lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0304220847530.139081864@somehost.domainz.com>
From: devon at lithiumnode.com (Timmah)
Subject: Break-in discovery and forensics tools

I carry around a case with http://fire.dmzs.com and floppies with bios
cracking tools and boot disks for replacing admin/root passwords on every
OS.  A copy EnCase on a forensics station doesn't hurt either
http://www.guidancesoftware.com/products/software/encaseforensic/index.shtm

... are you wanting open source tools only?  If so, the above-mentioned
Fire is a project to watch closely.

[t]

On Tue, 22 Apr 2003, Schmehl, Paul L wrote:

> I've been tasked with putting together a CD of tools that can be used
> for analysis of hacked machines.  These would be both tools that can
> determine if a program is trojaned or a file has been altered as well as
> tools that could be used to save forensics data for possible
> prosecution.
>
> Other than Dan and Wietse's TCT, what tools do you think should be
> included?
>
> I envision this CD as having several directories, each one being for a
> particular platform (Windows, RedHat, Solaris, HP-UX, etc.).  In those
> directories would be versions of TCT compiled for that platform and
> utilities such as ls, ps, file, ifconfig, strings, etc.  Possibly also a
> file with MD5 checksums for OS files that are commonly altered.
>
> If you were starting from a blank slate, what would you think are the
> must have tools for this CD?  How would you set it up?
>
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