lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030422120116.A18112@Megaglobal.net>
From: mike at megaglobal.net (Michael)
Subject: Break-in discovery and forensics tools

>>> pauls@...allas.edu wrote a 1.1KB message. i replied ................................
> I've been tasked with putting together a CD of tools that can be used
> for analysis of hacked machines.  These would be both tools that can
> determine if a program is trojaned or a file has been altered as well as
> tools that could be used to save forensics data for possible
> prosecution.

Check out FIRE (which used to be called biatchux)..
Maybe that will save you some time..
http://fire.dmzs.com/

-M.


> 
> Other than Dan and Wietse's TCT, what tools do you think should be
> included?
> 
> I envision this CD as having several directories, each one being for a
> particular platform (Windows, RedHat, Solaris, HP-UX, etc.).  In those
> directories would be versions of TCT compiled for that platform and
> utilities such as ls, ps, file, ifconfig, strings, etc.  Possibly also a
> file with MD5 checksums for OS files that are commonly altered.
> 
> If you were starting from a blank slate, what would you think are the
> must have tools for this CD?  How would you set it up?
> 
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 

--
 Michael Jastremski  | Network Engineer
 Megaglobal Networks | Megaglobal.net
 Open Photo Project  | Openphoto.net
 West Philadelphia   | Westphila.net


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