[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sectools
Subject:    Windows NT/2000 Incident Response Tools
From:       Elias Levy <aleph1 () SECURITYFOCUS ! COM>
Date:       2001-04-25 22:00:44
[Download RAW message or body]

From: Rob Lee <rob@KARRDE.COM>

All,

New Windows Incident Response tool released at www.incident-response.org.

Great tool just released that will attempt to collect information on Windows
2000/NT systems like TCT does for UNIX based operating systems.  This is just
the first release, more will follow.  The author John McLeod, can be reached
at his email address mcleodjp@yahoo.com

The Incident Response Collection Report (IRCR) is similar to The Coroner's
Toolkit (TCT) by Dan Farmer & Wietse Venema.

IRCR is at www.incident-response.org under the tools section.

This program is a collection of tools that gathers and/or analyzes forensic
data on a Microsoft Windows system. You can think of this as a snapshot of
the system in the past. Like TCT, most of the tools are oriented towards
data collection rather than analysis.

The idea of IRCR is that anyone could run the tool and send the output to a
skilled Windows forensic security  person for further analysis.

Thanks,

Rob Lee
www.incident-response.org

[prev in list] [next in list] [prev in thread] [next in thread]