Security Basics mailing list archives
Re: Forensic Tool
From: p1g <killfactory () gmail com>
Date: Mon, 9 Jun 2008 23:46:43 -0400
Look on the other media? Very limited info to go by. Hard to prove file copies unless a script was used and it is still present. You could determine if 'other media' was connected to the pc( assuming win32/64). Look in registry. If I was a betting man, judgin from your question and your 'fishy' email addy, I put my money and you did it and you want to know if they are going to catch you. Just a bit of advice. THEY know. On Mon, Jun 9, 2008 at 12:56 PM, <newnewguy () aol com> wrote:
Hi, I of the person in my company has downloaded very imp files (Application & Data)from HR portal. He has deleted the files from his machine. We need to ensure that files were not copied to any other media before deletion. Request you to please help on How this can be achieved. Thanks! New Guy
-- -p1g SnortCP, ESSE-D, C|HFI, TNCP, TECP, NACP, A+, whatever.. ,,__ o" )~ oink oink ' ' ' ' If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke
Current thread:
- Forensic Tool newnewguy (Jun 09)
- Re: Forensic Tool Shreyas Zare (Jun 09)
- Message not available
- Re: Forensic Tool Shreyas Zare (Jun 10)
- Message not available
- Re: Forensic Tool Shreyas Zare (Jun 09)
- Message not available
- Re: Forensic Tool Dennis Kudin (Jun 10)
- Re: Forensic Tool p1g (Jun 10)
- Re: Forensic Tool Adam Pal (Jun 10)
- RE: Forensic Tool Robinson, Sonja (Jun 10)