Главная    Ex Libris    Книги    Журналы    Статьи    Серии    Каталог    Wanted    Загрузка    ХудЛит    Справка    Поиск по индексам    Поиск    Форум   
blank
Авторизация

       
blank
Поиск по указателям

blank
blank
blank
Красота
blank
Carvey H. — Windows forensics and incident recovery
Carvey H. — Windows forensics and incident recovery



Обсудите книгу на научном форуме



Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter


Название: Windows forensics and incident recovery

Автор: Carvey H.

Аннотация:

If you're responsible for protecting Windows systems, firewalls and anti-virus aren't enough. You also need to master incident response, recovery, and auditing. Leading Windows security expert and instructor Harlan Carvey offers a start-to-finish guide to the subject: everything administrators must know to recognize and respond to virtually any attack. Drawing on his widely acclaimed course, Carvey uses real-world examples to cover every significant incident response, recovery, and forensics technique. He delivers a complete incident response toolset that combines today's best open source and freeware tools, his own exclusive software and scripts, and step-by-step instructions for using them. This book's tools and techniques apply to every current and professional version of Windows: NT, 2000, XP, and Windows Server 2003.


Язык: en

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2004

Количество страниц: 480

Добавлена в каталог: 18.05.2005

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID
blank
Предметный указатель
Perl code excerpt for retrieving file MAC times      
Perl code listing for svclst.pl      
Perl editors      2nd
Perl installation      2nd 3rd 4th
Perl modules      2nd
Perl Monks      
Perl Monks website      
Perl Package Manager      [See PPM]
Perl programming sites      2nd
Perl script      
Perl script for performing file signature analysis      2nd 3rd 4th
Perl script for retrieving the MAC times of a file using Perl's stat() function      
Perl script tasks.pl for listing scheduled tasks      2nd
Perl script that lists session on the local system      
Perl script to dump contents of the Clipboard      
Perl script to enumerate Registry key LastWrite times      
Perl script to parse the output of tlist, pslist, and openports from the FRU      2nd 3rd 4th
Perl script ver.pl      2nd
Perl scripts      
Perl scripts to parse the output of tlist, pslist, and openports      2nd 3rd 4th
PERMISSIONS      2nd
Persistence      2nd 3rd
Persistency      2nd
pervasiveness      
pervasiveness of      2nd
pervasiveness of easy-to-use tools      2nd
pervasivenss of      2nd
PID (Process Identifier)      
PIDs (process identifiers)      
plist -t      
pmdump.exe      
polices      
policies      
Port Reporter      2nd
port scanners      [See port scanners]
PortExplorer toolkit      
portqry.exe      2nd 3rd
Ports      
posting to      
PPM      2nd
PPM (Perl Package Manager)      
PPM commands      
ppm query Win32      
PR-Initial-*.log      
PR-PIDS-*.log      
PR-Ports-*.log      
preparing for incidents      [See incident preparation]
preserving      
preventing      2nd
preventing installation of      2nd
preventing installations      
Principle of Least Privilege      2nd 3rd
priv.pl      2nd 3rd
Priv.pl Perl script to list user privileges      2nd
priv2.pl      2nd 3rd
Priv2.pl Perl script for retrieving users with a specific user right      2nd 3rd
privilege escalation      
privilege levels      
process enumeration checked      
Process Identifier (PID)      
process information      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th
process memory      2nd 3rd 4th
process memory dumps      
process tracking      
process-to-port mapper      
Processes      2nd
program sites      2nd
program websites      2nd
Programming errors      
programming websites      2nd
Programs      
promiscdetect      2nd
prosecution      
Protected storage      2nd
ps.exe      
pslist      2nd 3rd
pslist.exe      2nd 3rd
psloggedon.exe      2nd
pstoreview.exe      
public newsgroups      
pulist      2nd
pulist.exe      2nd
purpose of this book      2nd 3rd 4th 5th
Query      
Ramdane, Amine Moulay      
RAS (remote access servers)      
RCA (root cause analysis)      
Reading      
reading packet captures      
real-life incidents      2nd 3rd 4th
reasons for occuring      2nd
Recyle Bin      
Red Button      
redirecting      
reg.exe      
Registry      
Registry key LastWrite times      
registry keys      2nd 3rd 4th
Registry values      2nd 3rd 4th 5th
reinstalling      
remote access servers      [See RAS]
remote incidents      
Remote Procedure Call      [See RPC]
Removing      
researching      
Resources      
response teams      
restricting      
restricting services      2nd 3rd 4th
Result of pd.pl run on Windows 2000 system infected with a rootkit      
retrieving      
retrieving contents of      2nd 3rd 4th
retrieving contents of Run key      
retrieving drive information      2nd
retrieving file times      
retrieving metadata from      
retrieving metadata from Microsoft Word documents      2nd 3rd
retrieving specific contents of      
retrieving time zone information      2nd 3rd
retrieving user information      2nd 3rd 4th 5th 6th
retrieving users with specific user rights      
returning      
returning from other ports      
rifiuti      
rifiuti command      
Rivest, Ronald L      
