Penetration Testing mailing list archives
Re: Light forensics
From: "Alonso Caballero Quezada / ReYDeS" <reydes () gmail com>
Date: Wed, 6 Jan 2010 20:33:38 -0500
Saludos: On Tue, Jan 5, 2010 at 9:08 AM, Eduardo Sierra <esierr4 () gmail com> wrote:
Hi, We had a security incident, and i'm doing a "light" forensics.
Define please "light" forensics.
Is there a log you can check to see IP Address Changes in a Windows XP Box? Any good free tool to undelete files?
Hmm, The Windows registry store this information. About a good tool. A "Free" in Windows maybe "FTK Imager"
Many thanks,
No problem. atte: -- Alonso Eduardo Caballero Quezada aka ReYDeS - ReYDeS () gmail com Brainbench Certified Computer Forensics (U.S.) - SSP-CNSA www.ReYDeS.com - www.PeruSEC.org - www.npros.com.pe - LRU #307242 ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Light forensics Eduardo Sierra (Jan 06)
- Re: Light forensics Alonso Caballero Quezada / ReYDeS (Jan 11)
- Re: Light forensics Wim Remes (Jan 11)
- Re: Light forensics Tom Ritter (Jan 11)
- Re: Light forensics Adrian Puente Z. (Jan 11)
- Re: Light forensics H. Kurth Bemis (Jan 11)
- RE: Light forensics Levenglick, Jeff (Jan 11)
- RE: Light forensics Dave Kleiman (Jan 11)
- Re: Light forensics Felipe Martins (Jan 18)
- RE: Light forensics Boyd, Chad (Jan 18)
- Re: Light forensics Adel Abushaev (Jan 11)