[TOOL] Live View - VMWare and Forensics Join Forces

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -



Live View - VMWare and Forensics Join Forces
------------------------------------------------------------------------


SUMMARY



DETAILS

Live View is a Java-based graphical forensics tool that creates a VMware
virtual machine out of a raw (dd-style) disk image or physical disk. This
allows the forensic examiner to "boot up" the image or disk and gain an
interactive, user-level perspective of the environment, all without
modifying the underlying image or disk. Because all changes made to the
disk are written to a separate file, the examiner can instantly revert all
of his or her changes back to the original pristine state of the disk. The
end result is that one need not create extra "throw away" copies of the
disk or image to create the virtual machine.


ADDITIONAL INFORMATION

The information has been provided by Carnegie Mellon University.
To keep updated with the tool visit the project's homepage at:
<http://liveview.sourceforge.net/> http://liveview.sourceforge.net/



========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • [NEWS] Raidsonic NAS-4220 Crypt Disk Key Leak
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... NAS-4220-B offers disk encryption through it's web interface. ... NAS-4220 and reading the value from the unencrypted partition. ...
    (Securiteam)
  • [TOOL] TrueCrypt - Open-Source Disk Encryption Software
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... TrueCrypt is on-the-fly disk encryption software that can create a virtual ...
    (Securiteam)
  • [NT] DriveCrypt Security Model Bypass and Incorrect BIOS API Usage
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... DriveCrypt Security Model Bypass and Incorrect BIOS API Usage ... a RAM structure called the BIOS Keyboard buffer inside the BIOS Data Area. ... keyboard buffer in spite of the full disk encryption. ...
    (Securiteam)
  • [TOOL] Fast SYN Scanner (libnet, libpcap)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... struct bpf_program cfilter; ... const unsigned char *packet; ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • [TOOL] P0f - Passive OS Fingerprinting Tool
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Machines that connect to your box, ... Official SYN+ACK fingerprinting support ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)