Marcus J. Carey has uploaded videos from January 8th’s DojoSec event to his Vimeo account here.  I just watched Dale Beauchamp’s talk, “Practitioner’s Guide to Capturing and Analysis of RAM”, and enjoyed it.  It’s definitely worth watching, especially if you’re coming at this from the perspective of an incident handler.  He presents a few Windows memory imaging tools that can be run on a live-and-logged-in system, but a lot of the analysis also applies if you’re dealing with images created by msramdmp in a cold boot attack.


Dale Beauchamp – DojoSec January 2009 from Marcus J. Carey on Vimeo.

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

   
© 2012 McGrew Security Suffusion theme by Sayontan Sinha