admin
-
Posts
241 -
Joined
-
Last visited
-
Days Won
8
Posts posted by admin
-
-
Thanks for sharing Jacques. I know people will find these useful.
-
1
-
-
You need to discuss Negotiating the ESI Agreements with the lawyer. As our load file checklist say. Do not accept a loadfile without one.
-
1
-
-
Hello Fuzed,
Perhaps you could contact the company that sent it for a layout? You are going to need it or you are up for lots of work.
-
Hi Katherine,
Perhaps send a ticket with the full logs. Please also list out your memory settings.
-
Hello Sunny
You are using a very old version of the software. You should upgrade to 2.5.1.1 and ensure your system meets minimum setup specs. Your 500 gig case should takes hours not days.
-
Hello,
Have you checked that you AV or Security package has not blocked the OCR part of the install? Can you check the Windows Event logs?
-
Hello all,
Due to the large amount of requests for information, we are posting our reply regarding the Apache Log4J vulnerability here, as opposed to individual support ticket replies.A critical vulnerability in the Apache Log4j framework was recently discovered and reported as CVE-2021-44228 [1].
Intella 2.5 and Intella Connect 2.5 do not use or depend on Apache Log4j. They are thus not affected by this vulnerability.
The logging frameworks that are used in our products (SLF4J [2], Logback [3]) have publicly stated that they are not vulnerable to this type of attack.
Intella and Intella Connect versions 2.1.1 to 2.4.2, and W4 1.1.2, bundle an older Log4j version (1.2.17) that predates this vulnerability. They are therefore also not affected by this vulnerability. Furthermore, this jar file came as a unnecessary dependency of other dependencies and was never used by our software. It is safe to replace the log4j-1.2.17.jar file with the log4j-over-slf4j-1.7.32.jar file that is bundled in Intella/Connect 2.5 [4]. This reroutes any call to the Log4j API to the SLF4J and Logback frameworks.
Finally, we ran the sample exploit code against our products and no vulnerability was detected.
We are therefore convinced that our products are not vulnerable to this exploit. We welcome any further information you may have if you believe the contrary.
Update - December 16, 2021
While Connect is not vulnerable to the Log4j vulnerability, we have released patches for Intella & Intella Connect versions 2.4.2 and 2.5 that ensure that the latest versions of the SLF4J and Logback logging libraries are used. It is highly recommended that you update now.
Footnotes
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
[2] http://www.slf4j.org/log4shell.html
[3] http://logback.qos.ch/
[4] https://repo1.maven.org/maven2/org/slf4j/log4j-over-slf4j/1.7.32/log4j-over-slf4j-1.7.32.jar -
Hello,
Have a look at the type facet for filtering by item type.
-
Hi Alongden,
When switching from an older version like 2.0 to 2.4.2 we strongly recommend the user takes the on demand training. This will help the appropriate person to understand the changes and how to get the most out of the new version. Upgrading without understanding the feature set can be problematic and can lose the benefits of the upgrade.
-
Can you tell us what version of Intella you are using? 2.4.2 is the latest version.
-
Are you using 2.4.2? If so please PM us your dongle ID>
-
Hi - We would be happy to do it but Magnet would need to agree. My suggestion is to ask Magnet to allow this to happen.
-
Hi,
We did offer to do this some time ago. However it was not successful.
Do let us know the artifacts. Perhaps we can add to W4? -
Beta Testers
in W4
If you were one of our beta testers on W4 thank you!. Please contact us so we can give you a free copy of the official release as a thank you.
-
Hi Any popup blockers or cookie blockers?
-
Do let us know if you want to be one of the first to try the new W4 features.W4 1.1.0 Release Highlights
Highlights
· Added recipes functionality. Recipe is a mechanism to configure and run searches based on common case types. W4 comes with several pre-configured recipes that allow to investigate some common cases in one click (such as IP Theft).
· Added new categories (used in default recipes):
o Emails and email attachments sent to personal accounts
o Chat attachments and file transfers.
o Common websites: webmail, social media, cloud usage, productivity.
o Network share access.
o Printed documents.
o Last day, last week and odd hours activity.
· Triage features:
o W4 is now available as a portable app that can be run on any PC without installation.
o W4 comes with an embedded software license that is valid for 1 year after the release date.
o Added indexing a live running system (local physical or logical drive).
o Added optional automatic RAM capture on startup.
o Added an option to specify the exact categories that need to be processed. That allows to perform a quick scan.
o Added search profiles. It allows to export all case settings to a template that can later be re-used in a new case. That includes preferences, keyword and hash lists, recipes, source settings, tags, reports.
o Added triage launcher that allows to index a new PC in one click based on a pre-configured case template.
o Added Acquisition tab which allows to acquire evidence. Supported evidence types:
§ Memory (RAM)
§ Physical and logical disks (E01, DD or AFF4)
§ Folders (ZIP with preserved locations and timestamps)
§ Common system files (ZIP with preserved locations and timestamps)
· Added hash lists support (DeNISTing).
· Thumbnails view improvements: Deduplication, Size filter, Sorting, Thumbnail size.
· Added indexing AFF4 disk images.
· Added indexing volume shadow copies.
· Added indexing Window 10 timeline.
· Added indexing MRU items (recent documents).
· Extended keyword list functionality that allows to specify:
o Where to search: file name only, metadata or metadata and text.
o Which categories to search in. For example, it will allow to search in browser history only.
For access to the beta please reply to this thread.
-
We are looking to have our new version of W4 tested by our community. We have added a few featured that have been requested.
A few of the highlights.
W4 will run from a USB in portable mode.
Will create images
Case based templates we are calling recipes.
Do let us know if you have time to test. -
HI Paolo,
Was this with 2.3?
-
Brad,
Please see the 2.3.1 Connect user manual for these detail. Also note the sections on memory management and configuration as they are just as important.
-
Dear All,
Important notice: Note that we will be moving to a new support system within the next month. For security reasons you will need to create a new account and password to use on the new support system. More details will be provided in due course.
-
Please ensure you are using Connect 2.3.
-
Hello Delson,
Error 33 is always caused by the HASP driver being blocked by an antivirus program. We know Cylance, Comodo and AVG get this wrong. It is very poor house keeping from these AV companies. If you are using these AV's you need to turn them off during install and white-list the Intella folders before turning them on again . Similarly if you are getting the error 33 during install, then reinstall with your AV/Security switched off.
-
2.3 Release
Installers for Intella 2.3 and W4 will be available early next week (23-24 July). We are making a small change to the Flux capacitor before final release. -
At 47GB Intella will take a long time recovering deleted. Was this a natural PST (made by Outlook) of a PST exported by a program?
Scripting help and discussion always welcome.
in Scripts
Posted
Hi all,
Over the last months, several users have automated many tasks using the new Scripting feature of Intella. I hope we can create a place for collaboration among our more experienced users to pass on their successes with Scripting to the broader community. We have created this section of our community forum.
If you are working on Scripts, please post your question here, and Vound will assist wherever possible.