news:...
    >>
    >>>On Sat, 11 Dec 2004, "tokaj" <> wrote:
    >>>
    >>>>How do I combine this prog. downloaded it all incl. material from

    >
    > encase
    >
    >>>>site.
    >>>>Use Eraser from pgp or Bestcrypt or Heidi but never checked it myself

    >
    > if
    >
    >>it
    >>
    >>>>is succesfull
    >>>>So n'bit of newbee.
    >>>
    >>>You might also want to get Steganos Internet Anonym Pro Multilingual

    >>
    >>v7.0.9
    >>
    >>>You can find it here:
    >>>http://www.e-lunatic.org/
    >>>
    >>>It does a neat job of erasing your browsing tracks.
    >>>

    >>
    >>

    >
    >
     
    winged, Dec 12, 2004
    #13
  14. nemo outis

    nemo outis Guest

    In article <cpg30n$>, winged <> wrote:
    >Sigh, I must live a totally unexciting life, I have no data in my life I
    >must so utterly destroy. At least none I would put on an exposed
    >computer....Never tell where the body is buried....
    >
    >Cover my browsing tracks? From who? If you are on a network the network
    >sys admin can log or recover, and possibly replicate all IP activity,
    >and usually decipher the activity that was occurring. Shucks we can go
    >back a year and look at traffic. If it's your wife, she prolly doesn't
    >even know how to undelete a file, if it's from the police, there is an
    >electron microscope scanner that makes "any" amount of erasure/overwrite
    >a mute point, if they want the data bad enough, but they would probably
    >just ask your ISP for the records they are required by law to keep. If
    >sufficiently warranted they would place a sniffer in the pipe and record
    >replicate and possible view all network activity (The Patriot act makes
    >even a search warrant unneeded). Shucks, it would raise flags that I
    >had a user who needed this capability and I would just put a hidden
    >process key logger on the system and they could erase things all day
    >long. Lamplight the system and it wouldn't matter much what the user
    >"did" to hide tracks (except totally destroying the HDD).
    >
    >So I have to ask a silly question; What does this total analization of
    >browser tracks do? Why on earth does one need it? I am really curious.
    >
    >Winged



    It's 1935. I live in Germany, a civilized country in the heart
    of Europe, which is at peace. Why should I, a Jew, worry about
    entering my religion on the census form? After all, my privacy
    is guaranteed.

    Regards,
     
    nemo outis, Dec 12, 2004
    #14
  15. nemo outis

    Leythos Guest

    In article <cpg30n$>,
    says...
    > So I have to ask a silly question; What does this total analization of
    > browser tracks do? Why on earth does one need it? I am really curious.


    From what I've seen from people asking for this type of service, it's
    people that are doing illegal or unethical things that they are ashamed
    for others to find out about.

    Since all internet activity can be tracked, it's really silly for anyone
    to think they can every actually hide in public.

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Dec 12, 2004
    #15
  16. nemo outis

    nemo outis Guest

    In article <cpg30n$>, winged <> wrote:
    >Sigh, I must live a totally unexciting life, I have no data in my life I
    >must so utterly destroy. At least none I would put on an exposed
    >computer....Never tell where the body is buried....
    >
    >Cover my browsing tracks? From who? If you are on a network the network
    >sys admin can log or recover, and possibly replicate all IP activity,
    >and usually decipher the activity that was occurring. Shucks we can go
    >back a year and look at traffic. If it's your wife, she prolly doesn't
    >even know how to undelete a file, if it's from the police, there is an
    >electron microscope scanner that makes "any" amount of erasure/overwrite
    >a mute point, if they want the data bad enough, but they would probably
    >just ask your ISP for the records they are required by law to keep. If
    >sufficiently warranted they would place a sniffer in the pipe and record
    >replicate and possible view all network activity (The Patriot act makes
    >even a search warrant unneeded). Shucks, it would raise flags that I
    >had a user who needed this capability and I would just put a hidden
    >process key logger on the system and they could erase things all day
    >long. Lamplight the system and it wouldn't matter much what the user
    >"did" to hide tracks (except totally destroying the HDD).
    >
    >So I have to ask a silly question; What does this total analization of
    >browser tracks do? Why on earth does one need it? I am really curious.
    >
    >Winged



    My name is Robert Bork. After a long career, I have been
    nominated for a seat on the Supreme Court. But it comes to light
    that I have rented pornographic videos. REsult: appointment shot
    to hell!

    But why should I worry about privacy?

    Regards,
     
    nemo outis, Dec 12, 2004
    #16
  17. nemo outis

    Leythos Guest

    In article <5CMud.463874$Pl.416260@pd7tw1no>, nemo
    (nemo outis) says...
    [snip]
    > >
    > >So I have to ask a silly question; What does this total analization of
    > >browser tracks do? Why on earth does one need it? I am really curious.
    > >
    > >Winged

    >
    >
    > My name is Robert Bork. After a long career, I have been
    > nominated for a seat on the Supreme Court. But it comes to light
    > that I have rented pornographic videos. REsult: appointment shot
    > to hell!


