Security Incidents mailing list archives
Forensics CD (was: Re: Strange Folder
From: "Meritt James" <meritt_james () bah com>
Date: Mon, 07 Oct 2002 09:12:09 -0400
REAL good suggestion! Any specific recommendations as to what should be on the CD? Jim Neil Dickey wrote:
It's a good idea to have a kit of such tools on a read-only CD in advance of an incident like this, so that you have tools you know you can trust -- that haven't been trojanned -- ready to use. It's rather like the instructions in a snake-bite kit. You want to be familiar with them *before* Mr. Snake has his way with you.
-- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Strange Folder discipulus (Oct 05)
- Re: Strange Folder Nick Jacobsen (Oct 06)
- Message not available
- Re: Strange Folder discipulus (Oct 06)
- Re: Strange Folder Midkaemia (Oct 06)
- Re: Strange Folder discipulus (Oct 07)
- Message not available
- Re: Strange Folder Nick Jacobsen (Oct 06)
- <Possible follow-ups>
- Re: Strange Folder discipulus (Oct 06)
- Re: Strange Folder Neil Dickey (Oct 06)
- Re: Strange Folder discipulus (Oct 06)
- Forensics CD (was: Re: Strange Folder Meritt James (Oct 07)
- Re: Forensics CD (was: Re: Strange Folder Chet Uber (Oct 08)
- Re: Forensics CD (was: Re: Strange Folder Ryan McBride (Oct 08)