PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Meterpreter as an Incident Response Tool

From: strandjs at gmail.com (John Strand)
Date: Mon, 21 Dec 2009 08:23:49 -0700
Ohhhh...  We need to talk.

I am writing a new class for SANS and this type of stuff is in the mix.

John

On Tue, Dec 15, 2009 at 7:59 AM, Butturini, Russell
<Russell.Butturini at healthways.com> wrote:

Hi all,

I wanted to see what the group?s feelings are on using Meterpreter in
incident response.? Recently I had the opportunity to view a particular
enterprise network forensics and incident response package.? Most of the
functionality it brought to the table could be accomplished with a
Meterpreter shell, launched using the psexec module included with
Metasploit.? However, I would be concerned about this damaging the integrity
of the environment from a forensics standpoint.? Any thoughts?



Russell



******************************************************************************
This email contains confidential and proprietary information and is not to
be used or disclosed to anyone other than the named recipient of this email,
and is to be used only for the intended purpose of this communication.
******************************************************************************

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: