Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Light forensics
From: "Alonso Caballero Quezada / ReYDeS" <reydes () gmail com>
Date: Wed, 6 Jan 2010 20:33:38 -0500


On Tue, Jan 5, 2010 at 9:08 AM, Eduardo Sierra <esierr4 () gmail com> wrote:

We had a security incident, and i'm doing a "light" forensics.

  Define please "light" forensics.

Is there a log you can check to see IP Address Changes in a Windows XP Box?
Any good free tool to undelete files?

  Hmm, The Windows registry store this information.

  About a good tool. A "Free" in Windows maybe "FTK Imager"

Many thanks,

  No problem.


Alonso Eduardo Caballero Quezada aka ReYDeS - ReYDeS () gmail com
Brainbench Certified Computer Forensics (U.S.) - SSP-CNSA
www.ReYDeS.com - www.PeruSEC.org - www.npros.com.pe - LRU #307242

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]