RE: [Full-Disclosure] Break-in discovery and forensics tools

From: Golomb, Gary (GGolomb@enterasys.com)
Date: 04/23/03

  • Next message: badpack3t: "Re: [Full-Disclosure] Secunia Research: Xeneo Web Server URL Encoding Denial of Service"
    From: "Golomb, Gary" <GGolomb@enterasys.com>
    To: "Schmehl, Paul L" <pauls@utdallas.edu>, <full-disclosure@lists.netsys.com>
    Date: Wed, 23 Apr 2003 12:51:50 -0400
    

    >
    > I've been tasked with putting together a CD of tools that can be used
    > for analysis of hacked machines. These would be both tools that can
    > determine if a program is trojaned or a file has been altered as well
    as
    > tools that could be used to save forensics data for possible
    > prosecution.
    >

    Talikser's network security tools website
    (http://www.networkintrusion.co.uk/index.htm) has a list of such tools.

    A list of 30-40 individual forensic-specific tools (or close to it) for
    Windows and Unix can be found at:
    http://www.networkintrusion.co.uk/fortools.htm

    Complete toolkits (bootable and otherwise) are at:
    http://www.networkintrusion.co.uk/fortoolkits.htm

    If any have been left off, let me know!

    -gary
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: badpack3t: "Re: [Full-Disclosure] Secunia Research: Xeneo Web Server URL Encoding Denial of Service"