PaulDotCom mailing list archives
Meterpreter as an Incident Response Tool
From: Russell.Butturini at Healthways.com (Butturini, Russell)
Date: Mon, 21 Dec 2009 13:23:11 -0600
Sure drop me a line off list. I'll tell you what I was thinking about. -----Original Message----- From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of John Strand Sent: Monday, December 21, 2009 9:24 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Meterpreter as an Incident Response Tool Ohhhh... We need to talk. I am writing a new class for SANS and this type of stuff is in the mix. John On Tue, Dec 15, 2009 at 7:59 AM, Butturini, Russell <Russell.Butturini at healthways.com> wrote:
Hi all, I wanted to see what the group's feelings are on using Meterpreter in incident response.? Recently I had the opportunity to view a particular enterprise network forensics and incident response package.? Most of the functionality it brought to the table could be accomplished with a Meterpreter shell, launched using the psexec module included with Metasploit.? However, I would be concerned about this damaging the integrity of the environment from a forensics standpoint.? Any thoughts? Russell ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ******************************************************************************
Current thread:
- Meterpreter as an Incident Response Tool Butturini, Russell (Dec 15)
- Meterpreter as an Incident Response Tool John Strand (Dec 21)
- Meterpreter as an Incident Response Tool Butturini, Russell (Dec 21)
- Meterpreter as an Incident Response Tool John Strand (Dec 21)