Wednesday, April 29, 2009

litsupport summary for the week ending on 04/19/09

A lot of important and useful information is posted to litsupport each week. The following is a distilled summary, in the form of questions and answers.


Q. JD Edwards is often used for tasks such as accounting, labor and job tracking. Can one forensically get the data from it?
A
  • With any database application, SAP, JD Edwards, etc., you can usually forensically extract the data from behind the scenes. But then it takes an understanding of how that data is calculated, combined, represented, etc. with the interface in order to form opinions on what you are seeing.
  • The other option is to forensically capture the entire server. Then translate the forensic image into a VMWare session to run the server, log into JD Edwards and start your analysis, testing, etc.;
  • Experience proves that without some documentation on the table structure it can be a very daunting task to look at the backend database and make determinations as to what is going on. But through testing, observation and analysis it is possible to understand information in the database that may not be accessible through the interface, information such as the contents of "deleted" records, when transactions occurred, when they were modified, who did the modification, etc.;
  • It is incumbent upon the "requester" to request the data in whatever form it wants to receive the data.  You can hack the files, but don't do it.
This summary from the Litsupport Group postings created by the wonderful and talented members of the group has been culled by Mark Kerzner and edited by Aline Bernstein.

No comments: