[THIN] OT - Win2k Forensics

• From: "Ryan Lambert" <rlambert@xxxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Wed, 30 Jul 2003 08:23:57 -0400

Anyone out there with a security background able to answer this
question:

 

I'm trying to determine when a file was actually created, since the
attributes say the year 2024. The system clock has never been wrong on
this box, so I cannot see this being the case. 

 

Considering what is IN the file, I would say whoever generated these
logs used some type of access gained to change the attributes so that it
was harder to track back to a time to this particular exploit.

 

--

Ryan Lambert

Systems & Network Engineer

NetSource

1242 East 49th Street

Suite 0503B, Third Floor

Cleveland, OH 44114

Ph/Fax: 216-373-2757

http://www.netsourceit.com

 

 

Other related posts:

• » [THIN] OT - Win2k Forensics
• » [THIN] Re: OT - Win2k Forensics
• » [THIN] Re: OT - Win2k Forensics
• » [THIN] Re: OT - Win2k Forensics
• » [THIN] Re: OT - Win2k Forensics
• » [THIN] Re: OT - Win2k Forensics
• » [THIN] Re: OT - Win2k Forensics

1. Home
2. thin
3. Archive
4. 07-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---