[Dshield] Guidance Software hacked?

Chris Brenton cbrenton at chrisbrenton.org
Fri Dec 23 15:14:06 GMT 2005


On Fri, 2005-12-23 at 07:45 -0600, Frank Knobbe wrote:
>
> You do know that EnCase is a forensics image acquisition and analysis
> software, right? Do you expect them to image their servers on a daily
> basis and look for intrusions? 

Direct from their marketing slick: "integrate with select IDS systems to
complete the automated incident response equation. This integration
offers an unprecedented level of ___real-time information___"

So they are either pushing this as a feature and not actually using it
themselves, or there is a problem with the integration that caused the
incident to go unnoticed for a three week period or time. Would be cool
to know which it is.

HTH,
C




More information about the list mailing list