Thanks for the suggestions. Here are my comments so far: 1. The binders subject would be great for malware analysis, but I'm not so sure for a general "cover your tracks" sort of class.
2. I've played with Alternate Data Streams before ( http://www.irongeek.com/i.php?page=security/altds), but it seems like it only hides things from an investigator that does not know about them. There are tools to find them, and won't they still show up if you do a data carve? 3. Anything out there better than CCleaner or CleanAfterMe? Thanks. Adrian On Wed, Jul 1, 2009 at 8:13 AM, <[email protected]> wrote: > Alternate data streams on the filesystem and stego would be interesting > from an antiforensics standpoint also. > Sent from my Verizon Wireless BlackBerry > > -----Original Message----- > From: iamnowonmai <[email protected]> > > Date: Wed, 1 Jul 2009 07:37:30 > To: PaulDotCom Security Weekly Mailing List<[email protected] > > > Subject: Re: [Pauldotcom] Anti-forensic tools > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
