Forensics Mode:
(Page 18 of 84)  < Prev  13 14 15 16 17 18 19 20 21 22 23  Next >
DFRWS 2006 CFP 2006-01-20
Brian Carrier (carrier cerias purdue edu)
[Note the earlier submission deadline this year. We need more time
to get the proceedings printed for the conference date.]

Call for Papers

The 6th Annual
Digital Forensic Research Workshop
(DFRWS

[ more ]  [ reply ]
sata adapter that works for IDE Digital Intel Ultrablock 2006-01-18
joe schwerha com (2 replies)
I recently purchased an Ultrablock IDE from Digital Intel. I got different answers from their reps on whether any IDE to SATA adapters will work. I'm assuming an adapter would not be as fast as their separate SATA solution; but, I don't want to buy both for now if I can avoid it. Has anyone done t

[ more ]  [ reply ]
RE: sata adapter that works for IDE Digital Intel Ultrablock 2006-01-20
Steve Hickey (steve22 Comporium net)
Re: sata adapter that works for IDE Digital Intel Ultrablock 2006-01-19
Robert Reed (rreed567 earthlink net)
REVIEW: "Rootkits", Greg Hoglund/James Butler 2006-01-09
Rob, grandpa of Ryan, Trevor, Devon & Hannah (rMslade shaw ca)
BKROOTKT.RVW 20051023

"Rootkits", Greg Hoglund/James Butler, 2006, 0-321-29431-9,
U$44.99/C$62.99
%A Greg Hoglund
%A James Butler
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%D 2006
%G 0-321-29431-9
%I Addison-Wesley Publishing Co.
%O U$44.99/C$62.99 416-447

[ more ]  [ reply ]
RECON2006 - Call for paper 2006-01-06
Hugo Fortier (hfortier recon cx)
RECON 2006 - Call for papers - 06/01/06
Montreal, Quebec, Canada
16 - 18 June 2006

We are pleased to announce the second annual RECON conference, which
will take place in Montreal from the 16th to the 18th of June 2006.

We are looking for original technical presentations, in the fields o

[ more ]  [ reply ]
Re: Reiserfs Version 3 Forensics 2006-01-05
scottt turnbull hopto org
Depending on the fragmentation of the image, foremost should be able to recover a lot of the 'obvious' data. If its a big drive it will take a while, and can produce lots and lots of data. So make sure you have plenty of drive space.

The only thing is, formost will not differentiate between intac

[ more ]  [ reply ]
New Tool : Unhide 2006-01-05
YJesus (yjesus security-projects com)
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
rootkits / LKMs or by another hidden technique.

// Unhide (ps)

Detecting hidden processes. Implements three techniques

·Compare /proc vs /bin/ps output

·Compare info gathered from /bin/ps with info gathered from syscalls (s

[ more ]  [ reply ]
New Tool : Unhide 2005-12-31
YJesus (yjesus security-projects com)
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
rootkits / LKMs or by another hidden technique.

// Unhide (ps)

Detecting hidden processes. Implements three techniques

·Compare /proc vs /bin/ps output

·Compare info gathered from /bin/ps with info gathered from syscalls (s

[ more ]  [ reply ]
Jesse Kornblum Interviewed on CyberSpeak Podcast 2006-01-02
cyberspeak (cyberspeak gmail com)
Jesse Kornblum Interviewed on CyberSpeak Podcast

On the December 31, 2005 episode of CyberSpeak, Jesse Kornblum was
interviewed about his work with open source forensic tools. Mr.
Kornblum is the author of open source tools such as md5deep and
foremost. He gives insight into ways that users of ope

[ more ]  [ reply ]
Reiserfs Version 3 Forensics 2005-12-29
Steve Bonds (njhy5rd02 sneakemail com) (3 replies)
Does anyone know of a linux-based tool that works with Reiserfs
Version 3? Normally I would use The Sleuth Kit/Autopsy, however it
doesn't appear that they support Reiserfs V3.

