DBAN — Securely Wipe Disk Drives

Posted by & filed under Forensics, Server Admin.

DBAN is a means of ensuring due diligence in computer recycling, a way of preventing identity theft if you want to sell a computer, and a good way to totally clean a Microsoft Windows installation of viruses and spyware. DBAN prevents or thoroughly hinders all known techniques of hard disk forensic analysis.

www.dban.org/

Memory Forensics

Posted by & filed under Forensics, Security.

Dumping out a image of the current memory set for further analysis seems to be a much better approach to finding hidden processes, open ports, etc.

 http://sansforensics.wordpress.com/2008/11/19/memory-forensic-analysis-finding-hidden-processes/ is a good article on it.

In a nutshell www.mandiant.com/software/memoryze.htm provides a suite of tools. Once he image gets dumped, you can analyze it with analyze.bat which will generate a XML file that you can import into excel for analysis.