Monday Mar 10, 2008

Open Solaris Forensics Tools Project Goes Live

As of today the Open Solaris Forensics Tools Project Page was officially linked to the Open Solaris projects.

Currently published:

  • findrootkit.pl - A program by Casper Dik aiding the LKM rootkit detection.
  • Live Kernel data gathering scripts.
  • Live system data gathering papers.
  • Some ZFS Forensics info

Please find the project pages here!

Comments appreciated!
 

Tuesday Nov 20, 2007

Introduction to Live Kernel Dissection for Forensics Purposes - Skinning a Cat For Meta Data [1]

Proper data gathering methodologies are a vital part of conducting a forensics analysis. This article will give a quick overview of some non-intrusive advanced data gathering techniques that involve running kernel dissection without tainting evidence.

In this article I will briefly describe a forensics data gathering technique using an underused data source, namely "The Operating Environment Kernel”.

This is the first part of a series of articles which (I hope to find the time) will be published on a regular basis.

[Read More]
About

Evtim (Efi) Batchev is a security and network architect Sun Microsystems Iberia.

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today