Forensics Mode:
(Page 7 of 84)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >
TOOLS: RegLookup and GrokEVT 2007-03-29
Tim (tim-forensics sentinelchicken org)
Hello,

I just released new versions of these tools, and thought some of you
might be interested.

RegLookup[1] allows one to dump a Windows (NT+) registry from Unix
systems. It also supports some limited querying based on path and data
type, and can output useful metainformation such as key mtimes

[ more ]  [ reply ]
Re: Re: message-id formatting 2007-03-29
qingchen_tj hotmail com
May gdarkdick want to know the encoding method used, am I right?

[ more ]  [ reply ]
FW: ADFSL 2007 Conference on Digital Forensics, Security and Law 2007-03-19
Glenn Dardick (gdardick dardick net)
============================================================
ANNOUNCEMENT / SCHEDULE
ADFSL 2007 CONFERENCE ON DIGITAL FORENSICS, SECURITY AND LAW
============================================================

We are pleased to announce our schedule for the 2nd annual ADFSL Conference on Digital Foren

[ more ]  [ reply ]
CyberCrime Summit 2007-03-17
dave kleiman (dave davekleiman com) (1 replies)
Mar. 19 - 23, 2007
CyberCrime Institute
3333 George Busbee Drive
Kennesaw, GA 30144

http://www.cybercrimesummit.com/schedule/SCHEDULE.HTM

Respectfully,

Dave Kleiman - http://www.davekleiman.com/about.php

[ more ]  [ reply ]
RE: CyberCrime Summit - Follow-up 2007-03-29
dave kleiman (dave davekleiman com)
message-id formatting 2007-03-16
gdardick dardick net (2 replies)
I am trying to find the format of mac.com message-ids. The following are examples of message-id's received in emails from mac.com.

F39DF6D4-4C64-4C78-91E1-EB9EF83F492A (at) MAC (dot) COM [email concealed]
11DF7440-1BAC-4E05-9A6D-5F13C3DA7A53 (at) MAC (dot) COM [email concealed]

Any ideas?

[ more ]  [ reply ]
Re: message-id formatting 2007-03-27
Alexander Klink (alexander klink name)
Re: message-id formatting 2007-03-19
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)
Re: message-id formatting 2007-03-27
Simson Garfinkel (simsong acm org) (1 replies)
Re: message-id formatting 2007-03-27
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies)
RE: message-id formatting 2007-03-29
Navroz Shariff (nshariff americanbible org)
Protected partitions on USB drives (DCO/HPA?) 2007-03-02
Michael Smith (msmith eazimail com)
Hi,

I'm trying to examine a 256MB USB drive that has been protected using
LockItEasy (www.cososys.com). The owner split the space into 2
equal chunks, one standard FAT16, the other encrypted using the utility.
When I try to image this device it appears as only 128MB in size and
what you get is the

[ more ]  [ reply ]
Reading data from MYM and CPBackup? 2007-03-02
Peter Theobald (forensics TurtleCoveTech com)
I have a case with data files from Managing Your Money V.8 for DOS. I cannot read these files as they are in a proprietary format. The software vendor, MECA, has been out of business for many years. I have tried reading them with MYM V12 for Windows, upgrading them with a program called Conv9, conve

[ more ]  [ reply ]
You are invited to a forensic training workshop 2007-03-02
email strozllc com
STROZ FRIEDBERG, LLC
proudly presents
DIGITAL FORENSICS IN THE ENTERPRISE

SAVE-THE-DATE!
Three-Day Training Workshop

Stroz Friedberg, a national consulting and technical services firm specializing in digital forensics, cybercrime response, data preservation and analysis, and corporate investigat

[ more ]  [ reply ]
World's Largest Steganography Application Hash Set - Free for Law Enforcement 2007-02-26
Chad W. Davis (chad davis backbonesecurity com)
Backbone Security's Steganography Analysis and Research Center (SARC) is
pleased to announce the release of version 3.0 of SAFDB. With the
fingerprints, or hash values, of every file artifact associated with 625
steganography applications, SAFDB is the world's largest commercially
available hash set

[ more ]  [ reply ]
Call for Reviewers: AMCIS 2007 Mini-Track: Digital Forensics and its Role in Security, Law and Accounting 2007-02-25
Glenn Dardick (gdardick dardick net)
WE ARE CURRENTLY SEEKING REVIEWERS for the 2007 AMCIS mini-track -
Digital Forensics and its Role in Security, Law and Accounting.

Information is as follows:

------------------------------------------------------------------------

-
To register as a reviewer, please visit the registration site a

[ more ]  [ reply ]
CFP: AMCIS 2007 Mini-Track: Digital Forensics and its Role in Security, Law and Accounting 2007-02-25
Glenn Dardick (gdardick dardick net)
AMCIS 2007 Colorado: http://www.biz.colostate.edu/amcis07/
TRACK: Security & Privacy
MINI-TRACK: Digital Forensics and its Role in Security, Law and
Accounting
DATES: August 9-12, 2007
LOCATION: Keystone, Colorado, USA
------------------------------------------------------------------------

-
Papers

[ more ]  [ reply ]
RE: vmware converter 2007-02-23
Matt Steer (Matt Steer marstons co uk)
A great Program for mounting raw images is VDK. You can find this at

http://chitchat.at.infoseek.co.jp/vmware/vdk.html

Not sure on the implications of the forensics side of things though so you'll have to look into that.

Hope this helps

Matt Steer
IT Service Desk Advisor
( x1527
È 0787530736

[ more ]  [ reply ]
IEEE 1394 (FireWire) Memory Imaging 2007-02-22
Tim (tim-forensics sentinelchicken org) (2 replies)
Hello,

I recently came across a fantastic (and alarming) tool kit for reading
systems' memory over firewire:
http://www.storm.net.nz/projects/16

I just used it to dump memory off of my laptop while booted to both
Windows XP and Linux. I'm kinda surprised that this vulnerability
hasn't been addr

[ more ]  [ reply ]
Re: IEEE 1394 (FireWire) Memory Imaging 2007-02-23
Christophe Monniez (d-fence swing be) (1 replies)
Re: IEEE 1394 (FireWire) Memory Imaging 2007-02-23
Tim (tim-forensics sentinelchicken org)
Re: IEEE 1394 (FireWire) Memory Imaging 2007-02-23
Valdis Kletnieks vt edu (1 replies)
Re: IEEE 1394 (FireWire) Memory Imaging 2007-02-23
Tim (tim-forensics sentinelchicken org)
Rootkit Profiler LX 2007-02-20
Tobias Klein (tk trapkit de)
Hi all,

I'd like to announce the availability of a new kernel rootkit detection toolkit for Linux called Rootkit Profiler LX (RKProfiler LX).

RKProfiler LX is divided into two parts: a data collection component called "Rootkit Profiler Module" (RKPmod) and a data interpretation component called "

[ more ]  [ reply ]
dcfldd Records In/Out vs. Written 2007-02-15
Ackley, Ray (R.J.) (rackley ford com) (1 replies)
Can anyone explain what the difference is between Records In/Out and
Records Written in dcfldd?

If I'm doing a dcfldd with bs=512 on a hard drive with X number of
sectors, the Records In/Out is X - the same number of sectors the hard
drive has. However, the number of records *written* is always le

[ more ]  [ reply ]
Re: dcfldd Records In/Out vs. Written 2007-02-20
farmerdude (subscribe crazytrain com)
(Page 7 of 84)  < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus