I’m going to talk about Windows Vista Forensics at the DFN-CERT workshop. The workshop will be held on Februray 13 and 14, 2008 in Hamburg, Germany.
Archive for the 'Forensics' Category
Talk about Windows Vista Forensics
«
29 December 2007 |
11:52 |
Events, Forensics, Speeches |
2 Comments | 956 Views
»
The Sleuthkit 2.10
«
13 December 2007 |
9:37 |
Forensics, Tools |
1 Comment | 887 Views
»
A new version of The sleuthkit (TSK) is out now. There are some minor bug fixes included. Changelog
A new version of The sleuthkit (TSK) is out now. There are some minor bug fixes included. Changelog
WTF is Microsoft doing with the Last Access Timestamp on Vista?
«
20 November 2007 |
8:52 |
Forensics, Stories |
2 Comments | 1,241 Views
»
I recently discovered, that Microsoft destroyed a most valuable digital forensics evidence source on NTFS filesystems with Vista. The default registry key value for HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet \ Control\FileSystem\NtfsDisableLastAccessUpdate is now “1″, which means no last access timestamp will be written at all. On Windows XP and Windows 2000
I recently discovered, that Microsoft destroyed a most valuable digital forensics evidence source on NTFS filesystems with Vista. The default registry key value for HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet \ Control\FileSystem\NtfsDisableLastAccessUpdate is now “1″, which means no last access timestamp will be written at all. On Windows XP and Windows 2000
More on Windows Local Kernel-mode Backdoor Techniques
«
10 November 2007 |
13:44 |
Forensics, Live Response, Security |
1 Comment | 886 Views
»
On uninformed.org you can find a whitepaper which describes several ways to get your code covertly executed in the Windows kernel.
On uninformed.org you can find a whitepaper which describes several ways to get your code covertly executed in the Windows kernel.
computer forensics beginners course
«
26 August 2007 |
20:00 |
Events, Forensics |
No Comments | 1,192 Views
»
I’m giving computer forensics classes for beginners in Munich, Frankfurt and of course Berlin.
I’m giving computer forensics classes for beginners in Munich, Frankfurt and of course Berlin.
new theme on computer-forensik.org
«
18 August 2007 |
13:26 |
Admin, Forensics |
1 Comment | 1,358 Views
»
I remodeled my other digital forensics related german website http://computer-forensik.org. It has now a fancy brand new theme.
I remodeled my other digital forensics related german website http://computer-forensik.org. It has now a fancy brand new theme.
Oracle Database Forensics
«
14 August 2007 |
10:16 |
Forensics, Guidelines |
No Comments | 1,244 Views
»
David Litchfield from NGSSoftware published some new material about Oracle Database Forensics.
David Litchfield from NGSSoftware published some new material about Oracle Database Forensics.
Good Practice Guide for Computer-Based Electronic Evidence
«
31 July 2007 |
12:25 |
Forensics, Guidelines |
1 Comment | 1,341 Views
»
The english Association of Chief Police Officers (ACPO) has released a new guide to collecting electronic evidence. The Good Practice Guide for Computer-Based Electronic Evidence has been revised by experts.
The english Association of Chief Police Officers (ACPO) has released a new guide to collecting electronic evidence. The Good Practice Guide for Computer-Based Electronic Evidence has been revised by experts.
