Some of the freely available tools mentioned (helix bootdisk, autopsy, etc) are even taught as part of some forensics courses (SANS springs to mind). I personally use Forensic Toolkit by AccessData. It serves my purposes better than EnCase. One piece of advise that an instructor of mine gave me; the two most important tools you will ever need - a comfortable chair and a good monitor. Most forensics cases are interesting when explained after the fact in short story form, but the reality is that a lot of very painstaking (aka tedious) work goes into gathering evidence, using it to reconstruct events, and substantiating or disproving speculation.