Educause Security Discussion mailing list archives
Re: Use of Rapier / RPier
From: Guy Pace <gpace () SBCTC EDU>
Date: Fri, 17 Jul 2009 09:33:54 -0700
Yes, RAPIER is a good tool and useful. Based on Russ McRee's tutorials (from the 2007 ISSA Journal -- http://holisticinfosec.org/toolsmith/docs/february2007.pdf) available online, you can set up the tool suite on a USB. It should function on any Windows XP or Vista 32-bit platform, as far as I've been able to determine. I haven't tried it on a 64-bit Windows, but I suspect some parts may work and some parts may not. Yes, there are a few files missing from the code site. Look in the required files text file to ferret out what you still need Google to find the rest. McRee's tutorial provides some additional information. There hasn't been a lot of work done on the product since 3.2, as you can see, since 2007 and the links in the Google code site for Intel and the development group go nowhere now. Some of the missing files are being maintained elsewhere and have been improved since then. I recommend reading Russ' article. It provides a practical solution using RAPIER and the tool is viable until the whole world goes 64-bit. Guy L. Pace, CISSP Security Administrator Information Technology Division WA State Board for Community and Technical Colleges (SBCTC) 3101 Northup Way, Suite 100 Bellevue, WA 98004 425-803-9724 gpace () sbctc edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James Moore Sent: Friday, July 17, 2009 9:05 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Use of Rapier / RPier I didn't have a chance to look at Rapier until recently. And, as is often the case, the opportunity to learn new tools comes from a need, where things in my existing toolbox don't quite fit. Is there a place it is being maintained other than http://code.google.com/p/rapier/, or does it still work pretty well (and on which versions of Windows). The package on code.google.com shows that it is missing files when run. What does that mean, from a practical view, from people who use rapier? I am ignoring those things for now. But I wonder if Rapier is worth learning, or if I should look for a better live incident response tool that gathers some initial stats. (And is there one?) Jim - - - - Jim Moore, CISSP, IAM Senior Information Security Forensic Investigator Rochester Institute of Technology 151 Lomb Memorial Drive Rochester, NY 14623-5603 (585) 475-5406 (office) (585) 255-0809 (Cell - Incident Reporting & Emergencies) (585) 475-7920 (fax) If you consciously try to thwart opponents, you are already late. Miyamoto Musashi, Japanese philosopher/samurai, 1645 Risk comes from not knowing what you're doing. -Warren Buffet CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information
Current thread:
- Use of Rapier / RPier James Moore (Jul 17)
- <Possible follow-ups>
- Re: Use of Rapier / RPier Guy Pace (Jul 17)
- Re: Use of Rapier / RPier Zach Jansen (Jul 17)
- Re: Use of Rapier / RPier Gargac. Jeff (Jul 18)