PaulDotCom mailing list archives
Anti-forensic tools
From: cmerkel at gmail.com (Chris Merkel)
Date: Wed, 1 Jul 2009 19:07:31 -0700
Another thought - I hear that Firefox 3.5 now has a "private browsing" mode... How about seeing how private it really is? - Chris Merkel On Tue, Jun 30, 2009 at 6:14 PM, Adrian Crenshaw<irongeek at irongeek.com> wrote:
Hi all, ???? I'm planing another class for the local ISSA (and hope to get some Infragard and OWASP folks there). The topic this time is Anti-forensics. I plan to cover a few categories of tools: 0. Show simple tools to see what's been going on Places files are stored effect of hibernate and page file defrag issues (I assume this can leave remnants behind in slack space of files that defrag moved, so if ta defrag happened just before you wipe a file you may not really get all of the data) Filecarving with Photorec http://www.cgsecurity.org/wiki/PhotoRec 1. Selective track covering tools CCleaner? http://www.ccleaner.com/ CleanAfterMe http://nirsoft.net/utils/clean_after_me.html 2. Delete f***ing everything!!!/Nuke it from orbit, it's the only way to be sure Secure Erase http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml (Scott Moulton told me this uses built in ATA commands to wipe even bad sectors) DBAN http://www.dban.org/ 3. Encryption ?Truecrypt 4. System configs/don't leave traks in the first place Wipe swap file on shutdown Browsers and incognito mode Portable apps/VMs from encrypted volumes (does anyone know how much of the Host OS's swap is used by VMWare and the like?) Any more ideas? Any better "Selective track covering tools" then the ones I mentioned in section 1? Thanks, Adrian _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- - Chris Merkel
Current thread:
- Anti-forensic tools, (continued)
- Anti-forensic tools iamnowonmai (Jul 01)
- Anti-forensic tools d4ncingd4n at gmail.com (Jul 01)
- Anti-forensic tools Adrian Crenshaw (Jul 01)
- Anti-forensic tools iamnowonmai (Jul 01)
- Anti-forensic tools Chris Merkel (Jul 01)
- Anti-forensic tools Jim Halfpenny (Jul 01)
- Anti-forensic tools Jody & Jennifer McCluggage (Jul 01)
- Anti-forensic tools Joel Folkerts (Jul 01)
- Anti-forensic tools Adrian Crenshaw (Jul 01)
- Anti-forensic tools Joel Folkerts (Jul 01)
- Anti-forensic tools Mad Marv (Jul 01)
- Anti-forensic tools Cody Ray (Jul 01)
- Anti-forensic tools Chris Merkel (Jul 01)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Dimitrios Kapsalis (Jul 02)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Joshua Wright (Jul 02)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Jim Halfpenny (Jul 02)
- Anti-forensic tools Grymoire (Jul 02)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Jim Halfpenny (Jul 02)
- Anti-forensic tools Jack Daniel (Jul 02)