|
Security Incidents
mailing list archives
Re: Forensics CD (was: Re: Strange Folder
From: "Chet Uber" <chet.uber () cox net>
Date: Tue, 8 Oct 2002 00:32:20 -0500
REAL good suggestion! Any specific recommendations as to what should be
on the CD?
Jim
Neil Dickey wrote:
It's a good idea to have a kit of such tools on a read-only
CD in advance of an incident like this, so that you have
tools you know you can trust -- that haven't been trojanned
-- ready to use. It's rather like the instructions in a
snake-bite kit. You want to be familiar with them *before*
Mr. Snake has his way with you.
I think you would be very impressed with the SpareMe! Super CD found at
http://www.securityposture.com, which is based on the WG distribution from
Fred Cohen and Associates at http://www.all.net. It is specifically designed
for these tasks and is a mature distribution which includes wireless
support. We have a version with with the ForensiX toolkit and training CD as
well.
Regards,
Chet Uber
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
- Re: Strange Folder, (continued)
|
Intro
