Let's not forget TripWire http://sourceforge.net/projects/tripwire/ "Open Source Tripwire software is a security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems."
On Tue, Jul 28, 2009 at 11:56 AM, Tim Mugherini<[email protected]> wrote: > Very Nice. Does Autopatcher allow you to manually copy over patches (already > have many downloaded)? > > To add some: > > Again Sysinternals Tools: Process Monitor, PSTools, TCPView > Kiwi Syslog Server & Viewer or comparable, Mandiant Highlighter > Nessus - Home Feed of course > Dumpsec - NTFS File Permission dumper > Your favorite free sniffer - Wireshark, etc.. > MRTG - Router bandwidth monitoring > AVG or other decent free AV > Snort > > > > > On Tue, Jul 28, 2009 at 11:05 AM, Carlos Perez > <[email protected]> wrote: >> >> 8 GB stick prepared with >> autopatcher http://www.autopatcher.com/http://www.autopatcher.com/ I would >> have patches for all versions of windows. >> I would also place portable firefox, and xamp in case i need to migrate an >> apache LAMP server to an updated version since I have seen a trend of >> putting apache on windows in this competition, also place several pre-made >> security templates for use with GPO or local application, URLscan installer >> and pre-made urlscan.ini files. Komodo free firewall installer and the NSA >> cisco templates, acl templates, Nipper for checking the cisco equipment >> config quickly and some pvaln sample configs. Keepass for password storage >> and generation. >> that is what comes now to mind. >> >> On Tue, Jul 28, 2009 at 8:54 AM, John Strand <[email protected]> wrote: >>> >>> Please! PSW land! Share your Blue Team tactics! >>> What tools, scripts, and techniques do you use as part of Incident >>> Response and Blue Team Activities? >>> I have sat in on one to many Red/Blue/CTF games where the Red team gets >>> Core, Canvas, Metasploit, Nessus, Satan, Sara, Cain and Able, Ettercap, >>> Dsniff, Hydra, 0phcrack, Nmap, BT4 and various torture techniques (including >>> IronGeek's rubber hoses) and the the Blue team gets.... >>> "An un-patched Windows 2000 box and a slew of un-patched software!!!!!'' >>> Please see the following video for reference: >>> http://www.youtube.com/watch?v=Y77n--Af1qo >>> Yea.. Thats right.... As of today the Blue Team is what you get assigned >>> to when you are caught stuffing peas up your nose. >>> This stops today!!! >>> There are a few rules. Tricks and scripts must be able to run at the >>> command line of your operating system of choice and all tools must be >>> freeware or open source. >>> Thats it!!! >>> Look, the Blue Team can rock!!! So please share your tricks. >>> I am going to collect and add to them so we have a solid list and this >>> will serve as the playbook for the Blues going forward. >>> Be expecting this on the PDC site soon. >>> strandjs >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
