Threat Level: green Handler on Duty: Rick Wanner

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
We continue to see active exploitation against MS15-034. But nothing different from yesterday, so back to Infocon Green for now. Internet broken as usual.

Memory Forensics Of Network Devices

Published: 2015-04-17
Last Updated: 2015-04-17 10:13:18 UTC
by Didier Stevens (Version: 1)
0 comment(s)

Memory forensics of PCs has become a popular forensic method, and has made great progress the last years thanks to the hard work of many researchers and open-source developers. But what about memory forensics of network devices? Like IOS routers?

In 2008, Felix Lindner presented on Cisco IOS Forensics, and years later, he open sourced his CIR tool.

Together with Xavier Mertens, we have 2 Cisco routers available to you to experiment on with my Network Appliance Forensic Toolkit.

We want to promote practicing and researching network device memory forensics, and started the Router Forensics project. I invite you to take a look, and if you are interested, you can reserve a spot on one of the online Cisco routers to practice memory forensics.

0 comment(s)
ISC StormCast for Friday, April 17th 2015 http://isc.sans.edu/podcastdetail.html?id=4445
Diary Archives