rkd.pl      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
rkd.pl output when run against an AFX Rootkit 2003 infected system      2nd
Rkd.pl Perl script for performing local and remote rootkit detection      2nd 3rd 4th 5th 6th 7th 8th 9th 10th
root cause analysis      [See RCA]
rootkit detection      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th
rootkit installations      2nd
Rootkit.com      
rootkits      2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th
rootkits on Windows 2000 systems      2nd 3rd
Roth, Dave      
Roth, David      
RPC      
RPC (Remote Procedure Call)      
Run key      
Run keys      
runchk.pl      
Runchk.pl Perl script for retrieving contents of Run key      2nd 3rd
Running      2nd 3rd 4th 5th 6th
running FRU      2nd 3rd 4th 5th 6th
running scripts      2nd 3rd 4th 5th
S-Tools      
SACLs (system access control lists)      
SANS InfoSec Reading Room      
SB 1386 (California state law)      
Scanners      
Scheduled Task Wizard      2nd
Scheduled Tasks      
Scheduled Tasks applet      
schtasks.exe      
SCM      2nd 3rd 4th 5th 6th
SCM (Security Configuration Manager)      
SCM (Service Control Manager)      
script mappings      
Scripts      
Search      
Searching      
searching for      
Secure Hash Algorithm 1 (SHA-1)      
SecuriTeam      
SecuriTeam site      
Security Configuration and Analysis snap-in      
Security Configuration Manager      [See SCM]
security information sites      
security information websites      
Security Options settings      
security policies      
SecurityFocus.com      
Servers      
Service Control Manager (SCM)      
Service Level Agreements (SLAs)      
Services      2nd 3rd
services and drivers      2nd 3rd 4th
sess.pl      2nd
Sessions      
sessions on local systems      
setting      
setting up      2nd 3rd 4th 5th
setting up for use with this book      2nd 3rd 4th
SFC (System File Checker)      
SFCD11CacheDir      
SFCDisable      2nd 3rd
SFCQuota      
SFCScan      
SFCShowProgress      
SHA-1 (Secure Hash Algorithm)      
shwobinarymfr.exe      
Siedsma, Christine      
Simple Mail Transfer Protocol      [See SMTP]
Simple Network Management Protocol      [See SNMP]
Simple network management protocol (SNMP)      
Slammer worm      
SLAs (service level agreements)      
Slashdot      
Smith, Richard M      
SMS (Systems Management Server)      
SMTP (Simple Mail Transfer Protocol)      
sniffers      2nd 3rd
sniffscan.pl      2nd 3rd 4th
Sniffscan.pl Perl script for locating WinPcap drivers      2nd 3rd 4th
SNMP (Simle Network Management Protocol)      
SNMP (Simple Network Management Protocol)      
Somarsoft Utilities      
Sophos      
speculation      
spyware      2nd 3rd
standard output (STDOUT)      
STDOUT (standard output)      
Steganography      2nd 3rd
Stoll, Clifford      
Storm Watch      
streams.exe      
strings.exe      
SubSeven      
svchost      
svclst.pl      
Swinton, Ernest      
switches      
Symantec      
Symantec Security Response Center      
Symantec Security Response site      
SYN packet      
SYN scan      
Sysinternals      
SysInternals.com      
system access control lists      [See SACLs]
System File Checker (SFC)      
system hardening      [See hardening]
System time      2nd 3rd 4th
systems      
systime.pl      2nd
Tables      
TaoSecurity      
Task Manager      2nd 3rd
Task Scheduler      
tasklist/svc      
tasks.pl      
TaskScheduler module      
TCP (Transmission Control Protocol)      2nd
TCP connect() scanners      
TCP handshake      
TCP/IP      
Teddy Bear virus hoax      
Text files      
The Ultimate Collection Of Forensics Software (TUCOFS)      
Time      
time zone information      2nd 3rd 4th
time zone informoation      
Timestamps      
tlist      
tlist.exe      
to enumerate Registry key LastWrite times      
to file attributes      
to ports      
Tools      
tools for examining files      
tools for obtaining information about      
tools for retrieving      
Toptygin, Alexey      
touch.exe      
touch.pl      
Touch.pl Perl script to demonstrate modifying a file's MAC times      2nd 3rd 4th
Traffic      
traffic captures      
Transmission Control Protocol      2nd [See TCP] [See TCP]
trojans      2nd
troubleshooting      
TUCOFS      
TUCOFS (The Ultimate Collection Of Forensics Software)      
type argument      
tz.pl
Tz.pl Perl script demonstrating how to retrieve time zone information      2nd 3rd
ubiquitous Run key      
UDP (User Datagram Protocol)      
UltraEdit      
Unicode strings      
unnecessar resources      
unusal traffic      2nd 3rd 4th 5th
US Computer Emergency Response Team      
use lib      
User Datagram Protocol      [See UDP]
user information      2nd 3rd 4th
user privileges      
user rights      2nd 3rd 4th
user-mode rootkits      
useraudit.pl      
Useraudit.pl Perl script for retrieving user information      2nd 3rd 4th 5th 6th
users      
users.pl      2nd
Users.pl, a Perl script to list the user accounts on a system, their last logon date, the number of      
using Win32 API to retrieve file times      2nd 3rd 4th
UTC (Coordinated Universal Time)      
utilities      
ver.pl      2nd 3rd
Ver.pl Perl script used to retrieve file version information      
1 2 3 4
blank
Реклама
blank
blank
HR
@Mail.ru
       © Электронная библиотека попечительского совета мехмата МГУ, 2004-2024
Электронная библиотека мехмата МГУ | Valid HTML 4.01! | Valid CSS! О проекте