> I have an attacker who claims he was able to read the > contents of a live NT pagefile which helped him attack > further. So far, we have shown that a few of his other > claims are without merit, but this one has stumped me. You may have answered your own question...both technically, and in the fact that this attacker's other claims are "without merit". Could be all boasting just to throw you off... I am not familiar with any tools that do what you describe...the only thing that remotely comes close that I know if Arne's pmdump.exe utility from NTSecurity.nu...and that doesn't work specifically on the pagefile. Carv __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jul 31 2002 - 07:44:55 PDT