Hakin9 :: Magazine

Windows FE Forensic Live CD

Rating:

• 1
• 2
• 3
• 4
• 5

25 votes

Source files

06_2009.ZIP 06_2009.ZIP

Articles

• Windows FE A Windows-PE Based Forensic Boot CD

  Back in the mid of 2008 some rumors regarding a Microsoft Windows FE Boot-CD started. While there were discussions in certain web logs dealing with IT-security and computer forensics, this Windows-CD never got a lot of attention.

  ---

  - ever got a lot of attention. Marc Remmert

• Network Forensics: More Than Looking For Cleartext Passwords

  Cybercriminal activities are becoming stealthier and more creative. Insider threats are increasingly more pervasive with the wealth of knowledge and resources available on the Internet. Corporate defenders are more than ever faced with the grave mission of discovering and mitigating these occurrences.

  ---

  - Mervyn Heng

• Unified Communications Intrusion Detection Using Snort

  Network Intrusion Detection is an important part of any security toolset. Unfortunately for the uninitiated it could be quite a challenge to get started – how to install, what to monitor and how to read alerts. This article is designed to provide that kick-start from the ground up by taking the reader through the installation and configuration of a NID system and applying intrusion detection to a communication protocol whose use is increasing in deployments.

  ---

  - Mark Rubino

• Protocol Channels

  Covert channel techniques are used by attackers to transfer hidden data. There are two main categories of covert channels: timing channels and storage channels. This text introduces a new storage channel technique called protocol channels.

  ---

  - Steffen Wendzel

• Fuzzing Finding Vulnerabilities with rand()

  Traditionally, the search for security-related flaws in code took place as follows: relevant sections of code were printed out, and developers went over them trying to find as many potential issues as possible. So-called code reviews tend to work quite well – but happen rarely due to the immense cost involved.

  ---

  - Tamin Hanna

• Windows Timeline Analysis, Building a Timeline, Part 2

  The increase in sophistication of the Microsoft (MS) Windows family of operating systems (Windows 2000, XP, 2003, Vista, 2008, and Windows 7) as well as that of cybercrime has long required a corresponding increase or upgrade in response and analysis techniques.

  ---

  - Harlan Carvey

• Anatomy of Malicious PDF Documents, Part 2

  What tools do you need to analyze a malicious PDF document? You could use Acrobat, but then you run the risk of infecting your machine when opening the PDF document with Acrobat.

  ---

  - Didier Stevens

• Recovering Debugging Symbols From Stripped Static Compiled Binaries

  I first started to look into symbol recovery to better solve various war-games with stripped binaries. However, this can be applied to various areas.

  ---

  - Justin Sunwoo Kim

• Simple DLP Verification Using Network Grep

  Today, companies have to worry about espionage and battling internal threat of confidential information being stolen or leaked.

  ---

  - Joshua Morin

• A Look at How the Mobile Phone Opens the Door to Location (LBS) Tracking, Proximity Marketing and Cybercrime

  The very first public commercial mobile phone network was ARP network in Finland which was launched as far back as 1971. Then a few years later the first generation mobile cellular network was launched by Bell Labs in Chicago in 1978, with the…

  ---

  - Julian Evans

• Interview with Michael Helander

  Michael Helander is a member of the executive team at Lavasoft with responsibilities for Sales & Marketing as well as overall corporate strategy.

  ---

  - Ewa Dudzic

• Viva la Revolucion!

  The Open Information Security Foundation has recently been formed to create a next generation intrusion detection engine. Not just formed, but funded. Well funded.

  ---

  - Matthew Jonkman