Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-Disclosure] Imaging Operating Systems

from [Perrymon, Josh L.] Network Security [Permanent Link]
Subject: RE: [Full-Disclosure] Imaging Operating Systems
Date: Wed, 26 May 2004 17:13:41 -0500 
I agree with Shawn:

VMWare is the weapon of choice for this.

I have a couple boxes setup in my lab w/ VMWare and have several OS's on
there.
I just crashed on today messing with windows permission and just reverted to
a saved copy in a matter minutes.

In fact- I'm testing a VMWare right now-

I setup syslog client ( sabernet.net ) on it and have it going to a freeBSD
box ( syslog )-
I'm tailing /var/log/messages with swatch looking for logon failures/
success and emailing that to me.

My 2 marks worth :)
JP

-----Original Message-----
From: James Riden [mailto:j.riden@massey.ac.nz]
Sent: Wednesday, May 26, 2004 4:24 PM
To: mbs@mistrealm.com
Cc: Full-Disclosure
Subject: Re: [Full-Disclosure] Imaging Operating Systems


Michael Schaefer <mbs@mistrealm.com> writes:


Hi all

We are building a Windows test system, to try out tool bars, spy ware,
malware and trojans on.

Once we learn what we need to know, we obviously want to get rid of
the junk quickly and cleanly.

I keep hearing suggestions about having a "clean image" to transfer
onto the computer.

Can anyone send some details?


Ghost or Altiris can do this for you.

-- 
James Riden / j.riden@massey.ac.nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] Imaging Operating Systems, S G Masood
Next by Date:  RE: [Full-Disclosure] Imaging Operating Systems, Lionel Hendricks
Previous by Thread:  RE: [Full-Disclosure] Imaging Operating Systems, Lachniet, Mark
Next by Thread:  RE: [Full-Disclosure] Imaging Operating Systems, Zach Forsyth
Indexes:  [Date] [Thread] [Top] [All Lists]