PaulDotCom mailing list archives
Meterpreter as an Incident Response Tool
From: strandjs at gmail.com (John Strand)
Date: Mon, 21 Dec 2009 08:23:49 -0700
Ohhhh... We need to talk. I am writing a new class for SANS and this type of stuff is in the mix. John On Tue, Dec 15, 2009 at 7:59 AM, Butturini, Russell <Russell.Butturini at healthways.com> wrote:
Hi all, I wanted to see what the group?s feelings are on using Meterpreter in incident response.? Recently I had the opportunity to view a particular enterprise network forensics and incident response package.? Most of the functionality it brought to the table could be accomplished with a Meterpreter shell, launched using the psexec module included with Metasploit.? However, I would be concerned about this damaging the integrity of the environment from a forensics standpoint.? Any thoughts? Russell ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Meterpreter as an Incident Response Tool Butturini, Russell (Dec 15)
- Meterpreter as an Incident Response Tool John Strand (Dec 21)
- Meterpreter as an Incident Response Tool Butturini, Russell (Dec 21)
- Meterpreter as an Incident Response Tool John Strand (Dec 21)