Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


RE: Windows forensics with Linux analysis machine
.

  • To: [EMAIL PROTECTED], [EMAIL PROTECTED]
  • Subject: RE: Windows forensics with Linux analysis machine
  • From: "Brad Bemis" <[EMAIL PROTECTED]>
  • Date: Sat, 23 Aug 2003 23:31:59 -0700
  • Thread-index: AcNnev/f5X55cdcvS6u6lGesQ9KkHQCjev9Q
  • Thread-topic: Windows forensics with Linux analysis machine
.
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There have been lots of good recommendations, I even saw the standard
Knoppix distro mentioned.  I would add that the Knoppix-Security Tools
distribution is actually quite useful for this.  The creator of the distro
has even been kind enough to post a "how-to" for adding your own library of
security tool to the Knoppix distro.  Knoppix-STD will mount all of your
partitions (FAT and NTFS) automatically, and you can do whatever you need
to them with a number of tools from the CD.  http://www.knoppix-std.org/

  

Thank you for your time and attention,

=======================
Brad Bemis
Information Security Services
DHL/Airborne Express
(206) 830-3478
=======================
Email Notice: This communication may contain sensitive information. If you
are not the intended recipient, or believe that you have received this
communication in error; do not print, copy, retransmit, disseminate, or
otherwise use the information contained herein for any purpose. Please
alert the sender that you have received this message in error, and delete
the copy that you received.





> -----Original Message-----
> From: JJ [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, August 20, 2003 12:30 PM
> To: [EMAIL PROTECTED]
> Subject: Windows forensics with Linux analysis machine
> 
> 
> All,
> 
> I'm looking for good tools that will allow me to do a full 
> investigation of a Windows image using linux.  I'm looking at 
> Autopsy and Sleuthkit now.  Are there any other tools that 
> will allow me to do the full investigation (view registry 
> structures, undelete files, etc) under linux?
> 
> Thanks,
> JJ
> 
> ---------------------
> J. J. Horner
> CISSP,CCNA,CHSS,CHP
> 
> -----------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com
> 
> 
> 

-----BEGIN PGP SIGNATURE-----

iQA/AwUBP0hb35DnOfS48mrdEQKIIgCdE6kw0IS4omBXhc/cGzDQX9gQ12AAoJyv
ZvAabFNPkYaFyjoML319QBHC
=DIgw
-----END PGP SIGNATURE-----



-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.