To all-
Agile Risk Management is committed to advancing information security
concepts, technology, and techniques. As such, we have recently released
Nigilant32, a freeware Windows GUI Incident Response tool based on the
source code provided by Sleuthkit.
Nigilant32 is an incident response tool designed to capture as much
information as possible from a running system with the smallest potential
impact. Nigilant32 has been developed with Windows 2000, XP, and 2003 in
mind, and should work fine with computers running one of those operating
systems. Nigilant32 is beta software and may not work in all instances.
The third article in our series of "Nigilant32 For First Responders"
articles is "Active Memory Imaging". This article covers using Nigilant32 to
image the active physical memory (RAM) of the suspect workstation or server
to secure portable media. Make sure you download the article, as the last
pages contain a sneak preview of the current project being developed in the
Agile Research Lab.
We sincerely hope you find Nigilant32 useful, however please remember, it is
beta software therefore you should exercise good judgment when using it in
your IT environment.
Nigilant32, articles (as they are released), and modified Sleuthkit source
code (libsleuthkit) is available at
http://www.agilerm.net/publications_4.html
Warmest Regards,
Matthew M Shannon, CIFI, CISSP
Principal - Computer Forensics and Litigation Support
Agile Risk Management LLC
2202 N Westshore Blvd, Suite 200
Tampa, FL 33607
(M) 813.732.5076
(O) 1.877.AGILE13 (877.244.5313)
<http://www.agileriskmanagement.com/> www.agileriskmanagement.com
|
