Colapse all |
Post message
FW: ADFSL 2007 Conference on Digital Forensics, Security and Law 2007-03-19 Glenn Dardick (gdardick dardick net) ============================================================ ANNOUNCEMENT / SCHEDULE ADFSL 2007 CONFERENCE ON DIGITAL FORENSICS, SECURITY AND LAW ============================================================ We are pleased to announce our schedule for the 2nd annual ADFSL Conference on Digital Foren [ more ] [ reply ] CyberCrime Summit 2007-03-17 dave kleiman (dave davekleiman com) (1 replies) message-id formatting 2007-03-16 gdardick dardick net (2 replies) I am trying to find the format of mac.com message-ids. The following are examples of message-id's received in emails from mac.com. F39DF6D4-4C64-4C78-91E1-EB9EF83F492A (at) MAC (dot) COM [email concealed] 11DF7440-1BAC-4E05-9A6D-5F13C3DA7A53 (at) MAC (dot) COM [email concealed] Any ideas? [ more ] [ reply ] Re: message-id formatting 2007-03-19 Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies) Re: message-id formatting 2007-03-27 Simson Garfinkel (simsong acm org) (1 replies) Re: message-id formatting 2007-03-27 Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (1 replies) Protected partitions on USB drives (DCO/HPA?) 2007-03-02 Michael Smith (msmith eazimail com) Hi, I'm trying to examine a 256MB USB drive that has been protected using LockItEasy (www.cososys.com). The owner split the space into 2 equal chunks, one standard FAT16, the other encrypted using the utility. When I try to image this device it appears as only 128MB in size and what you get is the [ more ] [ reply ] Reading data from MYM and CPBackup? 2007-03-02 Peter Theobald (forensics TurtleCoveTech com) I have a case with data files from Managing Your Money V.8 for DOS. I cannot read these files as they are in a proprietary format. The software vendor, MECA, has been out of business for many years. I have tried reading them with MYM V12 for Windows, upgrading them with a program called Conv9, conve [ more ] [ reply ] You are invited to a forensic training workshop 2007-03-02 email strozllc com STROZ FRIEDBERG, LLC proudly presents DIGITAL FORENSICS IN THE ENTERPRISE SAVE-THE-DATE! Three-Day Training Workshop Stroz Friedberg, a national consulting and technical services firm specializing in digital forensics, cybercrime response, data preservation and analysis, and corporate investigat [ more ] [ reply ] World's Largest Steganography Application Hash Set - Free for Law Enforcement 2007-02-26 Chad W. Davis (chad davis backbonesecurity com) Backbone Security's Steganography Analysis and Research Center (SARC) is pleased to announce the release of version 3.0 of SAFDB. With the fingerprints, or hash values, of every file artifact associated with 625 steganography applications, SAFDB is the world's largest commercially available hash set [ more ] [ reply ] Call for Reviewers: AMCIS 2007 Mini-Track: Digital Forensics and its Role in Security, Law and Accounting 2007-02-25 Glenn Dardick (gdardick dardick net) WE ARE CURRENTLY SEEKING REVIEWERS for the 2007 AMCIS mini-track - Digital Forensics and its Role in Security, Law and Accounting. Information is as follows: ------------------------------------------------------------------------ - To register as a reviewer, please visit the registration site a [ more ] [ reply ] CFP: AMCIS 2007 Mini-Track: Digital Forensics and its Role in Security, Law and Accounting 2007-02-25 Glenn Dardick (gdardick dardick net) AMCIS 2007 Colorado: http://www.biz.colostate.edu/amcis07/ TRACK: Security & Privacy MINI-TRACK: Digital Forensics and its Role in Security, Law and Accounting DATES: August 9-12, 2007 LOCATION: Keystone, Colorado, USA ------------------------------------------------------------------------ - Papers [ more ] [ reply ] RE: vmware converter 2007-02-23 Matt Steer (Matt Steer marstons co uk) A great Program for mounting raw images is VDK. You can find this at http://chitchat.at.infoseek.co.jp/vmware/vdk.html Not sure on the implications of the forensics side of things though so you'll have to look into that. Hope this helps Matt Steer IT Service Desk Advisor ( x1527 È 0787530736 [ more ] [ reply ] IEEE 1394 (FireWire) Memory Imaging 2007-02-22 Tim (tim-forensics sentinelchicken org) (2 replies) Hello, I recently came across a fantastic (and alarming) tool kit for reading systems' memory over firewire: http://www.storm.net.nz/projects/16 I just used it to dump memory off of my laptop while booted to both Windows XP and Linux. I'm kinda surprised that this vulnerability hasn't been addr [ more ] [ reply ] Re: IEEE 1394 (FireWire) Memory Imaging 2007-02-23 Christophe Monniez (d-fence swing be) (1 replies) Rootkit Profiler LX 2007-02-20 Tobias Klein (tk trapkit de) Hi all, I'd like to announce the availability of a new kernel rootkit detection toolkit for Linux called Rootkit Profiler LX (RKProfiler LX). RKProfiler LX is divided into two parts: a data collection component called "Rootkit Profiler Module" (RKPmod) and a data interpretation component called " [ more ] [ reply ] dcfldd Records In/Out vs. Written 2007-02-15 Ackley, Ray (R.J.) (rackley ford com) (1 replies) Can anyone explain what the difference is between Records In/Out and Records Written in dcfldd? If I'm doing a dcfldd with bs=512 on a hard drive with X number of sectors, the Records In/Out is X - the same number of sectors the hard drive has. However, the number of records *written* is always le [ more ] [ reply ] |
Privacy Statement |
I just released new versions of these tools, and thought some of you
might be interested.
RegLookup[1] allows one to dump a Windows (NT+) registry from Unix
systems. It also supports some limited querying based on path and data
type, and can output useful metainformation such as key mtimes
[ more ] [ reply ]