skip navigation
National Criminal Justice Reference Service
Login | Subscribe/Register | Manage Account | Shopping Cartshopping cart icon | Help | Contact Us | Home     
National Criminal Justice Reference Service
  Advanced Search
Search Help		     
| | | | |
place holder
Administered by the Office of Justice Programs U.S. Department of Justice Office of Justice Programs Seal National Criminal Justice Reference Service National Criminal Justice Reference Service Office of Justice Programs Seal National Criminal Justice Reference Service
Topics
A-Z Topics
Corrections
Courts
Crime
Crime Prevention
Drugs
Justice System
Juvenile Justice
Law Enforcement
Victims
Left Nav Bottom Line
Home / NCJRS Abstract

Publications
 

NCJRS Abstract

The document referenced below is part of the NCJRS Library collection.
To conduct further searches of the collection, visit the NCJRS Abstracts Database.

How to Obtain Documents
 
NCJ Number: NCJ 220222   Add to Shopping cart
Title: ACES Software Write Block Tool Test Report: Writeblocker Windows XP V6.10.0
Corporate Author: National Institute of Standards and Technology (NIST)
United States
Sponsoring Agency: US Dept of Justice
National Institute of Justice
United States
Sale: National Institute of Justice/NCJRS
Box 6000
Rockville, MD 20849
United States
Agency Summary Url: Agency Summary 
Document Url: PDF 
Publication Date: 01/2008
Pages: 156
Type: Tests/measurements
Origin: United States
Language: English
Grant No.: 2003-IJ-R-029
Note: NIJ Special Report; downloaded August 26, 2008.
Annotation: This document reports test results for Writeblocker XP, Version 6.10.0, which is designed to block all attempts to write to a protected drive by commands issued from common operating system tools and from the widely used forensic tools FTK and EnCase.
Abstract: Test results show that the tool failed to block some test commands from the protected categories that were sent to protected drives, but no changes to the protected drives were observed. The tool did not alter or block test commands from any nonprotected category that were sent to protected or unprotected drives. The tool did not alter or block any test commands sent to unprotected drives. Writeblocker XP V6.10.0 consists of two kernel model device drivers NTWBFS and NTWBPM, as well as a user mode GUI control application. The NTWBFS driver is a file system filter driver that filters file system calls, and the NTWBPM driver is a physical device filter that filters hardware I/O requests. Of the two kernel model drivers, the NTWBPM driver was tested directly by test cases SWB-01 through SWB-24. Test cases SWB-25 through SWB-30 tested the ability of both components, working together, to protect a hard drive. The methodology and results of each test case are presented in this report. All testing was conducted in accordance with the SCES Software Write Block Tool Specification & Test Plan Version 1.0, which can be found on the Web site of the Computer Forensics Tool Testing program. Data tables are provided for each test.
Main Term(s): Computer crime prevention measures
Index Term(s): Data security ; Computer privacy and security ; Computer software ; NIJ grant-related documents
 
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/Publications/abstract.aspx?ID=242022

* A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's web site is provided.


Contact Us | Feedback | Site Map
Freedom of Information Act | Privacy Statement | Legal Policies and Disclaimers | USA.gov

U.S. Department of Justice | Office of Justice Programs | Office of National Drug Control Policy

place holder