I found this on the Sleuth Kit mailing list showing the lack of
Reiserfs support:
http://sourceforge.net/mailarchive/mess

[ more ]  [ reply ]
Re: Reiserfs Version 3 Forensics 2005-12-31
Chris Umphress (umphress gmail com)
Re: Reiserfs Version 3 Forensics 2006-01-03
Steve Bonds (njhy5rd02 sneakemail com) (1 replies)
Re: Reiserfs Version 3 Forensics 2006-01-04
Ryan B. Lynch (rlynch bway net)
Re: Reiserfs Version 3 Forensics 2006-01-03
subscribe (subscribe crazytrain com)
Open Source Forensic Tool Author Interviewed on CyberSpeak Podcast 2005-12-20
cyberspeak (cyberspeak gmail com)
Open Source Forensic Tool Author Interviewed on CyberSpeak Podcast

On the December 18, 2005 episode of CyberSpeak, Nicholas Harbour is
interviewed about his work with open source forensic tools. Mr.
Harbour is the author of several open source tools such as fatback,
dcfldd, and most recently tcpxt

[ more ]  [ reply ]
Undetectable backdoor - DETECTED 2005-12-08
Costin Manda (manda ecrmeurope com) (1 replies)

First of all I'd like to report that this mailing list is behaving
strangely. I get the same mail 3 or 4 times at different times and I get all
kind of messages like "Inbox full, couldn't send the message" or "I am out
of the city, I don't reply to emails" and stuff like that. I don't even hav

[ more ]  [ reply ]
Re: Undetectable backdoor - DETECTED 2005-12-11
Michael Cecil (macecil comcast net) (1 replies)
How to access Logitech Clicksmart 420 built-in memory? 2005-12-12
Willard Van Dyne (wvandyne hotpop com) (1 replies)
Re: How to access Logitech Clicksmart 420 built-in memory? 2005-12-13
Harry de Grote (harry cc kuleuven be)
Re: Why using fport if netstat -b does much more ? 2005-12-07
keydet89 yahoo com
The -b option, as pointed out, is non-standard. I did mention fport, but prefer openports.exe b/c (a) it's more portable, and (b) doesn't require admin rights.

Harlan

[ more ]  [ reply ]
Re: Undetectable backdoor! help 2005-12-07
x y cz (1 replies)
I had the same problem as you. First SpySheriff and then the strange winlogon behaviour (with manwithnoname.biz). I think I solved it with Spyware Doctor. I run fullsystem scan for several times, then also in safemode and the problem seems to dissapear. My firewall network activity watcher doesnt r

[ more ]  [ reply ]
Re: Undetectable backdoor! help 2005-12-08
Josh Tolley (eggyknap gmail com)
Re: RE: Undetectable backdoor! help 2005-12-06
mjmccarthy4 gmail com
If you know it is winlogon.exe that has the problem then boot from media other than your main drive and copy a new version of that file from the CD to your hard drive. You will probably want to make a backup of the file just in case and run your updates again afterwards.

[ more ]  [ reply ]
RE: Undetectable backdoor / Thread 2 2005-12-06
Navroz Shariff (nshariff americanbible org)
Using spyware/adware programs to try and remove the rootkit will in all
attempts be unsuccessfull as the rootkit resides between the lowest
level raw registry hive and the highest level Windows API. The rootkit
will evade from being revealed by modifying the output of the Windows
API and thus remove

[ more ]  [ reply ]
Re: Need for Registry references for forensic analysis 2005-12-06
Harlan Carvey (keydet89 yahoo com)
Peter,

thanks, but that is the Excel spreadsheet that I
created and posted off of my web site at
windows-ir.com.

Harlan

--- Peter Parker <peterparker (at) fastmail (dot) fm [email concealed]> wrote:

>
> Sending an excell sheet that I had got from... which
> forum I dont know!
> (with due credit to the author)
> I had used

[ more ]  [ reply ]
RE: Undetectable backdoor! help 2005-12-06
Greg Kelley (gkelley vestigeltd com)
Not saying you have to buy another computer. In fact, you probably just
want a 2nd clean HD to reinstall the OS on in your original computer.

I'm assuming you asked this question because you tried the normal apps
to check ports and track the port to a process and then to a file. That
is why I sug

[ more ]  [ reply ]
(Page 18 of 84)  < Prev  13 14 15 16 17 18 19 20 21 22 23  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus