Windows Forensics Software
Any and ALL help is greatly appreciated!
[233 byte] By [hrwasp] at [2007-11-19 19:40:50] 
Does anyone have any good ideas on software I could use to do some Windows Forensics? I know the machines have been hacked, but I need to know who, what, when, and to LOCK them down!!
Any and ALL help is greatly appreciated!
# 1 Re: Windows Forensics Software
I know the machines have been hacked, but I need to know who, what, when, and to LOCK them down!!How do you know that they have been hacked if you don't know what has been done to them?
Here are some lock down application that I have used with various companies.
Fortres 101 (http://www.fortresgrand.com/products/fortres_101.htm)
Clean Slate (http://www.fortresgrand.com/products/cleanslate.htm)
PeejAvery at 2007-11-10 3:40:19 >
# 2 Re: Windows Forensics Software
I know they have because...I have been informed by some "former" employees that they have been using them for other ventures! These "former" employees have since moved to Mexico!hrwasp at 2007-11-10 3:41:13 >
# 3 Re: Windows Forensics Software
So the "hackers" told on themselves? Since that is how you know, that is pretty much your only true avenue to find out what was done.PeejAvery at 2007-11-10 3:42:22 >
# 4 Re: Windows Forensics Software
They told me they have been on the box and know others have been too, but will not tell me what they did or where. This is the reason for the search for forensics software.hrwasp at 2007-11-10 3:43:18 >
# 5 Re: Windows Forensics Software
They told me they have been on the box and know others have been too, but will not tell me what they did or where.Sounds like wanting attention and talk to me. A hacker doesn't tell on himself/herself just to brag.
Anyway, I have never seen any software that does what you want. As I already posted, there are lockout programs.
Concerning how to find out what was done, run spyware and virus scans. Also make sure you check the running processes and startup items.
PeejAvery at 2007-11-10 3:44:16 >
Windows Central
All Classified
Windows Central New Topic
- SQL Server, MTS, and MSMQ
- GetGlyphIndicesW() and GetGlyphOutlineW()
- Error while adding into the Sun ONE Directory Server 5.2
- Error accessing the OLE registry
- Bad performance when accessing files over a network share
- winldapapi + kerberos
- How do we get the Active Directory Tree/ Forest.
- SBS Server 2003 and MS Office 2003