Hello All I put up a quick followup to my tech segment on EP 236<http://pauldotcom.com/wiki/index.php/Episode236#Special_Guest_Tech_Segment:_Tim_Mugherini_presents_NTFS_MFT_Timelines_and_malware_analysis>on NTFS MFT Analysis. The followup is on parsing the NTFS $UsnJrnl during malware analysis and can be found here: http://securitybraindump.blogspot.com/2011/07/dear-diary-today-i-was-infected-with.htmlDon't hesitate to point out errors. Hope someone finds it useful.
For those of you in or heading the Vegas, don't do anything I wouldn't do (which means anything goes). Tim @bug_bear
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
