My articles in Chmag
Well its a late announcement phir bhi
My articles have been posted in Chmag on forensics for Matriux Vibhag, More to come yet
Forensics Part-I — Introduction and Acquisition
Foreniscs Part-II — Analysis
Forensics Part-III – Analysis part II have to be published , article submitted 🙂
Your Comments and suggestion will make my articles more interesting and knowledge sharing stuff . Please give the feed back after go through them :).
 |
| First Indian Security and Hacking Magazine |
Articles related to Forensics
Hi friends,
Here is some of the interesting Forensics articles, More coming soon
Linux live forensics
http://www.symantec.com/connect/articles/forensic-analysis-live-linux-system-pt-1
http://www.symantec.com/connect/articles/forensic-analysis-live-linux-system-pt-2
Analysis of Stuxnet using System internals
http://blogs.technet.com/b/markrussinovich/archive/2011/03/30/3416253.aspx
http://blogs.technet.com/b/markrussinovich/archive/2011/04/20/3422035.aspx
http://blogs.technet.com/b/markrussinovich/archive/2011/05/10/3422212.aspx
Stuxnet’s Footprint in Memory with Volatility 2.0
http://mnin.blogspot.com/2011/06/examining-stuxnets-footprint-in-memory.html
Prefetch files at Face Value
http://crucialsecurityblog.harris.com/2011/04/11/prefetch-files-at-face-value/
Virtual Machine Data recovery using Open VMFS Driver
Credits::
All the credits will go for the respective authors of the posts , i am only sharing the data .
Personal
Hi
This blog will be of my personal and official experiences.
Virtual Presence in Words
Hi friends,
I Started with my words in word press. As all the blogger are starting with word press and the most interesting topic in some security meets is word press security , I am starting the blog to check the updates , I know I am late to start this but there is old saying “Something is better than nothing” 🙂 .
You can get my details here
Registrations Open for nullcon Dwitiya
CHMAG
In India we were waiting to see any ‘hacking’ magazine to happen and the wait was getting little longer. So finally ClubHack decided to come out with its own 1st Indian “Hacking” Magazine called CHmag. We at ClubHack are very much excited about the magazine and this fits into our main objective of making hacking and information security a common sense for a commn man.To start with we have the sections below. We hope to add a lot of sections in future, all we need is input from you on what would you like to see in your magazine Moving further we need a lot of help form the whole information security community of the country to make this a success.
ClubHack magazine which has 11 issues till date u can check www.chmag.in for the issues.Its a free magazine to get and to contribute if you have any new ideas / want to share any new technologies with security enthusiasts u can send here it will printed in the magazine if the topic has the stuff and We at ClubHack aremore than thrilled about the magazine and this fits into our main objective of making hacking and information security a common sense This magazine is divided into the following sections:
0x00 Tech Gyan of the month
0x01 Legal Gyan of the month
0x02 Tool Gyan of the month
0x03 Command Line Gyan of the month
0x04 Mom’s Guide of the month
0x05 Awareness Poster of the month
We hope to add a lot of sections in future, all we need is input from you as to what you would like to see in your magazine
Recent CHmagazine issue
Hope you enjoy the magazine and get the knowledge .
Support is the need for the development.
by
CHTeam.
KERNEL the heart of operating system
Will Linux and windows use same kernel?
How can we update our kernels in windows?
What details can we get in kernel?
Another Process to identify your kernel details by using System Internals tools like WinDBG. Open a local Kernel version using debugging session type “List Module” to list the details for the kernel image.
*please be sure the symbols are present.
We can check Product Type and Product Suite under HKLM/System/Current Control Set/Control/Product Options > Product Type and Product Suite.
Kernel is purely works on the base of HAL (HAL is a layer of code that isolates the kernel, device drivers, and the rest of the Windows executive from platform-specific hardware differences).
Linux and windows use different Kernels
By changing / upgrading our operating systems we can change the kernel versions till now Windows vista have WinNT and Windows server 2008 have Lanman NT / server NT as a product ID.
We can use tools like SIPolicy and Windows Driver Kit to get more details about Kernel.
