tag:blogger.com,1999:blog-9518042.post4428928811781873215..comments2024-03-16T07:01:22.721-05:00Comments on Windows Incident Response: New Tools and LinksUnknownnoreply@blogger.comBlogger2125tag:blogger.com,1999:blog-9518042.post-66847105421889315792011-01-22T12:25:12.643-05:002011-01-22T12:25:12.643-05:00Why am I in a meat dress?
It's funny how lin...<i>Why am I in a meat dress? </i><br /><br />It's funny how links like that work...I get people who apparently read the blog posts, but do not comment. By putting something like that in the post, every now and again I get an email from someone who asks about it. This is not only a way to find out that <b>someone</b> is reading these posts, but also encourage them to comment.H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.comtag:blogger.com,1999:blog-9518042.post-7668886365750348502011-01-22T12:20:42.893-05:002011-01-22T12:20:42.893-05:00I forgot why I am wearing the meat dress. Can you...I forgot why I am wearing the meat dress. Can you help me out? Why am I in a meat dress? <br /><br /><br /><br />On my team, we have to work with the newest stuff before there is any information about it. So we learn to be resourceful. The attack surface tool will be very useful to me in distangling all sorts of things. For example, some time in the next several months, I will be presenting on Windows 8 forensics. It is harder than most people imagine to thoroughly assess a new OS or application version for new or changed forensic artifacts. Tools like Process Monitor, the attack surface tool, and others, help tremendously.<br /><br />There is at least one new artifact in IE 9 that your readers should find interesting. The first person to find and post about it will get a genuine signed email from me. (That has to be worth something, right?)Troyhttp://redriverautographs.files.wordpress.com/2009/01/rock-bull-dwayne-the-rock-johnson-775398_1178_1319.jpgnoreply@blogger.com