Tuesday, May 25, 2010

Ubuntu Live CD As A Forensics Tool

Ubuntu is one of the best open source computer operating system based on the Debian GNU/Linux distribution. Ubuntu provides an up-to-date, stable operating system for the average user, with a strong focus on usability and ease of installation. The Ubiquity installer allows Ubuntu to be installed to the hard disk directly from the Live CD, without requiring the computer to be restarted prior to installation.

Among many benefits and functions of Ubuntu one function has not received much publicity and exposure. This pertains to data recovery using an Ubuntu Live CD. In this great tutorial Lifehacker has shown how to recover deleted files and partitions by using the Live CD.

According to the article the examined four tools can recover data from the most messed up hard drives, regardless of whether they were formatted for a Windows, Linux, or Mac computer, or even if the partition table is wiped out entirely.

Even otherwise Ubuntu is worth trying especially when it is open source and free of cost.

Thursday, May 20, 2010

Metasploit Version 3.4.0 Released

The penetration testing professionals must rejoice the latest Metasploit Version 3.4.0 release. This is a wonderful tool that can be downloaded from here. It has many crucial improvements from its predecessor.

Metasploit now has 551 exploit modules and 261 auxiliary modules. It has got a brute force support and the release includes several major improvements, especially to Meterpreter, which is one of the available shellcode modules.

Meterpreter is now claimed to be capable of switching seamlessly between 32-bit and 64-bit processes on compromised systems. The Meterpreter is a critical component of Metasploit in that it provides the ability to perform advanced post-exploit automation on a target system. The release has also added new Java and exploit automation technologies.

The version is still freely available though its professional and paid version is also available. Metasploit is used world wide for security and pen testing purposes. It is also part of many security distros like Backtrack ( may be in modified form).