|
|
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : I posted a bit ago on WFA 3 e, and as I get closer to completing rewrites of reviewed chapters and getting the manuscript submitted, I wanted to provide an update of how things have progressed thus far... I also wanted to talk a little bit more about what this edition is all about. Specifically, this edition is NOT a follow-on to the second edition instead, it's a companion book. That is to say, if you have the second edition on your bookshelf, you will also want to have this edition, as well. In fact, ideally, you'll have both WFA editions along with Windows Registry Forensics, as well, in order to make a complete set. There have also been a couple of changes, perhaps the biggest one being that I completely rewrote chapter 2 rather than being Live Response , I retitled it to Immediate Response the need for which was covered in this article by Garry Byers , as the previous topic had been covered to some extent in WFA 2 e, and one of the points of the third edition is to not rehash what's already been covered. Instead, I wanted to write about the need for organizations that have identified or been notified that an incident has occurred within their infrastructure to immediately collect and preserve data, and do so from the perspective of a third-party consultant responder. I think we've seen enough in the media in the last 9 or 10 months to clearly demonstrate that no organization is immune from being compromised add to that the ethereal nature of evidence and you can see why organizations must be ready to begin collecting data as soon as know that something has happened. The perspective I wanted to take was that of a responder who gets a call, and after the contract has been negotiated, travels to the site and begins working with the local IT staff to develop an understanding of the infrastructure and the nature of the incident...all while digital evidence continues to expire and fade away. During the rewrites, I'll be adding some specific information that has developed since specific chapters were originally written. For example, in chapter 4, I fleshed out information regarding Jump Lists, and I added some additional information to the chapter on Registry Analysis. Now, there are some things I don't cover in the book. For example, memory analysis and browser analysis are two of the most notable topics these are not covered in the book because there are covered elsewhere, and in a much better manner that I could have done. Finally, with WRF, I started posting the code for the books on my Google Code site, and I will do the same with WFA 3 e. Throughout the book I mention tools and checklists, and I'll have those posted to the Google code site before the book is actually published.
Les derniers articles du site "Windows Incident Response" :
- Training Philosophy
- Cool Stuff, re WMI Persistence
- Windows Registry Forensics, 2E
- Event Logs
- Links Plugin Updates and Other Things
- Tools, Links, From the Trenches, part deux
- From the Trenches
- Updated samparse.pl plugin
- The Need for Instrumentation
- Analysis
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
