Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows Registry Analzyer

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 3 Mar 2005 19:39:45 -0000
"Eric Windisch" wrote in message news:1109872449.8117.25.camel@localhost...

Perhaps this is just the Unix user in me, but I ask:
How about just making a copy of the registry on boot (or at intervals)
and compare it to the last copy?

Note that the following example is untested, but should be mostly
accurate.


  No, it would be completely useless.  In case you didn't realise, the
registry is not an ASCII text file, it's megabytes of unintelligible binary
gibberish.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: