Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Break-in discovery and forensics tools

From: "Golomb, Gary" <GGolomb () enterasys com>
Date: Wed, 23 Apr 2003 12:51:50 -0400

I've been tasked with putting together a CD of tools that can be used
for analysis of hacked machines.  These would be both tools that can
determine if a program is trojaned or a file has been altered as well

as

tools that could be used to save forensics data for possible
prosecution.



Talikser's network security tools website
(http://www.networkintrusion.co.uk/index.htm) has a list of such tools.

A list of 30-40 individual forensic-specific tools (or close to it) for
Windows and Unix can be found at:
http://www.networkintrusion.co.uk/fortools.htm

Complete toolkits (bootable and otherwise) are at:
http://www.networkintrusion.co.uk/fortoolkits.htm

If any have been left off, let me know!

-gary
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: