| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Windows registry forensics guide: Investigating hacker activities | |
|
||
| Time: 23:39 EST/04:39 GMT | News Source: WinBeta | Posted By: Kenneth van Surksum | ||
|
When analysing a compromised Windows system, investigators and system administrators can glean enormously useful information about attackers' actions by looking through the Windows registry, a hierarchical database storing tens of thousands of settings on a modern Windows box. Whether an outside attacker compromised the box, an inside employee engaged in nefarious activities, or malware inexplicably infected the machine, the Windows registry contains wonderful gems of information for investigators. In this tip, we'll look at what information investigators can gather about user activity via the registry. Next month, we'll focus on how investigators can pull useful registry information associated with the overall operating system. | ||
|
Write Comment
Return to News |
Displaying 601 through 615 of 615 Prev | First |
The time now is
2:38:17 PM
ET.
Any comment problems? E-mail us |
|
Write Comment
Return to News |
Displaying 601 through 615 of 615 Prev | First |
The time now is
2:38:17 PM
ET.
Any comment problems? E-mail us |
