|
Eastwind is designed as an extensible tool to allow the operator to select the data, files, and logs for a particular mission. The pre-deployment setup is accomplished by simply selecting the desired function(s) from a pick list. The objective of Eastwind is to provide a non-technical operator with a capability to discreetly capture critical and potentially volatile data. This turn-key tool allows the data to be viewed immediately so action can be taken on time sensitive intelligence. Eastwind appeals to a number of different operators performing different types of missions. In some instances access to a target computer is only possible or plausible for a very short period of time. This tool allows the operator to access and extract critical data within a few minutes. Less demanding queries are completed in a number of seconds. The tool is also valuable in those instances where a seizure of the computer is going to take place. Eastwind allows operators to take a snapshot of the system to look for information that may not be actionable by the time a full forensic examination takes place. It also provides a copy of critical information in case the computer is damage during shipment or a wipe drive program is in place. |
||||||||||||||
Eastwind provides
operators with a tactical advantage when encountering personal computers in the
field. In those instances where seizure and examination of the computer is not
possible or plausible, Eastwind allows operators untrained in this type of data
acquisition the ability to quickly and discreetly obtain a vast array of
critical and valuable intelligence data. Eastwind operates from a specially
configured USB thumb drive. The driving force behind this project was to create
a tool that was small, quick, and easy to use that would collect, parse, and
display data in a user friendly format that would provide operators and
analysts with actionable intelligence. 
