What I appreciate about this article over at RedHat (as I read):
1. This guy clearly will bounce between operating systems. He mentions “MSYS” (http://www.mingw.org/download.shtml) which also should be in one’s bag of tricks with cygwin.
2. He is willing to consider some old 8086 machines and dot-matrix printers as potential time-saving tools.
3. He mentions the Penguin Sleuthkit, which looks great as a forensic tool. It is incredibly important to use tools which protect the integrity of the scene — there can be no question of tampering with anything. This kit looks like it has the tools one would need to do a rapid look-over.