Forensics
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Re: P2V - Live Forensics Feb 21 2011 06:55AM
paul ha cked net
I have had a very similar case.
If your network is fast enough i would suggest you do a live image using psexec, dd, netcat, and md5sum.

Obtain a shell on her box using psexec (use a domain admin account), mount a remote samba share under the context of that user, and then dd the PhysicalDisk as no...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus