Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   
blank
Авторизация

       
blank
Поиск по указателям

blank
blank
blank
Красота
blank
Carvey H. — Windows forensics and incident recovery
Carvey H. — Windows forensics and incident recovery



Обсудите книгу на научном форуме



Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter


Название: Windows forensics and incident recovery

Автор: Carvey H.

Аннотация:

If you're responsible for protecting Windows systems, firewalls and anti-virus aren't enough. You also need to master incident response, recovery, and auditing. Leading Windows security expert and instructor Harlan Carvey offers a start-to-finish guide to the subject: everything administrators must know to recognize and respond to virtually any attack. Drawing on his widely acclaimed course, Carvey uses real-world examples to cover every significant incident response, recovery, and forensics technique. He delivers a complete incident response toolset that combines today's best open source and freeware tools, his own exclusive software and scripts, and step-by-step instructions for using them. This book's tools and techniques apply to every current and professional version of Windows: NT, 2000, XP, and Windows Server 2003.


Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2004

Количество страниц: 480

Добавлена в каталог: 18.05.2005

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
blank
Предметный указатель
Fsw.pl Perl script for implementing a file system monitor      2nd
FTP site properties      
FTP traffic capture      
ftype      
ftype command      
Functions      
future of      2nd
Garner, Jr., George M      
GatSlag      
Geschonneck, Alexander      
GetLocalTime()      
GetSystemTime()      
GetTimeZoneInformation()      
getting files from      
getting off of servers      
GNU General Public License (GNU GPL)      
GNU GPL (General Public License)      
Google      
GoToMyPC      
GPList      
GPOs      
GPOs (Group Policy Objects)      
GPResult.exe      
group policies      2nd 3rd
group policy information      2nd 3rd 4th
Group Policy Objects      [See GPOs]
GUI tools      
Handle.exe      
Hardening      
hash.pl      2nd
Hash.pl, a Perl script that computes MD5 and SHA-1 hashes for a file
hashes      
help      
Heyne, Frank      
HFS (Hierarchical File System)      
hidden attribute      2nd 3rd
hiding      
Hiding data      
hiding data in      
hiding date on live file systems      2nd 3rd 4th 5th 6th 7th
hiding documents in Excel spreadsheets      2nd 3rd
hiding documents in Word documents      2nd 3rd
hiding on live file systems      
hiding spreadsheets in Word documents      2nd 3rd
Hierarchical File Systems      [See HFS]
High-speed connections      
Hoglund, Greg      2nd
host configuration      2nd
Hydan      
IDE (Integrated Development Environment)      
IIS      
IIS (Internet Information Server)      
IIS traffic capture      
image files      
in Excel spreadsheets      2nd 3rd
in executables      
in Office document      2nd 3rd 4th 5th 6th
in Office documents      2nd 3rd 4th 5th 6th
in Registry      2nd 3rd 4th
in the Registry      2nd 3rd 4th
incident preparation      
incident response policies      2nd 3rd 4th
incidents      2nd
InControl5      2nd
infected systems      
infected Windows 2003 systems      2nd 3rd
infection vectors      2nd 3rd 4th
INFO2      
information      
initial configuration dialog      
initial configuration dialog for      
InPEct      
Insecure.org      
Install      
Installation      
installations of malware      
Installing      
Integrated Development Environment      [See IDE]
integrity of files      
Internet Information Server      [See IIS]
Internet Relay Chat      [See IRC]
Internetwork Operating System      [See IOS]
investigating      2nd 3rd 4th 5th 6th 7th 8th
investigating systems      
investigating unusal traffic      2nd 3rd 4th 5th
investigations      
IOS (Internetwork Operating System)      
IP addresses      2nd 3rd 4th 5th
ipconfig      2nd
IRC (Internet Relay Chat)      
IRC bots      
jdbgmgr.exe      
Jiang, Juju      
KartOO      
Kaspersky Labs      
KB (KnowledgeBase)      2nd
kbAlertz.com      
kernal-mode rootkits      
kernel-mode rootkits      
keywords      
KnowledgeBase      
KnowledgeBase (KB)      
Kwbot      
Kwbot worm      
LastWrite time      2nd 3rd
LastWrite times      
launching      2nd
launching FSP      2nd 3rd 4th
LDAP (Lightweight Directory Access Protocol)      
Liability      
licensing issues      2nd 3rd
Lightweight Directory Access Protocol      [See LDAP]
limiting      
List of tools for examining various types of files      
List of tools used for obtaining information about files      
List of tools used to retrieve non-volatile information      
List of tools used to retrieve volatile information      
ListDLLs      2nd
listdlls.exe      
listening      2nd
listing      
listing on local systems      
listing sessions      
listings      
lists of workstations from PDC      2nd 3rd
litigious investigations      
Lloyd, Timothy      
local incidents      
Local Security Policy      
local systems      
locating      
locating as services      
locating modems      
locating WinPcap drivers      
