RE: Forensics on Terminal Server Client Nov 10 2007 08:28PM
Mike Theriault (Mike_Theriault Jabil com) (1 replies)
Re: Forensics on Terminal Server Client Nov 13 2007 04:59PM
TheGesus (thegesus gmail com)
If you dump one of the *.bmc files it's pretty obvious from the number
of repeating byte patterns that it's not compressed (or encrypted).

And if you compress one of the files, it will compress nicely, which
is a fairly good indicator that they're not compressed to begin with.

On Nov 10, 2007 3:28 PM, Mike Theriault <Mike_Theriault (at) jabil (dot) com [email concealed]> wrote:
> It's probably compressed so in that case you probably wont find any header information.
> Mike Theriault
> Security Enginer

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus