[unisog] Incident Response Kit

SAWYER,JOHN H JSawyer at ifas.ufl.edu
Wed Feb 23 21:25:34 GMT 2005

> Knoppix for x86 and PPC - PPC one less useful Yellow Dog 
> Linux CD 1 - rescue mode can be used to examine OS X systems 

I would highly recommend Helix (http://www.e-fense.com/helix) and NST
(http://www.networksecuritytoolkit.org/nst/index.html) for Linux-based

> LADS Streams Some other windows tools

Also, check out Helix as it has excellent Windows tools included with an
autorun menu system.  It is designed specifically for forensic and
incident response.  You won't be disappointed.


John H. Sawyer - GCIH GCFW
Systems Security Engineer
UF/IFAS Information Technologies

More information about the unisog mailing list