lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 01 Jun 2006 19:22:03 +0200
From: Arne Vidstrom <arne.vidstrom@...ecurity.nu>
To: bugtraq@...urityfocus.com
Subject: Forensic memory dumping intricacies - PhysicalMemory, DD, and caching
 issues


Summary:

Memory dumping tools that use the PhysicalMemory device in Windows XP 
can be blocked by allocating memory buffers with special memory types. 
In older versions of Windows the tools instead could possibly cause 
cache incoherence with some processor types, or other adverse side 
effects. The problem can also occur on a system that has not been 
manipulated at all by any attacker. One *example* of an affected tool is 
DD from the Forensic Acquisition Utilities.

Full text:

http://ntsecurity.nu/onmymind/2006/2006-06-01.html

Regards /Arne Vidstrom

http://ntsecurity.nu
http://vidstrom.net

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