RE: tools used to examine a computer

["Trevor Cushen" <Trevor.Cushen () sysnet ie>]

My head is clearly not right these days.  I forgot to add this to my
last email.  HC asked about viewing binary files such as registry.  What
I wanted to add was this tool
http://www.evadenet.com/downloads/lophtcrack.shtml

Which you could use to access the sam file.


Trevor Cushen
Sysnet Ltd

www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499



-----Original Message-----
From: H C [mailto:keydet89 () yahoo com] 
Sent: 25 February 2003 13:49
To: security-basics () securityfocus com
Subject: RE: tools used to examine a computer


As Trevor pointed out, files such as this one provide
quite a bit of detail regarding setting all of this
up:

http://www.rajeevnet.com/hacks_hints/os_clone/os_cloning.html

> Go to www.sysinternals.com and get the Unix Utils
which 
> will include dd and netcat for Windows

SysInternals?  Could you provide a more explicit link?
 I'm pretty familiar w/ the SysInternals site, and I'm
even looking there now...and I can't find these Unix
Utils you're mentioning.

> Now when you cd into the /NTPartition directory you
> will see all the files from your NT machine.  Yes
> inclusing the sam files etc.

Now, the big question is...once you've got all of
these files on the Linux system, what tools do you use
to view the contents of some of the binary
files...such as the Registry?




__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/


**************************************************************************************

This email and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. 

If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster () sysnet ie

**************************************************************************************