funsec mailing list archives
RE: Researchers: Forensics Software Can Be Hacked
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Wed, 25 Jul 2007 10:41:48 -0700
www.metasploit.com/projects/antiforensics/BH2005-Catch_Me_If_You_Can.ppt -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Gadi Evron Sent: Wednesday, July 25, 2007 10:20 AM To: Paul Ferguson Cc: funsec () linuxbox org Subject: Re: [funsec] Researchers: Forensics Software Can Be Hacked Wow. No kidding!!!@111 On Wed, 25 Jul 2007, Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via InfoWorld. [snip] The software that police and enterprise security teams use to investigate wrongdoing on computers is not as secure as it should be, according to researchers with iSEC Partners. The San Francisco security company has spent the past six months investigating two forensic investigation programs, Guidance Software's
EnCase, and an open-source product called The Sleuth Kit. They have discovered about a dozen bugs that could be used to crash the programs
or possibly even install unauthorized software on an investigator's machine, according to Alex Stamos, a researcher and founding partner with iSEC Partners. [snip] More: http://www.infoworld.com/article/07/07/25/Forensics-software-can-be-ha cked_ 1.html - - ferg p.s. Interesting premise for a Hollywood movie: "...bugs that could be
used to crash the programs or possibly even install unauthorized software on an investigator's machine..." :-) -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGp4RDq1pz9mNUZTMRAgOUAJ9fLcmHfCGZ0bzh6O0uEotyKXNHaACeOpAS /ZgmK9+7K3Iy6MNYHbSxQyA= =XJl3 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Researchers: Forensics Software Can Be Hacked Paul Ferguson (Jul 25)
- Re: Researchers: Forensics Software Can Be Hacked Gadi Evron (Jul 25)
- RE: Researchers: Forensics Software Can Be Hacked Hubbard, Dan (Jul 25)
- RE: Researchers: Forensics Software Can Be Hacked Gadi Evron (Jul 25)
- Re: Researchers: Forensics Software Can Be Hacked Jordan Wiens (Jul 26)
- Re: Researchers: Forensics Software Can Be Hacked Don Blumenthal (Jul 26)
- Re: Researchers: Forensics Software Can Be Hacked Jordan Wiens (Jul 26)
- Re: Researchers: Forensics Software Can Be Hacked Valdis . Kletnieks (Jul 26)
- RE: Researchers: Forensics Software Can Be Hacked Hubbard, Dan (Jul 25)
- Re: Researchers: Forensics Software Can Be Hacked Gadi Evron (Jul 25)