I have no doubt that this is nothing new to most folks out there. What I'm interested in hearing is (a) about how others have used this directory, and (b) if the contents of the blog entry make sense.
Thanks,
H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
All,
I recently blogged on the XP Prefetcher, with an eye toward the forensic value of the directory:
http://windowsir.blogspot.com/2005/03/what-is-prefetcher.html
I have no doubt that this is nothing new to most folks out there. What I'm interested in hearing is (a) about how others have used this directory, and (b) if the contents of the blog entry make sense.
Thanks,
H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]