On Mon, Oct 07, 2002 at 09:12:09AM -0400, Meritt James wrote: > Neil Dickey wrote: > > > It's a good idea to have a kit of such tools on a read-only > > CD in advance of an incident like this, so that you have > > tools you know you can trust -- that haven't been trojanned > > -- ready to use. It's rather like the instructions in a > > snake-bite kit. You want to be familiar with them *before* > > Mr. Snake has his way with you. > > REAL good suggestion! Any specific recommendations as to what should be > on the CD? You might want to look at FIRE which is a primarily a CD bootable linux distribution designed specifically for forensic and security purposes, but also includes windows and sparc solaris binaries for performing forensic analysis. http://fire.dmzs.com/ It's available as an ISO image, so just burn and go. -Ryan -- Ryan T. McBride, CISSP - mcbrideat_private Countersiege Systems Corporation - http://www.countersiege.com PGP key fingerprint = 8BA0 A58C 5038 9157 59C3 F9E6 6DDA 6611 BF4C 776B ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Oct 08 2002 - 19:58:49 PDT