www.metasploit.com/projects/antiforensics/BH2005-Catch_Me_If_You_Can.ppt
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gadi Evron Sent: Wednesday, July 25, 2007 10:20 AM To: Paul Ferguson Cc: [email protected] Subject: Re: [funsec] Researchers: Forensics Software Can Be Hacked Wow. No [EMAIL PROTECTED] On Wed, 25 Jul 2007, Paul Ferguson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Via InfoWorld. > > [snip] > > The software that police and enterprise security teams use to > investigate wrongdoing on computers is not as secure as it should be, > according to researchers with iSEC Partners. > > The San Francisco security company has spent the past six months > investigating two forensic investigation programs, Guidance Software's > EnCase, and an open-source product called The Sleuth Kit. They have > discovered about a dozen bugs that could be used to crash the programs > or possibly even install unauthorized software on an investigator's > machine, according to Alex Stamos, a researcher and founding partner > with iSEC Partners. > > [snip] > > More: > http://www.infoworld.com/article/07/07/25/Forensics-software-can-be-ha > cked_ > 1.html > > - - ferg > > p.s. Interesting premise for a Hollywood movie: "...bugs that could be > used to crash the programs or possibly even install unauthorized > software on an investigator's machine..." > > :-) > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.6.2 (Build 2014) > > wj8DBQFGp4RDq1pz9mNUZTMRAgOUAJ9fLcmHfCGZ0bzh6O0uEotyKXNHaACeOpAS > /ZgmK9+7K3Iy6MNYHbSxQyA= > =XJl3 > -----END PGP SIGNATURE----- > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet fergdawg(at)netzero.net > ferg's tech blog: http://fergdawg.blogspot.com/ > > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
