Not sure if many people are aware of what's going on with antiforensics, but I thought people here would be very interested in this
http//
I’ve done a little research into anti-forensics and can only see this area getting more sophisticated and much worse. Thanks for the link.
Thanks for that hogfly. I am new to computer forensics and wasn't aware of this anti-forensics project until now. The more I look into it the more difficult it all seems. It makes it hard to keep up with things when everyone is watching everyone… I just hope more resources are applied to this side of the problem than to their side. Just not enough hours in the day!
ChrisD
This is nothing new at all. The Metasploit link came out of Foster's presentation at the most recent Blackhat, but he'd had an earlier presentation with Mark Burnett in '04
http//
The more recent stuff is based on the original.
Also, I'd been presenting on a similar topic well before Jamie popped up. My tool for altering MAC times was also written in Perl, however, I accessed the actual MS API call as part of my demonstration.
The topic is hardly new…it's just that for some reason, Jamie's giving the anti-forensics a lot of attention without any significant work being done toward detection techniques.
H. Carvey
"Windows Forensics and Incident Recovery"
http//
http//windowsir.blogspot.com