I'm posing this question to the readership at large... Has anyone seen the use of NTFS alternate data streams when conducting any sort of misuse or forensics investigation? This would include instances in which the virus from Benny and Ratter of 29A, W2K.Stream, was found. Thanks. __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Nov 30 2001 - 17:39:27 PST