On the Linux side, Bleachbit seems to be rather promising. The author adds new applications about every week and posts on Freshmeat.net
On Tue, Jun 30, 2009 at 8:14 PM, Adrian Crenshaw <[email protected]>wrote: > Hi all, > I'm planing another class for the local ISSA (and hope to get some > Infragard and OWASP folks there). The topic this time is Anti-forensics. I > plan to cover a few categories of tools: > > 0. Show simple tools to see what's been going on > Places files are stored > effect of hibernate and page file > defrag issues (I assume this can leave remnants behind in slack space of > files that defrag moved, so if ta defrag happened just before you wipe a > file you may not really get all of the data) > Filecarving with Photorec http://www.cgsecurity.org/wiki/PhotoRec > > 1. Selective track covering tools > CCleaner http://www.ccleaner.com/ > CleanAfterMe http://nirsoft.net/utils/clean_after_me.html > > 2. Delete f***ing everything!!!/Nuke it from orbit, it's the only way to be > sure > Secure Erase http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml (Scott > Moulton told me this uses built in ATA commands to wipe even bad sectors) > DBAN http://www.dban.org/ > > 3. Encryption > Truecrypt > > 4. System configs/don't leave traks in the first place > Wipe swap file on shutdown > Browsers and incognito mode > Portable apps/VMs from encrypted volumes (does anyone know how much of the > Host OS's swap is used by VMWare and the like?) > > > Any more ideas? Any better "Selective track covering tools" then the ones I > mentioned in section 1? > > Thanks, > Adrian > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
