Beta 4 is now available. If you turn on debug mode you should get a debug log
https://www.osforensics.com/download...9_1_Beta_4.exe
Announcement
Collapse
No announcement yet.
9.1 Alpha 3 - Remote forensics investigation
Collapse
X
-
There is a new beta build available now to try.
We'll also add the ability to use the global "Debug mode" flag in the next release.
Leave a comment:
-
Hi David,
cool News I try that after you make a new Version downloadable
best
Andre
Leave a comment:
-
Hi David
I found a second Issue the Remote Process stop responding I try why and found that the User activity are here make such a Problem.
If I try a remote acquire step by step all works but if I try user activity the osf64 process hang at target
In OSF I get than a Message that remote process is not responding.
Is there a way start remote acquire in debug mode ?
best
Andre
Leave a comment:
-
We have fixed a problem with the config file. We'll do a new release on Monday to try.
Leave a comment:
-
Hi David
the Logs are smaller I await I have send two Mails one with Logs and second wire some screenshots.
hope the mails have arrived you
best
Andre
Leave a comment:
-
We'll have a look at the issues.
But we don't seem to have received an Email with a Dropbox link.
But I think it is fair to say, if you are doing remote data collection, you need a stable network link. But of course we need to make sure it fails gracefully if the network isn't available and that the operation can be re-tried once the network comes back.
Leave a comment:
-
Hi David,
I tryout something the process OSForensic.exe stay alive if a Remote session was broken
that's why I can not run again a Computer where the remote acquire was broken.
I make a Dump File (Debug Mode) where your team can see hole Problems
They are
1 save /load config
2 Sessin Broken
3 No Connect wrong password (but PW is 100% the real one)
I put tha Files in my Dropbox and send your Support a Link for download.
best
Andre
Leave a comment:
-
Hi David
I try the Features but run into Problems the Main Problem ist that if I save the Config OSF ask
for Password for decryption if I try reopen that saved config I get
There are some other Problems like if Network is not online (Aquire with VPN) the hole process broke and after that
OSF can't connect to same Host again told me Password wrong (same than load config)
First of all cool Idea and nice feature I can not use it if I must run OSF hole Time but it will give me more Options
But it looks there are some Problems first of all nobody can guarantee a stable running network connection if that
is a must have I can also mount c$ in my OSF VM than I not need Remote Aquire
I am very interested for that feature let me know if I can do some tests to solve the Problems ok
best
Andre
Leave a comment:
-
As of yesterday a V9.1 Beta release is available. This has some better documentation of the requirements & method for remote acquisition. If you encounter any problems, or if anything doesn't make sense, please let us know.
Leave a comment:
-
9.1 Alpha 3 - Remote forensics investigation
Hi
I try 9.1 Alpha , so cool that I can now run Remote Investigation since I use OSF that was a Feature I miss .
in next few days I use that to try my Malware Investigations with OSF remote, I isolate PC with Cortex from Network
only OSF Share and Shell access from my Analyzer PC are allowed , than I can try use OSF in my Workflow others than
capture hole Hard Disk.
Very cool feature for me
best
AndreTags: None
Leave a comment: