Forensics Made Easy with Memoryze

Researchers have devised a new more efficient way to glean attacker information from a machine’s physical memory, which often contains valuable bits of information that can help get to the bottom of a breach investigation case. The new physical memory forensics feature is now part of Mandiant’s free Memoryze tool. Previous forensics techniques attempted to […]

Windows 7 Black Screen

I just got word from Microsoft that the supposed patch that causes Windows 7 Black Screen is bogus and inaccurate. * Microsoft has found these reports to be inaccurate. Comprehensive investigation has shown that none of the recently released updates are related to the behavior described in the reports. Microsoft’s support organization is also not […]

Windows FTP Firewall Settings

Ever get problems with listing the FTP directories after a successful login? Ever have it hang on you? I found the solution to this problem and a great explanation as well on this site: In essense, in my case, it was a firewall problem. It wasnt enough to just allow the FTP port 21 […]

How DOS can lead to SPF Failure

DOS = Denial of Service attacks, typically but not exclusively done using larger bandwidth against a bandwidth limited victim SPF = Sender Provider Format , a system to ensure that spoofed emails (masquerades) are not accepted. It all started when I got spoofed emails on my Inbox coming from my own email address! Since I […]

Consolidating Event Monitoring

One of my clients already has SNMP server and Network-wide monitoring. Their problem is that they recently had a conficker malware attack. A lot of this registered on microsoft Domain servers as invalid login attempts. These failed login attempts did not show up on their syslogs. So my task was to find a way to […]