LOG      
log files      
logged on users      2nd 3rd 4th 5th
logic bombs      2nd
logon rights      
MAC (media access control)      
MAC times      2nd
mac.pl      
MACS (Microsoft Audit Collection System)      
malicious software      [See malware]
malware      
malware installations      
Managing      
manual incidents      
Map List      
Mapping      
mapping processes to      
Master File Table      [See MFT]
MBSA      2nd
MBSA (Microsoft Baseline Security Analyzer)      
md5deep.exe      2nd
MDF message digest      
mdmscan.pl      2nd 3rd 4th
Mdmscan.pl Perl script for locating modems      2nd 3rd
Media access control (MAC)      
Memory      
Merge Streams      2nd
meta.pl      
Meta.pl Perl script for retrieving metadata from Microsoft Word documents      2nd 3rd
Metadata      
metadata from Microsoft Word documents      
metadata from PDF files      
methodologies      2nd
MFT (Master File Table)      
Microsoft Audit Collection System (MACS)      
Microsoft Baseline Security Analyzer (MBSA)      
Microsoft Excel      
Microsoft Installer (MSI) file      
Microsoft Internet Information Server      [See IIS]
Microsoft KnowledgeBase (KB)      2nd
Microsoft Management Console      [See MMC]
Microsoft Office documents      
Microsoft Resource Kits      
Microsoft Security Bulletin MS02-24      
Microsoft Systems Management Server (SMS)      
Microsoft Windows Application Programming Interface (API)      
Microsoft Word      
Microsoft Word documents      
Microsoft.com      
MMC      
MMC (Microsoft Management Console      
MMC snap-ins      
modems      2nd 3rd 4th
modifying      
modifying file MAC times      2nd 3rd 4th
Modules      
Monitoring      [See monitoring]
Morris, Robert T      
MS03-26      
MSI (Microsoft Installer) file      
MWC, Inc      
MZ file signature      
Nbtstat      
net file      
net file command      
net session      2nd
net session command      2nd
net start      
Net start command      
net.exe      2nd
netcap      2nd
netcat      2nd 3rd 4th
netcat listener      
netcat traffic capture      
netmon      2nd
netmon (Network Monitor)      2nd
netstat      2nd
netstat -ano      
netusers.exe      
network information and connections      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
Network Interface Card      [See NIC]
network interface status      
Network Monitor      [See netmon]
network protocol analyzers      [See sniffers]
network sniffers      [See sniffers]
NIC      
NIC (network interface card      
nmap      
nmap traffic capture      
non-volatile information      
Notepad.exe and Sol.exe      
notes      
NSA XP      
NTFS      
NTFS ADS      2nd 3rd 4th 5th 6th
NTFS file system      2nd
NTFS.com      
NTRootkit      
NTSecurity.nu      
NTSecurity.nu sute      
null session connections      2nd
null session traffic capture      
null.pl      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th
null.pl Perl script      2nd 3rd 4th 5th 6th 7th 8th 9th 10th
of commercial tools      
of easy-to-use tools      2nd
of file client component      
of high-speed connections      2nd
of incidents      
of perimeter devices      2nd 3rd 4th
of reinstalling systems      2nd
of rootkits      
of Windows systems      2nd 3rd
Office documents      
OLE structued storage      2nd 3rd
on compromised systems      
on Windows XP      2nd
open ports      2nd
openfiles      
Opening      
openports      2nd
openports.exe      
ouput of      
Outlook Web Access      [See OWA]
output of      
Output of commands run to determine the current date and time on the system      
output of commands to a file      
Output of di.pl Perl script      
Output of dir /ah command      
Output of dir /ta command      
Output of gpresult.exe on a Windows 2000 system logged into a domain      
Output of pslist run on a Windows XP system      
Output of pslist t run on a Windows XP system      
Output of pulist run on a Windows XP system      
Output of rifiuti command      
Output of rkd.pl Perl script when run against an AFX Rootkit 2003 infected system      2nd
Output of tlist c run on a Windows XP system      
Output of tlist s run on a Windows XP system      
output when run against an AFX Rootkit 2003 infected system      2nd
output when run against an AFX Rootkit 2003 infected systems      2nd
overview of      2nd 3rd 4th 5th 6th 7th 8th
OWA (Outlook Web Access)      
P2P (peer-to-peer) file sharing programs      
packet captures      
packet captures (Ethereal)      
Packetstorm Security      
Panda Software      
Panda Software Virsu Encyclopedia      
Parent import      
Parent Import (PI) Functioin View      
Passwords      
patch management      2nd 3rd
patches      2nd 3rd
pd.pl
PDF documents      
PDF files      
pdfmeta.pl      
Pdfmeta.pl Perl script for retrieving metadata from PDF files      
Peer-to-peer      [See P2P]
performing      
performing analysis of with Perl scripts      2nd 3rd 4th
performing file signature analysis      2nd 3rd 4th
perimeter devices      
Perl      
Perl code excerpt for      
Perl code excerpt for retrieving      
1 2 3 4
blank
Реклама
blank
blank
HR
@Mail.ru
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2024
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте