Educause Security Discussion mailing list archives
Re: Use of Rapier / RPier
From: "Gargac. Jeff" <jgargac () MARYVILLE EDU>
Date: Sat, 18 Jul 2009 14:27:47 -0500
James, Some of the files that are missing may be for modules that the tools haven't been included with the Rapier program due to licensing restrictions. You may have to download the individual programs separately and copy them into the Rapier folder. I believe that these modules appear in red if the files are missing I have tested it on Windows XP successfully. However, certain tools may require administrator rights to run properly. The tools that you use for live response will vary depending on the information that you need to acquire and the footprint that they leave on the system. I would suggest that you look at the Helix Live CD as well. They have moved to a subscription program, but you may be able to find a mirror that still hosts the free version of the cd. Feel free to contact me directly if you need more information. Jeff Gargac Microcomputer and Security Specialist Maryville University of Saint Louis 650 Maryville University Drive Saint Louis, MO 63141 314-529-9226 (Office) 314-529-9976 (Fax) jgargac () maryville edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James Moore Sent: Friday, July 17, 2009 11:05 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Use of Rapier / RPier I didn't have a chance to look at Rapier until recently. And, as is often the case, the opportunity to learn new tools comes from a need, where things in my existing toolbox don't quite fit. Is there a place it is being maintained other than http://code.google.com/p/rapier/, or does it still work pretty well (and on which versions of Windows). The package on code.google.com shows that it is missing files when run. What does that mean, from a practical view, from people who use rapier? I am ignoring those things for now. But I wonder if Rapier is worth learning, or if I should look for a better live incident response tool that gathers some initial stats. (And is there one?) Jim - - - - Jim Moore, CISSP, IAM Senior Information Security Forensic Investigator Rochester Institute of Technology 151 Lomb Memorial Drive Rochester, NY 14623-5603 (585) 475-5406 (office) (585) 255-0809 (Cell - Incident Reporting & Emergencies) (585) 475-7920 (fax) If you consciously try to thwart opponents, you are already late. Miyamoto Musashi, Japanese philosopher/samurai, 1645 Risk comes from not knowing what you're doing. -Warren Buffet CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information
Current thread:
- Use of Rapier / RPier James Moore (Jul 17)
- <Possible follow-ups>
- Re: Use of Rapier / RPier Guy Pace (Jul 17)
- Re: Use of Rapier / RPier Zach Jansen (Jul 17)
- Re: Use of Rapier / RPier Gargac. Jeff (Jul 18)