Security Basics mailing list archives

Re: toolkits

From: H Carvey <keydet89 () yahoo com>
Date: 24 Apr 2005 04:42:56 -0000

In-Reply-To: <4267C609.3050100 () eccotours dyndns org>

B) would anyone know of such toolkits for Windows.


Specifically, what are you looking for?  You've used several buzzwords in your post...

For host-based vulnerability scanning, you might start w/ MBSA.  I've used Perl-based tools to collect additional 
vulnerability information in the past.

For checksums, Tripwire, or Perl scripts using Jesse Kornblum's *deep tools would easily meet your needs.

To check for rootkits, SysInternals released Rootkit Revealer.  Also, I presented a Perl script called rkd.pl in my 
book that may be of use to you.

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com

Current thread:

toolkits Brent Clark (Apr 22)
- Mason Firewall Builder Scream (Apr 25)
- Re: toolkits Lars Bay (Apr 25)
  - Re: toolkits RichardR (Apr 26)
- Re: toolkits Mark Owen (Apr 25)
- <Possible follow-ups>
- RE: toolkits James M. Clark (Apr 25)
- Re: toolkits H Carvey (Apr 25)
- RE: toolkits Beauford, Jason (Apr 26)
- Re: toolkits H Carvey (Apr 27)
  - Re: toolkits Kevin Davis (Apr 29)