Sec <securityat_private> said: > Are you sure they do not contain spyware?=0D Heh, this is the first thing I thought myself when the tools were provided, but I did my own level of due diligence, and now feel okay when using them. As I mentioned, I neither developed or maintain any of the provided tools. Source code only is provided and should of course be reviewed. During compile time and at execution time, my sniffer picked up nothing out of the ordinary and tripwire file integrity checking was also came up clean. FYI, they are forensic tools, and I as a matter of practice do not leave a forensic workstation connected with live public internet access during an investigation, so the risk of spyware would be minimal and easily detected. These tools are all in use by the DCFL and Air Force(and likely other government offices), and used in an ongoing basis to press cases. These tools were provided to me so that I could build a custom and very specific bootable image for the Air Force to be used in establishing/obtaining case evidence. I'm just happy that these organizations are willing to share the tools they have developed in house, and a great point is that for free tools, they already have court case precedence. William ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Apr 14 2002 - 18:43:59 PDT