[unisog] FRISK/IR RC1 Released

four four at gwu.edu
Tue Apr 12 21:46:26 GMT 2005


Hi Everyone,

Last week I gave a talk at the Educause Sec05 conference entitled "Modern  
Incident Response Tools and Techniques". During this talk I released a  
tool that I have been working on for the last few months called FRISK (the  
Forensic Response and Incident Support Kit). Since it seemed to have a  
good reception I thought I would share the release with the general  
university security community. Here is a brief synopsis of its features:

FRISK is designed to facilitate the process of incident response in a  
University or large enterprise. It is designed to be run on a host by  
personnel of any skill level. Here are the key features:

Flexible HTML Template-Driven Output System
Secure Uploading of Results to a Central Location
Robust Plugin Architecture
Forensically Sound and Fully Automated (Never a write to local disk unless  
forced - can be run from CDROM)
Open Source, Perl Based
Perl (or any other installation) not required on the host
Clean Code and easily extensible....

FRISK helps your enterprise perform live incident response more quickly,  
and helps you, the security professional focus on what is important - the  
results.

While I do realize that there are other tools out there, none that I have  
seen are designed to be as extensible and customizable as FRISK. My goal  
is to build a tool with a community like Nessus or Snort for incident  
response, driven by community contributions of plugins, so that we, as a  
university community, can easily stay abreast of new threats.

The current version of FRISK supports only Windows-based platforms.  
However, it is a primary goal of the project to support UNIX/Linux  
platforms in the near future.

The release has some documentation, and includes a Perl distribution so  
that you can get up and running quickly and easily. Please post any and  
all questions to the relevant FRISK project forums.

Thank you very much,

Project Page
http://www.sourceforge.net/projects/frisk

Screenshots
https://sourceforge.net/project/screenshots.php?group_id=132688&ssid=10471

John "Four" Flynn
Information Security Engineer
Intrusion and Forensic Specialist
Information Systems and Services
The George Washington University


More information about the unisog mailing list