Monday Mar 10, 2008

Open Solaris Forensics Tools Project Goes Live

As of today the Open Solaris Forensics Tools Project Page was officially linked to the Open Solaris projects.

Currently published:

  • findrootkit.pl - A program by Casper Dik aiding the LKM rootkit detection.
  • Live Kernel data gathering scripts.
  • Live system data gathering papers.
  • Some ZFS Forensics info

Please find the project pages here!

Comments appreciated!
 

Tuesday Nov 20, 2007

Introduction to Live Kernel Dissection for Forensics Purposes - Skinning a Cat For Meta Data [1]

Proper data gathering methodologies are a vital part of conducting a forensics analysis. This article will give a quick overview of some non-intrusive advanced data gathering techniques that involve running kernel dissection without tainting evidence.

In this article I will briefly describe a forensics data gathering technique using an underused data source, namely "The Operating Environment Kernel”.

This is the first part of a series of articles which (I hope to find the time) will be published on a regular basis.

[Read More]

Monday Nov 12, 2007

On Application Security

This is a part of draft for internal project I have written in 2003.

A lot of prominent security group members contributed for this high level,
management awareness like speech.

I thought that this might be interesting and eventually reused as a fodder
for something else or simply as a high level clue stick.

[Read More]

Recycling Some old Papers

Hello all,

In a effort to start blogging (Yes I know I know) I decided to cheat a little and
recycle some "old" papers or fragments I have written in the past.

Some of them are still looking actual and some might find them useful.

But well You will be the judge of that!

Any feedback will be highly apreciated!

About

Evtim (Efi) Batchev is a security and network architect Sun Microsystems Iberia.

Search

Archives
« July 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
   
       
Today