    Why are you worried about renting pornographic videos? If you are not
    ashamed of your actions then more power to you. Oh, and renting Porn has
    little to do with this thread - now if you had said I have downloaded
    porn, the question would still stand - what are you ashamed of and why
    would it end your chance?

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Dec 12, 2004
    #17
  18. On Sun, 12 Dec 2004, Leythos <> wrote:
    >In article <cpg30n$>,
    >says...
    >> So I have to ask a silly question; What does this total analization of
    >> browser tracks do? Why on earth does one need it? I am really curious.

    >
    >From what I've seen from people asking for this type of service, it's
    >people that are doing illegal or unethical things that they are ashamed
    >for others to find out about.
    >
    >Since all internet activity can be tracked, it's really silly for anyone
    >to think they can every actually hide in public.
    >
    >--
    >--
    >
    >(Remove 999 to reply to me)


    So what are you doing here reading the alt.privacy newsgroup? Sounds like
    you are wasting your time reading about something you have no interest in.
     
    Max Mustermann, Dec 12, 2004
    #18
  19. nemo outis

    Leythos Guest

    In article <>,
    says...
    > On Sun, 12 Dec 2004, Leythos <> wrote:
    > >In article <cpg30n$>,
    > >says...
    > >> So I have to ask a silly question; What does this total analization of
    > >> browser tracks do? Why on earth does one need it? I am really curious.

    > >
    > >From what I've seen from people asking for this type of service, it's
    > >people that are doing illegal or unethical things that they are ashamed
    > >for others to find out about.
    > >
    > >Since all internet activity can be tracked, it's really silly for anyone
    > >to think they can every actually hide in public.

    >
    > So what are you doing here reading the alt.privacy newsgroup? Sounds like
    > you are wasting your time reading about something you have no interest in.


    Since the OP cross-posted this to several groups, which you appear to
    have missed, the reply is valid.

    Groups posted to:
    alt.security.scramdisk,alt.privacy,alt.computer.security

    Actually, I have an interest in Privacy, but I've not seen any tools
    that really make browsing or computer activities truly private. Since I
    manage firewalls, networks, large systems, and also the lowly desktops,
    I've seen people "try" and hide their actions, but there is nothing that
    gets by when being looked for.


    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Dec 12, 2004
    #19
  20. On 11 Dec 2004, winged <> wrote:
    >Sigh, I must live a totally unexciting life, I have no data in my life I
    >must so utterly destroy. At least none I would put on an exposed
    >computer....Never tell where the body is buried....
    >
    >Cover my browsing tracks? From who? If you are on a network the network
    >sys admin can log or recover, and possibly replicate all IP activity,
    >and usually decipher the activity that was occurring. Shucks we can go
    >back a year and look at traffic. If it's your wife, she prolly doesn't
    >even know how to undelete a file, if it's from the police, there is an
    >electron microscope scanner that makes "any" amount of erasure/overwrite
    >a mute point, if they want the data bad enough, but they would probably
    >just ask your ISP for the records they are required by law to keep. If
    >sufficiently warranted they would place a sniffer in the pipe and record
    >replicate and possible view all network activity (The Patriot act makes
    >even a search warrant unneeded). Shucks, it would raise flags that I
    >had a user who needed this capability and I would just put a hidden
    >process key logger on the system and they could erase things all day
    >long. Lamplight the system and it wouldn't matter much what the user
    >"did" to hide tracks (except totally destroying the HDD).
    >
    >So I have to ask a silly question; What does this total analization of
    >browser tracks do? Why on earth does one need it? I am really curious.
    >
    >Winged
    >
    >


    Why on earth are you reading the alt.privacy newsgroup? I am really
    curious. Why bother reading something you have totally no use for?
     
    Max Mustermann, Dec 12, 2004
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silas

    Evidence Eliminator v Encase

    Silas, Dec 3, 2004, in forum: Computer Security
    Replies:
    17
    Views:
    2,095
    nemo outis
    Dec 11, 2004
  2. nemo_outis

    Encase 4.2 Posted

    nemo_outis, Sep 4, 2005, in forum: Computer Security
    Replies:
    0
    Views:
    594
    nemo_outis
    Sep 4, 2005
  3. Silas

    Evidence Eliminator v's Encase

    Silas, Dec 3, 2004, in forum: Computer Information
    Replies:
    1
    Views:
    757
    derek / nul
    Dec 4, 2004
  4. Bud

    EnCase 4.2

    Bud, Sep 27, 2006, in forum: Computer Security
    Replies:
    2
    Views:
    2,761
    nemo_outis
    Sep 28, 2006
  5. Tory Brown
    Replies:
    16
    Views:
    635
    Tory Brown
    Aug 4, 2006
Loading...

Share This Page