2010-12-17

Technical Reading List update

Updating the technical reading list with some new books. No particular order.

2010-11-19

Volatility Mem Forensics IV–Putting it all together

To make things simpler, this article gives an overview of doing a Volatility run, and mentions some tools that can help automate things further.


Volatility Mem Forensics III–Using Volatility con’t

2011-4-27 Update: The following is for Volatility 1.3. You should be looking at Volatility 1.4. See blog entry on the subject.

This post continues the discussion of how to use Volatility. The strategy now shifts to looking for suspicious objects to obtain executable code samples that can be examined in detail.


2010-11-18

Volatility Memory Forensics II–Using Volatility

2011-4-27 Update: The following is for Volatility 1.3. You should be looking at Volatility 1.4. See blog entry on the subject.


Ok. Having read the previous posts, Volatility is now installed, and you have taken a raw memory dump. This post describes how to use Volatility.


Taking a dump of PC memory

This article describes some ways to take a raw memory dump of a Windows PC.


Volatility Memory Forensics I - Installation

2011-4-27 Update: The following is for Volatility 1.3. You should be looking at Volatility 1.4. See blog entry on the subject.


Memory Forensics has been a subject of major interest over the past year or so. This blog article describes my install experience with Volatility – a major memory forensics tool.

2010-08-24

Technical security reading list


Here is a quick list of some good books for technical security. In no particular order …


2010-01-18

Sony-Ericsson MD400G usb modem - Ubuntu - Rogers

I did a small project to get a Sony-Ericsson MD400G USB Broadband Data Modem running on Ubuntu to access Rogers.

This post gives the magic (but somewhat kludgy!) recipe.


2010-01-17

Tracing serial and USB ports on Windows

As part of a small project to get a USB broadband data modem working on Ubuntu, I needed to do a trace on Windows of the interaction with the modem on the serial port.