Full Disclosure mailing list archives
RE: Microsoft GhostBuster Opinions
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 18 Mar 2005 11:14:35 -0600
Dan wrote:
I agree that that this can be done currently with open source (or at least free) tools currently. Basically what GhostBuster was meant to do as far as I can tell, was to simply automate currently available tools. With Linux it would be simple to come up with a complety open source solution that would work great and could be easily downloaded as an ISO. I suppose this may be possible with Knoppix, but the whole captive needing to find an NTFS driver thing kind of slows the whole thing down. It seems that the best solution for a Windows tool would be to create a BartPE plugin that would do the trick.
Yep, BartPE plug-in would be sweet. Microsoft has a free file MD5 hash tool (http://support.microsoft.com/default.aspx?scid=kb;en-us;841290) that can be used to build MD5 hashes for the whole directory. Just need to write a BAT that takes a input Hash listing ( on-line ditry version) and compares it to the new hash listing (off-line clean version). Just a idea. Maybe this is what Microsoft is creating, just hiding all these steps in a new free tool - which is made of current free tools. Don't know. -Todd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- RE: Microsoft GhostBuster Opinions Todd Towles (Mar 18)
- Re: Microsoft GhostBuster Opinions Dave King (Mar 18)
- RE: Microsoft GhostBuster Opinions Ron DuFresne (Mar 18)
- <Possible follow-ups>
- RE: Microsoft GhostBuster Opinions Todd Towles (Mar 18)